Posts

Showing posts from April, 2022

There was a time before Amazon and AWS were Enterprise Ready

It is hard for many to remember when Amazon and AWS weren't really enterprise-ready.  AWS wasn't really AWS in the beginning. It was really a scalable data center. The company restricted its employees to locations where the Amazon store  collected sales tax  which really ended in 2016.  Amazon pivoted to PaaS with the introduction of  S3 and EC2 in 2012 .  This is when AWS started moving from being a data center to the internet's operating system   Amazon Called An Amazon cloud engineer called me in the early 2010s wanting to know if I was interested in a Field Engineering position with AWS. I had worked for a few vendors by this point and was pretty interested.  There were only two  field/cloud/customer engineers  covering the entire USA , and possibly the planet. I don't remember the geography.   Both engineers worked in Seattle.  We discussed how they worked at that time. I couldn't see how it would be successful with enterprise customers and said so. All personn

Azure Hub and Spoke VNets - Private Endpoints and Private DNS Zones

Image
Azure makes it simple to access Azure Cloud Services  from your processes in Azure over the public network.  Things become a little more complicated when you implement the best practice of restricting access to your Azure Services to only your Azure networks (VNets).  This simple action drags in Private Link Endpoints  and Private DNS Zones .  Enterprises typically then layer on multiple Virtual Networks (VNets) for management and control purposes. This VNET Hub and Spoke architecture is pretty common though Microsoft has recently been advising customers to implement HUB and Spoke more through subnets than VNets. This reduces VNet sprawl and the amount of peering and other network magic required   See YouTube video links below Private Endpoints / Private DNS Zones  Azure Standard Sevices can be restricted from the Public Internet to your private Virtual Network (VNet) through the use of Private Link Endpoints (PLE). The PLEs essentially create private connections from a Network Interfa