Cloud

.NET Aspire configuration patterns

September 09, 2024  10 minute read  

If you recall my last article, I transitioned my working application to .NET Aspire. This opinionated pattern allows me to run a complete microservice application within Docker Desktop, but then seamlessly deploy to Azure Container Apps and other platform services with the same code base. This is a great productivity boost for a developer. My current project builds an OIDC identity service that has both username/password (local) authentication and social logins like Google and Facebook. To ...

Local development for the cloud: Transitioning to .NET Aspire

September 05, 2024  13 minute read  

I’ve been working on a new project recently. It requires that I work with microservices and containers as it will eventually be runnable on either Kubernetes or (more likely) Azure Container Apps. My latest task is to get ASP.NET Identity working with PostgreSQL. In order to properly debug the code, I need the ASP.NET bits to be running locally. But to integrate with PostgreSQL, I need to set up containers and docker compose. This all feels like “too much work”. Wouldn’t it be amazing if...

Build a Blog: Going to production with Azure Static Web Apps

June 08, 2024  4 minute read  

I’m almost ready to take my Static Web App to production and make it public. However, there are a few things that I want to make sure I do before going to production. This is true of any application hosted in the cloud, so it;s a good reminder of things to think about. This post is part of a sequence showing how to deploy a blog on Azure Static Web Apps: Deploying Azure Static Web Apps Configuring Azure DNS Configuring Static Web Apps Custom Domains Taking Static Web Apps to Pr...

Build a Blog: Custom domains for Azure Static Web Apps

June 07, 2024  8 minute read  

In my last post, I registered a DNS domain name and set up Azure DNS for it. I want my blog to use that domain name, so I need to set up a custom domain in Static Web Apps using Azure DNS. Of course, nothing is that simple. My blog uses repeatable deployments via Azure Developer CLI, so there is a little bit of extra work to do. This post is part of a sequence showing how to deploy a blog on Azure Static Web Apps: Deploying Azure Static Web Apps Configuring Azure DNS Configuring ...

Build a Blog: Set up DNS in Azure

June 06, 2024  4 minute read  

Today, I’m continuing on the job of setting up a new blog. I’ve now got three blog posts, so that’s enough for me to consider what I need to do for production. I don’t have a domain yet, so this post is all about setting up the domain. This post is part of a sequence showing how to deploy a blog on Azure Static Web Apps: Deploying Azure Static Web Apps Configuring Azure DNS Configuring Static Web Apps Custom Domains Taking Static Web Apps to Production Step 1: Pick a name Wh...

Build a Blog: Deploy Azure Infrastructure three ways

June 05, 2024  16 minute read  

For most developers, dealing with the infrastructure part of the job is hard. I like to say “give me a database and a web site” and prefer not to get into the other requirements like DNS, security, and multi-region reliability. My web sites and other cloud projects (including this one) are pretty open. So, what’s the minimum I need to know to deploy stuff on Azure? How can I get my project deployed on Azure for development with the minimum of hassle? This post is part of a sequence show...

Create an App Registration for RBAC with PowerShell and Microsoft Graph.

January 19, 2024  5 minute read  

I’m currently working on some automation within Azure to deploy a hub-spoke web application. This web application authenticates with Entra ID using an App Registration and Role-Based Access Controls (RBAS) using App Roles. So, I need to create an app registration, enterprise app, and create the app roles. Seems easy, right? Get an access token Since this is part of a deployment, I’m going to assume the user has already connected to Azure using Connect-AzAccount and selected a subscriptio...

Deleting Azure resources the right way.

July 12, 2023  3 minute read  

If you are an Azure developer, you likely spin up an application, do some work, then shut it down again. However, shutting down resources and deleting them has an order to them. If your service is network isolated (in a virtual network), then you can’t delete the application until the private endpoints are shut down. Budgets don’t get deleted with the resource group. Diagnostic settings can’t be deleted if the resource no longer exists. There is an order you should do things: Private...

Purge Azure API Management soft-deleted services with ease.

January 20, 2023  4 minute read  

I work a lot with Azure API Management, which means I turn up and down services quite a few times a day. Azure API Management has an awesome feature that prevents you from accidentally deleting a service, called soft-delete. Instead of immediately deleting the service, it marks it as soft deleted and purges it later on. Unfortunately, that means that you can’t immediately reuse that service name. In production, this is a great thing to have. In development, it turns into a pain. That’s b...

Type-checking Bicep arrays and objects

November 28, 2022  3 minute read  

As you may have guessed by now, I’m delving heavily into the world of Bicep right now, mostly in order to describe the infrastructure for my personal projects in a readable way. JSON and YAML (used by ARM) is most definitely not readable for the average consumer. Part of that work was learning about bicep modules, which I love for modularizing my code. However, there is one distinctive problem with this. Let’s take an example to show off the problem. I have a bicep fragment that looks li...

Bicep, loops, and defaults

November 21, 2022  3 minute read  

I’ve been playing around a lot with bicep recently. I like it because it is much more readable than ARM templates and lets me modularize my deployments easily. Recently, I was writing a module for creating named values in Azure API Management. Here is my service.bicep: @description('The name of the API Management instance to deploy this API to.') param serviceName string = 'apim${uniqueString(resourceGroup().id)}' @description('Location for all resources') param location string = resourc...

Top Ten things to consider when taking your GraphQL service into production

November 07, 2022  9 minute read  

It’s a somewhat well-known facet of development that we don’t consider production problems until it is too late in the development cycle. When we look at taking a Web API into production, we use API management solutions to provide protection, control, and visibility into our APIs so that we ensure we don’t get woken up by a production outage. The things we need to consider are well understood in APIs in general, but what about GraphQL? GraphQL is a developers dream when it comes to tooling....

Build a GraphQL API on Azure API Management using Bicep

October 10, 2022  5 minute read  

When I build a service in the cloud, I describe the infrastructure as a blob of code. There are lots of solutions out there for this. Azure has the Azure Resource Manager (or ARM), which has it’s own JSON or YAML format, for example. Terraform is cross-cloud capable, as is the Serverless Framework. Since I mostly work in Azure, these days, I’be been working more and more with Bicep for my Infrastructure as Code standard. Bicep uses declarative syntax to deploy Azure resources (much like ...

Building a serverless MUD infrastructure in Azure

August 25, 2022  12 minute read  

If you went to college back in the 1980’s or 90’s and studied computer science, then it is likely you bumped into the MUD (multi-user dungeon) craze. Back then, computer science was different. The primary languages were the languages of the day - Pascal and C were big. We had access to UNIX systems and would write text-based multi-user games that users would telnet into to get access. We didn’t have the web back then. I learned a lot from writing a MUD - from parser design to network comm...

Building repositories for Azure Mobile Apps with ASP.NET 6

November 12, 2021  7 minute read  

Over the last four days, I’ve delved into how to build a data sync service using Azure Mobile Apps on ASP.NET Core 6. I’ve covered the template, authentication, authorization, and logging. The basic setup is really good when you have a 1:1 relationship between the table and the DTO and you don’t need to do anything special, like support a non-EF Core ORM, or integrate real-time alerting. There are all sorts of reasons you don’t want to use the standard repository. So you get to write your...

Logging and Options for Azure Mobile Apps with ASP.NET 6

November 11, 2021  2 minute read  

Over the past three articles, I’ve covered a lot of the ins and outs of a typical Azure Mobile Apps service. I’ve covered scaffolding, authentication, and complex authorization. There are just a few more topics to cover on the basic cases. Logging One of the big areas is logging. You obviously want to see what the library is doing when it is running, especially because it is running unattended all the time. Fortunately, it’s an ASP.NET Core application, which means logging is built-in. ...

Controlled access for Azure Mobile Apps for ASP.NET Core

November 10, 2021  5 minute read  

In the last two articles, I’ve gone over how you can create a basic datasync service and add authentication to the service. What if you want to do something more complex? Authorization that is an on/off switch is reasonable as a first pass, but rarely allows you to handle the cases you actually need to implement. Introducing the Access Control Provider To handle cases where your needs are a little more complex, we’ve introduced a new interface: IAccessControlProvider<T>. This requi...

Add authentication to Azure Mobile Apps for ASP.NET Core

November 09, 2021  3 minute read  

In my last article, I introduced the new ASP.NET Core edition of Azure Mobile Apps, including how to set up Entity Framework Core and in-memory stores. Today, we are going to introduce simple authentication. What do you need to do to secure your entire API? We’ll cover more complex authentication schemes (such as protecting a single API, or doing DTO transforms based on the identity of the user) next time. Azure App Service Authentication Azure App Service includes a feature that most pe...

Introducing Azure Mobile Apps for ASP.NET 6

November 08, 2021  8 minute read  

It’s release day for .NET 6, and I couldn’t be happier to introduce Azure Mobile Apps for ASP.NET 6 being released on the same day. When I started developing the new code-base, I had several aims: Backwards compatibility with the older clients. Develop for ASP.NET 6 so I can develop anywhere - Windows, Mac, or Linux. Actually run anywhere - containers, App Service, or even a VM. Bring your own authentication provider and database provider. That meant some radical changes in the w...

Adding an API Key to Azure Mobile Apps with API Management

June 29, 2021  3 minute read  

I’ve written in the past that API keys are not security. They do not authenticate the app or user and they are easily interceptable (or extracted from distributed mobile apps). Despite that, that are good for a bunch of things, including figuring out which version of the app is being run, and ensuring that a certain version of the app you are running is using a specific backend or a specific set of policies. API keys are useful. I’m continually asked to support API keys. They are super-s...

Service Routing for Azure Mobile Apps with API Management

June 15, 2021  6 minute read  

Todays topic is “how do I upgrade the service backend to support the new ASP.NET Core service without affecting my current customers?” Let’s assume, for a moment, that I have already created an API Management service, and added caching to my API. Finally, I’ve adjusted the client application so everything is routing through the API Management service instead of direct to the backend. Azure Mobile Apps uses a header to indicate the version of the protocol that is in use. This head (ZUMO-AP...

Enabling caching for Azure Mobile Apps with API Management

June 11, 2021  7 minute read  

In my last article I introduced API Management and showed how it can be used to provide a front door to the REST API that is exposed by Azure Mobile Apps. What I implemented was a simple pass-through. It didn’t support authentication, and if a link was returned (for example, the “next-page” link in a query result),it pointed right back at the original source. It wasn’t much of an improvement. I’m going to change that today with a couple of improvements: Caching of read-only results. ...

Using API Management with Azure Mobile Apps

June 08, 2021  6 minute read  

Over the years, I’ve been asked for several features within Azure Mobile Apps that I’ve been reluctant to support out of the box. Azure Mobile Apps provides a toolkit in the context of the Node.js and ASP.NET Framework environments, so you can - theoretically - provide a lot of this functionality yourself. You can also use external services to provide that functionality. This is the start of a new series of blogs about Azure Mobile Apps, and my first foray into using Azure API Management t...

Choosing a hosting option for your web app in Azure

March 10, 2021  6 minute read  

Azure, like all the other clouds, has a plethora of mechanisms for getting your web site published. You have Static Web Apps, Azure App Service, Azure Blob Storage, Web Apps for Containers, and then there are the compute ones like virtual machines, and Azure Functions. It can be a little overwhelming. For this analysis, I’m going to assume you want to deploy a stand alone web site - either straight HTML, CSS, and JavaScript or a React, Angular, Vue, or similar app. I’m going to break it d...

Deploy your React app to Azure

April 04, 2020  7 minute read  

I’ve got to the point with my template where I am thinking about deployment options. There is already a great option (the gh-pages module) for deploying to a github.io site. However, I am going to be running most of my services on Microsoft Azure. I want to deploy my service automatically and copy the web application to a web site on Azure. Just like AWS, you can deploy a website directly to Azure Storage. This is a great option if you just want cheap web hosting plus the option of consu...

Reducing the deployment size of your JavaScript Azure Functions

January 12, 2020  1 minute read  

I’m doing some Azure Functions development in JavaScript at the moment, using the new azure-functions-core-tools. One of the features it has is command line publication, like this: $ func azure functionapp publish my-function-app I have a single function right now (called ping). Running the publish step creates a ZIP file: $ npx func azure functionapp publish my-function-app Getting site publishing info... Creating archive for current directory... Uploading 187.62 MB [##--...

Deploying an Azure Function App with Terraform

October 23, 2019  7 minute read  

You may have caught this from my previous blog posts, but I like automated deployments. I like something where I can run one command and magic happens, resulting in my whole deployment changing to a new state. I’ve recently been looking around at options for Azure, checking out Serverless Framework, Azure Resource Manager (ARM), and others. My favorite thus far has been Terraform. These are the instructions for deploying a basic Azure Function app with TypeScript code from start to finish...

Building an efficient Logger in TypeScript

June 30, 2019  6 minute read  

Just about every project needs a logging system. In the early days of development, you need to output data to the console so you aren’t setting breakpoints in your code all over the place (or you are running the code in the browser, where breakpoints are more difficult). Later on, you want logging to let you know where people are spending their time, or how much usage a particular feature gets. It also helps with diagnosing problems early so that you can get ahead of the issues. There are...

Where do you start with GraphQL? I asked four engineers

February 06, 2019  6 minute read  

There has been a lot of discussion on GraphQL. In time, it may rank up there alongside REST as a defining protocol for client-server computing. It is at least trending that way right now. REST has got longevity going for it — years of top engineers thinking about the best ways to structure a REST-based API and thoughts on how to handle it. GraphQL hasn’t got the longevity. It does, however, have senior professional developers who constantly think about APIs and development in order to answer ...

What AWS service should you use to publish a web site?

January 31, 2019  4 minute read  

There are at least five different services you can use to publish a web site on AWS: Amazon S3 + Amazon Cloudfront AWS Amplify Console Amazon Lightsail AWS Elastic Beanstalk Do-it-yourself compute / storage / network stack Which one of these do you choose? Well, “it depends” is a great answer to this question, but I hope that this article will demystify the strengths of each choice and give you a roadmap to make a choice. This article is not designed for the person who knows a ...

The three ways to execute a GraphQL query from React with AWS AppSync (and how to choose)

January 15, 2019  5 minute read  

AWS AppSync is a managed GraphQL service that can (and probably should) act as the data layer for your app. I want to take a look at how you can send a query to AWS AppSync from your React (or React Native) app. You have three basic choices: Include a query within a component using AWS Amplify. Wrap your query in the Connect component using AWS Amplify. Use the Apollo Client with the AWS AppSync SDK. Which do you choose depends on what your needs are. There is no “one size fits all”...

Early return from GraphQL Resolvers with AWS AppSync

January 03, 2019  3 minute read  

I am currently developing a “reviews” app, written in React Native and using a suite of services surrounding AWS AppSync for the data backend. Yesterday, I ran into a problem. This is how I solved that problem. First, let’s take a look at the problem. I have a query that is submitted like this: { me { id name locations { totalCount } reviews { totalCount } favorites { totalCount } } } The query is used to generate a header on a “My Information” page. Eventually, I’l...

Handling File Uploads with AWS AppSync

December 18, 2018  9 minute read  

GraphQL does not handle files. It may seem an obvious statement, but it needs to be said. GraphQL does not handle files. It handles structured data. Which isn’t to say that GraphQL does not have a role to play within file handling — just that the upload and download of files needs to be done outside the confines of GraphQL. In this article, I’m going to present one way that you can handle the upload and download of files whereby the URL of the files are presented via GraphQL using AWS AppSy...

Backend GraphQL: How to trigger an AWS AppSync mutation from AWS Lambda

October 26, 2018  14 minute read  

This blog will explore a technique that opens up a whole new world of possibilities for notifying clients of results within a serverless application. Let’s say you have built a nice mobile and web versions of a chat application that uses a GraphQL API built on top of AWS AppSync. Users authenticate with Amazon Cognito user pools Users table is stored in DynamoDB Changes to the users table are communicated to the app via subscriptions How does the users table get updated? A naive a...

Build a GraphQL Service the easy way with AWS Amplify Model Transforms

August 29, 2018  8 minute read  

Creating a functional GraphQL API is hard. You have to create a GraphQL schema, decide on authentication and database structures, implement the schema in a GraphQL service, wire up the authentication, hook up the database sources, ensure the whole thing is scalable, worry about logging and monitoring, and then write your app. AWS AppSync helps you with everything except the GraphQL schema and the app. Now, AWS Amplify is helping you with the GraphQL schema by introducing model transforms. Th...

How to deploy a GraphQL API on AWS with the Serverless Framework

August 14, 2018  8 minute read  

In previous posts, we’ve explored how to deploy a GraphQL service based on AWS AppSync and Amazon DynamoDB using AWS CloudFormation. The articles reinforce how automatic and repeatable deployments are central to moving towards a DevOps mindset. However, there are a few problems with the AWS CloudFormation template. The most notable issue is the inability to separate the schema and resolver mapping templates from the actual CloudFormation template. Overcoming this obstacle requires developers...

Build a GraphQL Weather API with OpenWeatherMap and AWS AppSync

July 20, 2018  6 minute read  

I love GraphQL even for the small apps. Generating a simple API allows me to change out back end details without re-compiling my front end. It also allows me to rotate API keys easily, handle authentication, and get in depth monitoring of the individual fields being used. So, naturally, when I am building a new weather app (don’t judge — everyone makes one), I naturally want to use a weather API based on GraphQL. Except there isn’t one. So I created one using AWS AppSync — a managed offline ...

Build a Universal Search API with GraphQL and AWS AppSync

June 19, 2018  5 minute read  

Have you ever looked at a feature of a mobile app and wondered how they do something? Me too! I like to figure out how they built those features and build them into my own apps. Take, as an example, universal search. You can find this sort of search box at the top of the Facebook app. So, how do they implement it? I’ve not seen their codebase, but I imagine it’s something similar to the following proof of concept. The schema I have a GraphQL API already built within AWS AppSync with the fol...

How developers can authenticate and authorize users with AWS AppSync

June 01, 2018  7 minute read  

AWS AppSync provides four distinct methods of authorizing users to optimize and restrict data being transferred AWS AppSync is a managed GraphQL data service that supports offline and real-time scenarios. The service allows the developer to optimize the data transfer between client and server. Any non-trivial application will need to authenticate users. It’s the only way to identify a distinct real person using the application. That association is required for private data storage and c...

Building a service in the Cloud

May 08, 2017  7 minute read  

I’ve been thinking about providing services in the cloud for a few years now. A common question I see time and time again is this: “What pieces of the cloud do I need to build my solution?” The answer is always “it depends.” This post is about those options. A service – whether it be a mobile backend, web server or public API – generally has different kinds of content. A web site, for example, will have images, stylesheets and other static content. However, that same web site may als...