Less is More: The Principle of Least Privilege

Another critical principle in maintaining a safe and secure application running in the cloud is understanding the Principle of Least Privilege. The Principle of Least Privilege is an industry-standard security principle widely known to reduce the impact of bad actor attacks. The idea behind the principle of least privilege is to: Grant an entity the minimum permission it absolutely needs to perform its operations. Grant no more permissions than that. This principle applies to cloud infras

Architecting AI Prompts: A New Skill for Modern Developers

If you’ve ever spoken out to your iPhone and said “Hey Siri, what’s the weather in Seattle, WA”, or spoke to an Amazon Echo device and said “Alexa, turn on the bedroom lights”, you’ve given an AI a set of instructions for it to execute. You’ve given an AI a prompt. In the Alexa case, the phrase is converted from an audio snippet into text, and that text is sent to an AI system — Amazon Alexa in this case — for it to determine the desire

Fortress in the Cloud

As modern applications grow more complex and valuable, their security becomes increasingly critical. Yet many organizations still operate with a flat security model—one breach and attackers gain access to everything. This approach is like building a house with a reinforced front door but paper-thin walls. How can you improve your application security to reduce your risk of attack? Use isolation zones. Isolation zones aren’t just a best practice—it’s the difference between

Who’s Responsible? Understanding the Principle of Shared Responsibility

Both you and your cloud provider have a critical role in keeping your application safe. It’s a principle of security known as the Principle of Shared Responsibility. It describes a model for assigning ownership of various security aspects between the cloud provider and you. It’s a principle that has been championed heavily by AWS, but it applies to all cloud providers in all situations. The key to the principle is an agreed-upon set of responsibilities for keeping the application sa

Beyond the Tab Key: The True Value of Human Developers in an AI World

The software development landscape has shifted dramatically. In 2024, a whopping 62% of professional developers use AI in their development process. This has done wonders for the productivity of an average software developer, and has led many people to assume this means that either we need fewer software developers or, more likely, we can get more and better software developed with existing staff. However, there are issues with this shift. Last year, I read and loved the 2024 GitClear AI report

Don’t let your services become Trojan Horses

Cloud-native applications make heavy use of services and microservice architectures. Distributed applications provide many benefits to modern application development processes and lend themselves particularly well to applications deployed in the public cloud. But microservices can also create additional and unwanted vulnerability points that bad actors can leverage to compromise your application. A single compromised service, no matter how small, can lead to vulnerabilities that can be exploit

Beyond the Basics: Making Configuration Management Work at Scale

In my previous article, I discussed five best practices for managing configurations in cloud-native applications. This article expands those recommendations by giving strategies for how to manage large scale configuration systems for large modern applications. The Configuration Explosion Problem Remember when our simple applications had a single configuration file? Those days are long gone. Today’s applications don’t just have more configuration—they have exponentially more complex configuration

Five Best Practices for Managing Configurations in Cloud-Native Applications

Managing configuration information in a complex, cloud-native application can be daunting. There is seemingly configuration everywhere. There’s configuration describing the network interconnections in your system, including routing rules and port blocking. There’s configuration for your load balancers, determining where to send traffic destined for your service. There’s configuration for security permissions needed for databases, caches, servers, third-party applications, and other system

The Art of Influence: Navigating Technical Debt, Driving Innovation, and Shaping Success

Software architects hold a unique and influential position in the product development lifecycle, guiding technical decisions that shape the product's future. Let me be clear - architects aren't just technical decision makers, they're risk managers who shape your entire product's future. I've seen this firsthand in my years at AWS, New Relic and other enterprises. When you're operating at scale, every architectural decision carries both opportunity and risk. Technical debt isn't just a burden - i

The Art of Influence: How Software Architects Shape Product Development

Ready to pull the ripcord on VMWare? On Nov 6, join my friends over at CAST and AWS to learn how software intelligence can speed up and derisk the move to best-fit cloud services. Register today! In the complex ecosystem of software development, the role of a software architect is critical in shaping the direction and success of product development. Software architects wield significant influence that extends well beyond writing code or making isolated technical decisions. Software architect

The Importance of Continuous Learning for Software Architects

In world of software development, the role of a software architect often appears to stand at the top of the technical leadership ladder. With that responsibility comes an even greater need for continuous learning and adaptation. As someone who's spent years in the trenches of cloud architecture, I can tell you that the moment you stop learning is the moment you start becoming obsolete. The Shifting Sands of Technology Let's face it: the tech landscape is changing faster than ever before. What wa

Managing Complexity in a Cloud Migration

Migrating to the cloud can be daunting, especially when dealing with complex applications, which can have a life of their own. These applications can act in seemingly random ways when exposed to unexpected stimuli, such as moving from a stable data center environment to a more chaotic cloud environment. This inherent complexity makes migrating to the cloud risky, but there are ways to mitigate the risk. Piecemeal Migration Proper pre-migration preparation is critical to a successful cloud migrat

7 Essential Tips for Setting Up Effective Monitoring

As the world of software development continues to evolve at a rapid pace, organizations are increasingly turning to tools such as Kubernetes to deploy, scale, and manage their containerized applications. Kubernetes and containers have, in particular, revolutionized how we build and deploy applications, but with this power comes the responsibility of ensuring our systems' health, performance, and reliability. This is where effective monitoring comes into play. I've spent years working with compan

Don’t Worry about AI Taking Over Your Job

As someone who has spent decades at the forefront of the tech industry, I've seen firsthand how emerging technologies can disrupt the status quo. With the rapid advancement of artificial intelligence (AI), it's natural to wonder about its potential impact on the job market, particularly for roles that rely on uniquely human skills. However, I believe that most human-centric jobs, including writers, actors, and lawyers, will not only survive but thrive in the age of AI. The recently released Stan

AI Is Advancing, Yet Still Falls Short of Human Intelligence

In the rapidly evolving world of artificial intelligence (AI), getting caught up in the hype is easy. After all, computer intelligence appears poised to surpass human intelligence in every domain. However, despite the remarkable progress AI has made in recent years, there are still areas where humans maintain a clear advantage. According to Stanford University's AI Index report for 2024, AI systems continue to lag behind human performance in tasks that require complex cognitive abilities, such a

Open-Source AI: Unlocking the Power of Collaboration and Innovation

The world of artificial intelligence (AI) is undergoing a profound transformation, and at the heart of this change is the rise of open-source AI models. According to Stanford University's AI Index report for 2024, a remarkable 65.7% of the 149 foundation models released in 2023 were open-source, up from 44.4% in 2022 and 33.3% in 2021. This shift towards open-source AI is not just a passing trend; it's a movement that is redefining the very nature of AI development and deployment. Open-Source AI

The Big Cloud Migration Misstep

In all the different ways we know in order to migrate an application to the cloud, the lift-and-shift strategy is often the first method organizations attempt. It’s a simple concept: take your existing applications and move them, as is, to the cloud. But simplicity can be deceptive. I’ve seen firsthand how this approach can lead to a host of issues, particularly when it comes to the underutilization of dynamic cloud resources. Migrating to the cloud using lift-and-shift may be the most expensive

Is AI Code Automation Contributing to Code Complexity?

GitHub has published research on the growth and impact of AI on software development. Among their findings is that developers write code “55% faster” when using the GitHub Copilot code automation tool. But this finding doesn’t tell the whole story. Is this code high-quality? Is this code necessary? Is the code contributing to the long-term value of our applications? Does the code contribute to the operation of the application in a clear and concise manner? In other words, is Copilot (and similar

You can’t afford not to be in the cloud

Consider the following story: “I went into my CEO’s office. Our CEO is a very driven, technical, hands-on CEO. All technical decisions have to go through him before the company goes forward with a plan. Today, the discussion was the cloud. The problem? The CEO said we couldn’t move our application to the cloud because it was too expensive. His evidence? ‘If you compare the cost per hour of a cloud-based server instance, to the monthly costs we pay for our servers, the cloud-based servers are

Why increasing complexity actually can decrease complexity

In the dynamic world of software development, complexity is often viewed as the arch-nemesis of productivity and efficiency. Yet, here lies the paradox: embracing complexity can actually pave the way to simplicity. How can this be the case? Let’s focus a bit on complexity in software development. We can often think of complexity as a big, tangled ball of yarn. The more you pull on one thread, the messier it gets. Now imagine breaking up that big ball of yarn into smaller, neat little bundles. Ea

Planned Outages are Still Outages

Don’t be fooled into thinking your site is highly available when it isn’t. p>Planned and regular maintenance involving unavailable applications still counts against availability for those applications. After all, from your customer’s viewpoint, your application is still unavailable. The fact that you planned that it would be unavailable is not important to your customers.</p> I often hear companies using routine maintenance windows as an excuse. Usually, the argument goes like this:

Don’t stop your migration!

Are you planning an application migration? Perhaps you are moving your on-premise application to the cloud, or perhaps you are modernizing an older application to a more appropriate application architecture. Migrations such as these are commitments. Commitments of time. Commitments of resources. Commitments of mindset and corporate energy. They can involve long and evolved transitions. They involve lots of effort—an effort that does not directly, immediately correspond to a realized benefi

Why you should use a microservice architecture

Your application is large. You have many customers, and they make good use of your many features and capabilities. You have a large catalog of products, and your store is big and feature-rich. You are doing well. Except, you are having problems. Your application crashes too often. Your developers are always on it when it fails, and they are very fast at fixing your site, but it takes time and energy. You are down at least once a month or so—and you can be down for hours at a time. Imagine

Can a Cloud Center of Excellence Help You Become Cloud Native?

Cloud computing has changed the fundamental structure of the enterprise IT department. While the benefits of cloud computing are well understood, effectively integrating the fundamental changes required to support cloud-native architectures properly is not as universally well-known. Enter the Cloud Center of Excellence (CCoE). The CCoE is an organizational structure designed to drive acceptance and adaptability of cloud constructs into the enterprise IT processes. The CCoE is a fundamental restr

How to build and manage a cloud center of excellence

In the dynamic landscape of modern business, the adoption of cloud-native technology has become a cornerstone for achieving unprecedented scale and agility. For organizations devoted to harnessing the full potential of cloud-native applications, the establishment of a Cloud Center of Excellence (CCoE) is a common first step in this cloud-native journey. In the past, I’ve written about why building a CCoE will help your organization perform the necessary transformations. But once you’ve decided to

👻🏚️🎃 ScaryOps: The 3 Scariest Mistakes Companies Make in the Cloud

.button-table { padding: 12px 0 } First, there was DevOps. Then, ModernOps and CloudOps. Now, there is ScaryOps. Welcome to the special Halloween Edition of the Modern Digital Business podcast. In this episode, the 3 Scariest Mistakes Companies Make in the Cloud. It's time to turn our attention to scary things…scary movies, scary TV shows, scary home decorations, scary costumes. But when it comes to working with customers and clients on their cloud projects, sometimes I get quite scared…and not

Do you need a cloud center of excellence?

In the past few years, cloud computing has become a dominant trend in enterprise IT. The benefits of moving to the cloud are clear: lower costs, increased flexibility, and improved scalability. But as more companies move their infrastructures into public clouds such as AWS or Azure, they face a challenge that is often overlooked: How do they transform an organization from a typical on-premises company to a cloud-native, cloud-centric organization? A cloud center of excellence (CCoE) is an organi

Does using low code mean your application will become overly complex?

​Low code has received a lot of press recently. There seems to be quite a debate about whether the use of low code makes the application development process better or if it interferes with the development process, resulting in inferior applications. I read an article recently that talked about how an inevitable outcome of using Low Code was application complexity. Further, this application complexity leads to increased difficulty with security issues. This article got me thinking. I’ve been writ

Don’t Let Your Application Turn into Another Winchester Mystery House

Some time ago when I was living in Silicon Valley, I often drove by a curious-looking structure called the Winchester Mystery House every day on my way to work. The Winchester Mystery House is a San Jose mansion that was once the home of Sarah Winchester, the widow of William Winchester, and the heir to the Winchester Rifle fortune. Originally purchased in 1884 as an unfinished eight-room farmhouse, it was expanded over the course of 36 years to an overall footprint of 24,000 square feet.   Alth

The Fatal Mistake Companies Make with Their Cloud Migration

Migrating to the cloud is a commitment. It’s a commitment of time, resources, and corporate energy. Perhaps you are migrating an on-premises application to the cloud. Or maybe you’re moving a monolithic application to service-oriented or microservice architecture. Migrations are not easy to pull off, and can involve long transitions. Because the benefit is not always immediately obvious—and, in fact, sometimes things get worse at the beginning—it’s tempting to want