Creating an Reading Ledger Entries in Azure Confidential Ledger

In my previous article I gave an introduction to Azure Confidential Ledger. In this article I am trying to publish a .NET code sample. There is already an example in MSDN which is not working as expected. Therefore I tried to build one while exploring API.  

I have created a .Net 6.0 based console application and will be using the default Program.cs class. 

Following Nuget packages are required to be installed. 

First get the ledger Uri, Collection Id and a console input as a message to be published. 

Getting started with Azure Confidential Ledger

Azure Confidential Ledger is one of the most interesting Confidential Computing offering on Azure. It offers you the capability store data in a secure blockchain with private and public ledger type options. In the back of it, it uses blocks in blobs stored in Azure Storage Account. Data in transit is secured with TLS 1.3 and allowed via verified certificate users as well as Azure AD users. 

Currently you can have Administrator, Contributor and Reader access levels assigned via Azure RBAC. Confidential Ledger runs on Trusted Execution Environments (TEEs) of Azure Confidential Computing. All the administrators and cloud providers are kept outside a Trusted Computing Base and it prevents anyone having access. 

4 Takeaways from Azure Savings Plan for Compute

Purchasing consumption in advance can be extremely effective not only considering the large discounts get applied. With the business market trends that are fluctuating and swinging at such an unpredicted fashion and the market forces are unknown to which be accounted in, having a 3 year predictability is a bonus. Reserved instances have been very helpful with Azure but it came with certain limitations. Here are my top 4 takeaways from Azure Savings Plan for Compute. 

1. More flexibility over Reserved Instances

Reserved instances came with a few restrictions that were not much capable of moving things around. Even some of the available flexibility will be reduced by next year. Savings Plan for Compute can be activated at many different scopes and can be changed even after purchase. Also it allows using a vast range of services ranging from Azure Functions (Premium, Dedicated) to VMs to VMSS. 

Nevertheless, Reserve Instances are unannounced to be decommissioned anytime soon.

Service Connectors in Azure App Services

Are we ready to say bye to the connection strings when connecting to a database? Yes we were when the managed identities came in. It reduced the hassle of storing connection strings with passwords and provided the opportunity for the infra team to set them up. All the developers have to setup is the url and the authentication mechanism. 

Service connectors just allow regulate these connections in a much better way. It is a feature add-on that available for App Services, Container Apps and Spring Apps. There are multiple targeted services that include DB services and necessary Azure services. 

Creating a connection in Portal is simple as a few clicks. Although the same can be done with Azure CLI.

What makes Container Apps easier to begin?

Containers will play a major role in enterprise application development in the years to come. Although the terms enterprise and containers together had much love-hate relationship over the skill gaps with container operations such as Kubernetes, that gap has been significantly reduced with the introduction of cloud capabilities such as Azure Kubernetes Services(AKS). 

It still makes it difficult as orchestration is still a learning curve. This is simplified with the recent release with the Azure Container Apps. I see quite a lot of advantages over other options for hosting containers. 

1. Easy to begin.

2. Networking boundaries can be defined. 

3. Ingress can be controlled. 

4. Revisions can be managed. 

Azure Compute Decision Tree Simplification for Modern Applications

Azure Compute Decision Tree is a simplified decision making assistant that lets you decide which compute resources to choose based on your compute requirements. It is a comprehensive decision tree considering the lift and shifts and new developments. But developing new applications are much simpler given most services support multiple runtimes as well as containerisation. 

Azure Functions

Ideal for event-driven short live processes such as HTTP requests, multiple service triggers or simpler schedulers. Gives you ability to host as managed code as well as containers. So if you are thinking of long term expansions, containers is an option to consider. 

Functions is a famous option when you pay for number of executions which is available with Standard pricing. But if you need to extend networking you have to select another pricing level. 

What are CIS Hardened Images on Azure?

Center of Internet Security (CIS) is a non-profit organisation that is intended to provide best practices. related to security threats. They do provide benchmarks and standards that are industry accepted and can be used to ensure the cloud resources are secured to a greater extend. CIS has worked with leading cloud vendors to bring the Virtual Machine image templates that. 

You can browse them in the Azure Marketplace via here.