One aspect of security which I find interesting is Client Certificate Authentication. It may sound a bit old school to send along a certificate with your request, with the JWT authentication methods that are in fashion for the past years. However I think it still has a valuable purpose to fulfill.
Author: Wouter Fennis
Using the Archimate motivation layer
How often did you ask yourself during a project: “Why am I doing this again?”. You have to take a step back, zoom out of the technicalities and look at the written requirements or talk with the stakeholders of your project. Often discovering that you had made an assumption about the underlying reasons some work had to be done or in a certain way.
Distributing your API definition as a NuGet client
Creating APIs is quite simple nowadays. You can have a functional API up and running in the Azure cloud within minutes. By using an OpenAPI library like Swagger to publish your API’s definition, other systems can easily integrate and utilize its functionality. The real challenge, as with many programming aspects, lies in maintaining the software once other parties start using your API. To help your customers integrate with your API, but also to have some influence over the way the API is called. A client can be created on the maintainer side and distributed using a NuGet package.
Technorama Netherlands 2023 in review
Technorama is a “Deep knowledge IT Conference” as the event is described on the website. And that is definitely true, I wouldn’t describe the sessions as entry level. Most of the presentations given by the large list of speakers require knowledge and experience of working in the field. And for me, that makes it worth spending two days hopping between 14(!) different cinema rooms.
Scrum and the Summer Break
In this article I’ll zoom in how a team can prepare itself for this period and how to get back together in the original formation in the months that follows
Wheel of Misfortune
Nobody likes to be called in the middle of the night to be confronted with a failing system without a clear symptom on what is going on. So why wait until problems arise before you tackle them? There is often only so much that can go wrong, and if you already have a mitigating plan ready you’ll be back in your bed in no time.
Bicep and environment specific requirements
Infrastructure as code, the eternal promise of stability, shared understanding and high maintainability. Often it starts out that way. You start writing the first components, tie them together in a procedure. It runs excellently in the development environment. Just one click away from rolling it out in other environments. But then you realize you can’t.
SQL Server Authentication and Authorization on Azure with Managed Identities
Deploying infrastructure to Azure is easy enough these days with Azure Powershell, CLI or Bicep. Making interactions between infrastructure components secure is also facilitated in Azure with Managed Identities for example. Databases however, often have their own authentication and authorization internally which is out of reach for Bicep and ARM templates. How can you secure your dynamically created SQL Server databases in Azure?
Snapshot testing with Verify
Have you ever programmed ugly unit tests that had to check file formats and structured content? With snapshot testing this actually has become manageable.
Retrospective Idea: Pizzaria Retrospettiva
Retrospectives have a tendency to sometimes be repetitive and less fruitful. However sometimes just a simple change of scenery can already open up a new perspective of underlying problems or successes that a Scrum team has been through.
One method I’ve tried in practice is bringing the retrospective in an authentic Italian vibe. And what is the first thing people associate with Italia? Pizza 🍕 of course!