►
From YouTube: Building Cloud Native .NET Apps on Azure
Description
In this session, Swaminathan Vetri (Swami) & Viswanatha Swamy(Swamy) will talk about building cloud native .NET applications on Azure. You will get to know how to architect, design, develop and deploy Full Stack .NET applications on Azure. You will get to learn about the below technologies
- .NET Web API
- .NET Blazor WASM based Single Page application (SPA)
- Azure App Service
- Azure Static Web Apps
- Azure Key Vault
- Azure SQL
- Azure API Management
- Redis cache
- GitHub Actions for CI/CD
This session is run by the the BDotNet user group (https://www.meetup.com/BDotNetUG/) that hosts meetups in Bengaluru, India.
A
Hey
good
morning
and
good
evening,
everybody
thank
you
so
much
for
joining
in
on
it.
Another
edition
of
b
dot,
net
user
group
meeting
all
right
and
I
hope
you're
all
doing
good,
safe
and
sound
and
healthy
right
and-
and
I
want
to
start
with
the
thank
you
note,
because
there's
a
lot
of
things
going
around
and
then
you
chose
to
log
into
this
event
and
then
try
to
learn
something
new.
So
thank
you
so
much
so
before
we
jump
into
the
event.
A
I
would
like
to
give
a
brief
introduction
about
myself
and
then
about
the
user
group
and
then
we'll
get
into
the
event
all
right,
so
myself
swami.
So
my
name
is
my
full
name
is
swaminathan
vitri.
I
work
as
an
architect
at
musk,
I'm
a
microsoft
mvp
under
developer
technologies,
I'm
the
organizer
of
b.net
and
exactly
who's
a
group
made
in
bangalore
and
that's
my
github
handle
and
I
do
write
blogs
occasionally
at
my
at
swaminathinvity.in
and
if
you
want
to
follow
me
on
twitter,
that's
my
twitter
handle
all
right
and
this
is
about
be.net.
A
So
video
is
one
of
the
oldest
user
groups
in
bangalore
way
before
all
these
meetups
and
the
things
started.
It's
been
more
than
a
decade
since
it's
been
running
in
bangalore
and
I'm
fortunate
to
be
associated
with
it
for
the
past
seven
years
or
so
and
yeah.
So
these
are
the
different
ways
you
can
follow
us,
so
one
is
meetup.
A
We
also
have
presents
on
meetup.com
and
then
on
facebook
and
twitter
and
video.net.ion
is
our
website,
which
talks
about
the
different
events
and
the
previous
presentations
and
things
like
that,
and
we
recently
started
youtube
channel.
So
you
can
also
subscribe
to
us
and
then
we
would
upload
all
these
videos
into
those
channels
too,
and
we
also
have
a
discord
server
available.
A
We
can
also
log
in
you
can
also
connect
with
us
there,
yeah
and
of
course,
next
things
about
the
sponsors.
I
would
like
to
thank
our
sponsors
jetbrains,
who
are
sponsoring
us
with
their
licenses
and
then
microsoft
and
dotnet
foundation
for
giving
swags
and
providing
streaming
support
for
this
event
right.
A
So
I
would
like
you
to
like
you
all,
to
be
aware
about
dotnet
foundation,
so
if,
in
case
you're
not
aware
of
it,
it's
an
independent,
innovative
and
always
open
source
to
promote
that
dot
and
foundation
is
an
organization
which
is
created
and
what
it
fosters
is
and
vibrant.net
ecosystem.
So
with
dortmund
foundation,
you
can
basically
take
help
on
all
these
aspects.
A
Let's
say
if
you're
working
on
some
of
your
opponent's
projects,
if
you
want
to
understand
the
legal
or
the
ipip
stuffs
and
about
the
license
agreements
to
set
up
the
country
good
license
agreements,
or
how
do
you
set
up
copyrights,
trademarks,
etc?
All
right,
if
you're
running
any
dotnet
based
upon
this
projects,
you
could
take
help
from
the
dotnet
foundation
and
then
get
these
things
done
and
then
about
even
about
the
time.
What
what
are
the
kind
of
focuses
practices
you
want
to
put
into
your
application?
A
You
could
also
not
the
applications
of
the
project
you
can
also.
You
know,
help
take
help
on
those
lines,
be
it
setting
up
the
governance
or
seeking
the
feedback
from
your
customers
or
providing
any
kind
of
mentorship
coordination,
etc.
Right
apart
from
this,
if
you're,
if
you're
running
meetup
groups
and
then
if
you
want
to
if
you're
running
different
events,
dotnet
specific
events
etc,
you
can
also
get
the
help
in
promoting
and
then
getting
your
event
marketed,
etc,
and
not
just
that
you
can
also
get
some
amount
of
help
in
the
hosting
part
of
it.
A
If
you're
looking
for
some
space
to
run
your
ci
cd
pipelines,
you
can
basically
get
a
devops
support
as
well
right
and
yeah.
That's
the
github,
url
github.comslash.net
foundation
and
dotnetfoundation.org
is
the
website
right
and
how
to
get
involved.
So
this
is
one
slider
which
I
like
it.
So
there
are
different
ways
you
can
get
involved
into
involved
with
the
dotnet
foundation.
A
One
is
me
swami
nathan,
very
another
is
wishimata
swami,
so
we
both
will
be
talking
on
there
on
the
cloud
native
building
cloud
native
applications
on
azure
and
it's
a
pretty
sleek
agenda.
Today
we
don't
have
multiple
sessions,
so
this
is
even
work
through
which
I'm
doing
currently
and
then
we'll
be
starting
the
session
by
10
5
a.m.
And
then
it's
going
to
be
a
comp,
a
single
session.
We
are.
A
We
are
planning,
like
a
more
of
a
court
jam
kind
of
a
session,
so
initially
15,
20
minutes
I'll,
be
having
a
bit
of
a
presentation
to
walk
through
about
the
context
and
on
what
is
cloud
native
app
and
things
like
that,
and
then
there
will
be
fluff
demos
for
the
next
couple
of
hours
and
we'll
have
q
and
dedicated
in
the
last
15
minutes.
And
finally,
we
will
also
need
to
take
some
feedback,
and
then
we
have
a
raffle
and
yeah
we'll
do
the
wrap
up
by
4
30
p.m,
ist.
A
So
this
this
is
a
bit
of
even
a
ticket,
so
q
and
d
will
be
handled
at
the
end
of
the
session.
So
but
that
doesn't
mean
you'll
have
to
be
resisting
your
questions.
A
So
keep
posting
your
questions
on
the
youtube
and
if
you
find
it
relevant
to
the
topic
what
we
are
discussing,
maybe
we
could
pick
a
couple
of
them
in
between
and
then
we
could
discuss
about
it
because
today
is
going
to
be
like
an
like
single
session
which
is
spread
across
or
which
is
spanning
over
last
for
the
two
hours
right,
and
we
would
like
to
hear
about
your
experiences
so
please
tweet
about
it
using
the
hashtag,
b.net
and
yeah,
there's
also
a
raffle.
So
I
want
to
like.
A
I
wanted
you
to
see
the
feedback
first
and
then
whoever
has
produced
feedback.
We
will
do
a
raffle
from
the
people
who
have
submitted
the
feedback,
and
then
we
will
be
giving
giving
away
three
jet
branch
licenses
right.
So
with
that
yeah
all
right,
we
could
get
started
in
a
couple
of
minutes.
I
think
we
are
already
on
time,
so
maybe
I
will
quickly
get
started
with
the
the
presentation.
A
So
yes,
the
topic
for
today
is
building
cloud
native
apps
on
azure,
cloudnative.net
apps
on
azure
right
and
it's
going
to
be
a
joint
session.
Like
I
said,
one
is
my
myself
who
is
for
me
and
then
other
is
maybe
let
me
quickly
bring
bring
him
to
a
stream,
and
then
we
could,
you
know
with
starter.
A
All
right,
so
I'm
having
a
bit
of
network
and
the
power
issues
today,
so
I
couldn't
turn
on
my
videos,
I'm
just
not
just
going
to
be
on
audio
today,
all
right,
okay!
So
let's
get
started.
C
A
Right,
yeah,
okay,
so
I
was
told
that
the
power
is
going
to
be
coming
only
in
the
evening,
but
anyways
I'll
run
the
presentation
and
then
we
I'll
hand
it
over
to
vishwa
who
can
run
the
demos
after
some
time
right
all
right.
So
this
this
is
a
big
brief
intro
about
myself
and
on
him.
So
I
just
talked
about
myself.
So
I'll
just
try
to
talk
about
only
vishwa
now,
but
he's
also
called
swami.
A
So
he's
he's
working
as
an
associate
architect
at
ais
and
he's
a
c-sharp
corner
mvp
and
an
mct
microsoft,
certified
trainer
and
he's
an
organizer
of.net
learner's
house,
that's
under
meetup
group
from
hyderabad
and
yeah
he's
also
a
blogger
and
a
speaker,
and
if
you
want
to
follow
him
on
twitter
and
github,
that's
his
handle
right.
Okay,
so
the
agenda
of
today
is:
is
this
right?
So
first
we'll
start
with
understanding
of
what
are
cloud
native
apps
and
then
we'll
see.
Why
do
we
need
to
build
cloud
native
apps
right?
A
Let's
understand
the:
why
parts
of
it
and
then
let's
also
see
how
we
can
build
the
cloud
native
apps
right
and
then
we'll
also
look
at
what
are
the
future
azure
services
which
we
can
use
to
build
cloud
native
apps,
and
then
it's
going
to
be
a
lot
of
fluff
demos
today
right.
So
what
is
the
cloud
native
app
right?
If
you
ask
anyone
in
your
organization
or
or
your
friends
also,
you
will
get
different
flavors
of
definitions
for
cloud
native
apps
right.
A
So
this
is
one
of
the
official
definition
from
the
cncf,
which
is
the
cloud
native
computing
foundation,
so
cloud
native
technologies
empower
organizations
to
build
and
run
scalable
applications
in
modern
dynamic
environments
such
as
public,
private
and
hybrid
clouds
right.
So
the
some
of
the
points
which
I've
highlighted
here
are
the
ones
which
which
are
more,
which
are
more
around
cloud
native,
specific
things
right.
That
is
what
we'll
also
now
understand
over
the
course
of
this
entire
session
right,
so
containers
service
meshes
microservices
and
immutable
infrastructure
and
declarative
ap.
A
These
are
some
other
concepts
which
will
exemplify
this
approach,
and
we
will
understand
how
we
would
be
applying
some
of
these
right,
if
not
all
of
them.
In
this
session,
and
today
we
will
be
focusing
more
on
the
on
on
especially
azure
pass
offerings,
and
then
we
would
discuss
about
the
containers
in
other
other
aspects
in
the
in
the
later
sessions
right
and
on
these
cloud
native
apps.
What
do
they
do?
They
enable
loosely
coupled
systems
that
are
resilient,
manageable
and
observable
all
right,
so
we
will.
A
We
will
expand
on
these
different
terminologies
over
the
course
of
it,
and
and
when
we
combine
these
with
robust
automation,
I
think
we'll
be
able
to
make
high
impact
changes
frequently
and
with
and
with
high
predictability
right.
That
is
what
would
make
a
particular
application,
a
cloud
native
app
right
and
why
building
it?
I
think
we
just
talked
based
upon
a
few
of
things.
One
is
autonomous
subsystems
right,
so
cloud
native
apps
are
composed
of
autonomous
subsystems.
A
What
I
mean
by
that
is
an
app
could
be
built
with
multiple
other
different
subsystems
like
it
could
be
broken
down
into
multiple
pieces,
and
each
of
those
pieces
can
be
built,
developed
deployed,
tested,
tested
and
deployed
independently,
and
that's
what
is
an
autonomous
subsystem
means
right,
and
it
also
brings
in
agility
right,
so
you
will
be
able
to
move
faster
and
that's
with
agility.
You'll
also
get
a
faster
time
to
market
right,
and
since
you
are
trying
to
break
a
system
into
multiple
subsystems,
you
get
an
option
to
scale
them
independently.
A
Also
right
so
achieving
a
hyper
scale
is,
it
would
be,
would
be
one
of
the
one
of
the
greatest.
You
know
advantage
of
building
a
cloud
native
application
and,
of
course
the
performance
also
you'll
be
able
to
make
make
your
make
your
application
highly
performant,
and
you
would
be
able
to
choose
different
parts
of
trouble.
Now
you
could
be
able
to
choose
different
performance
performance
benchmarks,
are
the
performance
or
to
say
performance
numbers
for
different
parts
of
your
application
right?
A
Okay,
so
now
how
to
build
cloud
native
apps
right,
we
just
talked
about
what
is
the
qualitative
app
and
then
why?
So,
let's
talk
about
how
we
can
build
it
right.
So
there
are
some
certain
principles
which
are
built
and
it's
called
a
12-factor
app
right,
we're
going
to
talk
about
what
are
the
different
12
factors
and
then
how
they
would
be
helping
us
right.
So
in
a
12-factor
app.
A
The
first
thing
is
the
code
base
right,
so
that
has
to
be
only
one
code
base
which
would
be
tracked
into
a
version
control
system,
be
it
gate
or
subversion
or
whatever
be
right,
but
in
the
current
world
most
most
likely
at
least
we
would
be
using
some
flavor
of
a
git
version
control
system
right.
A
You
should
have
your
code
put
in
the
version
control
system,
and
then
there
could
be
multiple
deploys
happening
when
we
say
multiple
deployments,
it
could
be
with
deployment
to
your
different
environments,
right
your
development,
environment,
testing,
environment
production
or
pre-product
production,
etc.
Right
all
of
this
has
to
go
from
a
common
code
base
right
and
then
the
dependencies,
the
second
part,
is
round.
So
how
do
you
handle
the
dependencies
right
so
we'll
have
to
explicitly
declare
and
then
isolate
the
dependencies
right?
A
So
what
I
mean
by
that
is:
let's
say
if
your
particular
application,
let's
say,
for
example,
if
you,
if
you're,
building
an
application
which
is
consisting
of
multiple
subsystems
right,
as
we
saw
in
the
previous
slide
so
and
there
could
be
certain
things
which
are
common
across
these
subsystems
right.
So
those
things
also
needs
to
be
called
separately.
They
need
to
be
isolated
and
then
they
need
to
be
put
in
separately.
A
That's
one
part,
and
the
second
part
is
around:
how
do
we,
let's
say:
if
building
a
dotnet
application,
we
would
need
a
dotnet
runtime,
which
is
one
of
the
dependencies
right,
so
it
has
to
be
packaged
as
part
of
your
application.
We
should
not.
There
should
not
be
any
implicit
expectation
of
independence.
Let's
say
if
you
are
going
to
deploy
your
dotnet
application
in
a
server.
A
We
should
not
implicitly
understand
that.
Yes,
the
server
would
have
an
dotnet
content
running
in
it,
and
then
we
go
and
just
deploy
it.
That's
how
we
traditionally
used
to
do
all
right.
What
would
happen
is
yeah.
The
development
people
would
would
kind
of
create
their
own,
create
their
application
in
their
local
environment
and
then
they're
not
bothered
about
what
is
going
to
be
present
in
the
actual
actual
production
or
development
environments.
And
then,
when
you
deploy
it,
you
find
issues
right,
that's
what
we
would
want
to
avoid.
A
So
that
means
you
need
to
declare
all
your
application
dependencies
and
you
are
in
running
execution,
dependencies,
etcetera
and
all
of
them
needs
to
be
packaged
together,
or
at
least
they
need
to
be
declared
declaratively
specified
here
right
and
third
parties
about
the
configuration.
So
how
are
you
going
to
manage
the
configurations
in
the
environment?
I'm
sorry.
I
think
something
is
going
wrong
with
my
animations,
so
it
keeps
repeating
so
configurations.
A
We
don't
want
to
hard
code
any
of
the
configurations
into
the
into
the
code
base
right.
So
whatever
you
think
would
be
specific
to
environments
that
could
change
dynamically.
They
all
need
to
be
maintained
specifically
in
a
configuration
files.
So
one
of
the
typical
example
is,
let's
say:
if
you're
building
and
micro
service
or
an
api,
if
it's
dependent
on
multiple
other
apis,
you
would
need
to
store
the
urls
of
those
apis
right.
A
One
easier
way
to
put
it
is
just
keep
all
the
urls
in
in
the
checked
in
into
your
are
added
into
the
constant
files
are
so.
But
that
means
every
time
you
want
to
deploy
into
different
environment.
You
would
need
to
modify
your
code
and
then
you
have
to
deploy
it,
which
is
a
violation
of
12
factor,
app
principle
right.
A
So
what
we
could
do
is
kind
of
externalize
it
and
then
make
it
in
the
configuration,
and
then
these
config
should
change
dynamically
as
part
of
your
deployments
and
then
to
deploy
the
same
code
with
multiple.
You
know,
configurations
in
it
and
the
next
one
is
backend
services,
so
trade
backing
services
attached
resources
backing
services
are
nothing
but
the
dependencies.
What
what
we
have,
what
an
application
depends
on
right.
So
one
example
of
a
dependency
could
be:
let's
see
if
you're
having
a
database
as
a
data
database
as
a
dependency
right.
A
So
that
also
needs
to
be
handled
separately,
so
these
databases
are
not
part
of.
Basically,
if
you
want
to
process
your
your,
you
have
to
use
any
kind
of
persistence,
you
would
be
using
a
database
for
sure
and
those
databases
are
treated
as
an
additional
resource
and
they're,
not
part
of
your
existing
one,
and
it's
not
just
about
database.
It
could
be
like
you
talked
about
the
the
common
component
or
shared
library.
A
What
you
want
to
use
across
different
components
right,
they
also
would
be
treated
as
a
separate
resources
right
and
then
bill
run,
build
release
and
run.
So
we
need
to
be
able
to
differentiate
the
build
stage,
release
stage
and
run
stage,
so
build
stage
is
very
for
all.
We
have
to
relate
it
to
our
continuous
integration
in
one
month.
Right,
build
stage
is
where
you
would
do
your
compilation
and
then
running
your
unit
test,
and
things
like
that.
So
you
try
to
do
a
compile
and
then
get
the
get
the
package
out
of
your
application.
A
So
that
means
whatever
the
coachings
you
have
you
keep
on
building
it
and
whenever
you
want
to
release
it,
you
should
have
a
different
release
stages
and
from
that
early
stage
your
app
should
be
released
to
the
appropriate
environments
right
and
they
when
they
are
released,
they
and
the
run
stage,
is
nothing
but
the
execution
context
of
that
right.
So
wherever
it
is
going
to
be
running,
that
is
where
that's.
What
is
the
run
state
and
all
of
these
needs
to
be
separated
out.
A
Excuse
me,
and
the
next
part
is
about
the
processes.
So
the
process
is
basically
we
need
to
execute
the
app
as
one
or
more
stateless
processes
right.
So
that
means
any
kind
of
sticky
sessions
and
then
maintaining
the
states
is
is
a
violation
of
at
all
factor
principle
right.
So
because
the
application
could
application
should
not
maintain
state,
that's
what
a
stateless
obviously
means
right,
so
every
request
could
be
processed
by
different
different
version
or
different
instance
software
applications.
A
So
you
should
not
be
maintaining
any
kind
of
and
sticky
session
or
any
kind
of
stickiness
with
your
with
the
processes.
Right,
that's
what
is
about
the
processes
and
moving
on.
There
are
also
other
six
things
which
is
on
port
binding.
That
means,
basically,
your
app
should
be
listening
on
some
of
the
existing
ports.
This
is
more
applicable
for
your
web.
A
Apps
are
so
right
where
you
would
expose
it
on
a
port
and
and
then
your
application
would
have
an
application
server,
maybe
like
a
web
server
or
so
that
would
run
on
the
port,
and
then
you
were
all
your
calls
would
be
coming
from
that
port.
So
with
this,
what
would
happen
is
let's
say
if
you
are
porting
your
let's
say,
for
example,
dot
application,
default.net
app
runs
on
localhost
5000
port
right.
So
what
would
happen?
A
Is
you
were
having
exposing
and
dotnet
whatsoever
on
block
5000
and
tomorrow,
when
you
are
trying
to
put
this
application
into
a
different
different
area,
different
instance
or
different
environment?
And
if
you
want
to
change,
that's
the
port
and
then
you
should
be
able
to
still
access
your
application
right.
So
that's
what
we're
getting
decouple
these
things
now,
where
the
application
is
exposed
versus
how
it
is
running
under
food
is
kind
of
you
know.
A
Decoupled
here,
part
from
the
concurrency,
so
concurrency
is
how
we
can
scale
out
the
individual
processes
right,
for
example,
there
could
be
multiple
types
of
workloads
which
we
could
create
like
something
would
be
like
in
web
processes,
which
would
take
the
request,
response
kind
of
requests,
and
there
could
be
another
thing
about
the
worker
processes
which
would
be
doing
some
sort
of
background
processing,
etc
right,
so
we
should
be
having
the
flexibility
to
make
these
things
scale
out
independently.
A
If,
at
all
you
see
there
is
a
lot
of
requests
coming
in
for
your
http
based
workload,
you
should
be
able
to
scale
them
out
separately
right
or,
if,
if
you
want
to
do
a
background
processing
in
a
more
in
a
compute
heavy
environment
or
sorry,
you
should
be
able
to
do
that.
Also,
that's
what
concurrency
talks
about
right
and
and
the
next
one
is
around
disposability
disposability
means.
Basically,
we
need
to
maximize
the
robustness
with
the
fast
startup
and
graceful
shadow.
A
What
that
means
is
because
these
apps
could
be
are
not
going
to
be
definitely
running
in
the
same
execution,
environment
right,
they
could
be
deployed
into
different
different
or
they
could
be
moved
around.
For
example,
if
you're
running
on
the
cloud
you
don't
know
in
which
machine
it
is
going
to
run,
right
and
and
azure
would
take
care
of
moving
this
into
from
one
of
your
on
one
of
the
servers
into
different
servers
for
any
kind
of
reasons
or
so
right.
A
In
such
cases,
we
need
to
ensure
our
application
is
having
a
much
faster
startup
and
also
it
should
if
there
is
any
any
any
shutdown
happening
for
your
application
for
any
any
underlying
operating
system
related
issues
or
whatever
your
application
should
be
able
to
gracefully
shut
it
down.
It
should
not
have
any
kind
of
again
stickiness
with
the
with
the
running
environment.
A
Right,
that's
what
disposability
is
talking
about.
I
know
these
are
high
level
concepts,
so
each
one
we
can
talk
about
for
for
us
together
to
get
a
better
understanding,
but
I'm
just
trying
to
you
know,
explain
you
and
give
a
high
level
overview
on
what
what
are
the
different
different
principles.
We
need
to
keep
in
mind
when
we
are
building
a
12-factor,
app
or,
and
how
that
perfect
app
would
help
us
build
a
cloud-native
application.
A
All
right,
an
expert
is
around
the
dev
or
broad
parity.
So,
basically,
we
need
to
ensure
the
development
staging
and
broad
environment.
Everything
should
be
similar
as
possible
right.
This
is
this
is
one
way
we
could
reduce
the
issues
like
hey.
It
worked
in
dev
environment,
but
when
you
put
it
into
the
production
or
when
you
put
in
the
qa,
it
failed
right
that
could
be
if
the
difference
the
environments
are
different.
We
can't
really
predict
what
are
the?
What
are
the
reasons
of
the
failures
right?
You
would
definitely
get
an
non-predictable
application.
A
Basically,
predictability
will
go
down
right
so
to
ensure
you
are
able
to
identify
the
right
issues
in
the
right
environments.
We
need
to
make
sure
the
dev
and
the
product,
and
everything
is,
is
not
parity
right
and
then
and
and
the
last
next
one
is
around
the
logs
part.
So
traditionally
we
all
used
to
write
the
logs
in
a
log
file
in
the
servers
right.
That
would
work
only
if
you
know
only
if
your
execution
environment
is
not
going
to
be
changing.
A
Let's
say
in
an
on-prem
kind
of
setup
where
you
will
have
a
physical
server
or
a
vm
where
you
go
and
deploy
your
application
in
iis,
and
then
you
will
write
the
logs
into
that
particular
server's
file
system
right,
but
in
the
cloud
native
world,
it's
not
going
to
happen.
That
way.
Right,
like
I
said
you
were,
your
application
could
be
moved
across
different
instances
of
vms
or
different
servers
or
different
data
centers
for
that
matter
too.
A
Right
in
such
cases,
if
you're,
if
you're,
writing
anything
into
the
file
system,
it's
going
to
be
very
difficult
for
us
to
to
look
at
the
logs
and
then
understand
the
reason
what's
happening
or
doing
any
kind
of
troubleshooting
right.
So
what
we
need
to
do
is
you
need
to
start
considering
logs
as
even
streams.
A
That
means
you
should
your
application
should
have
the
ability
to
write
the
logs
into
the
into
the
standard
output
or
console,
and
then
we
could
have
a
common
process
running
in
the
execution
environment
that
could
extract
these
logs
and
then
emit
it
into
your
whatever
the
log
block
processing
system,
you
use
the
splunk
or
el
car,
whatever
stacks
right,
the
idios
app
should
not
be
writing
anything
into
the
file
system.
It
should
start
emitting
logs
as
different
streams.
A
So
as
and
when
the
app
execution
happens,
your
log
should
keep
emitting
and
then
there
could
be
another
process.
It
could
read
the
logs
and
then
it
would
push
it
into
the
into
the
appropriate
logging
system
or
the
monitoring
system
right,
and
the
last
part
is
around
the
admin
processes.
Of
course,
we,
though
we
try
to
do
any
kind
of
automation,
everything
there
would
be
some
one-off
processes
or
scripts.
A
We
would
need
to
run
right
and
those
needs
to
be
separated
it
out,
and
they
also
need
to
be
run
or
in
the
same
environment
as
how
your
application
is
or
where
your
application
is
running
and
that
will
again
ensure
the
parity
and
then
we
can.
We
can
avoid
a
lot
of
you
know,
discrepancies
issues
due
to
enrollment
differences,
etc.
A
Right
excuse
me,
so
that's
that's
about
the
12
factor.
App
and
next
is
now
moving
on
right.
So
one
of
the
ways
to
build
these
cloud
native
app
and
following
the
12
factor
app
is
the
cloud
cloud
is
the
cloud.
Is
the
microsoft
is
following
by
following
the
microservices
architecture
right,
so
what
are
some
other
characters
of
micro
services?
A
So
some
of
these
we
already
talked
about
so
each
microservice
would
implement
a
specific
business
capability
within
a
large
domain
context
it
in
the
in
the
case
of
an
e-commerce
portal,
or
so
you
would
have
multiple
kind
of
functionalities
like
search
and
then
could
be.
Something
could
be
like
a
cart
and
something
would
be
like
an
order
process
etc.
A
So
each
of
them
could
be
split
into
different
microservices
and
then
they
all
of
them
together
will
form
an
application
right
and-
and
one
of
the
main
things
is
about
each
of
these
can
be
developed
autonomously
and
can
be
deployed
independently.
Also
right.
That
brings
a
lot
of
flexibility
right.
You
can
reduce
a
lot
of
friction
between
different
teams
and
then
each
team
can
build
and
on
test
and
then
deploy
and
release
on
their
own
on
their
own
release
cycles.
A
A
It
could
be
whether
it's
equal
or
no
sql
and
and
and
when
you
talk
about
micro
series
and
microsoft-
should
have
its
own
bounded
context
identified
and
it
should
have
its
own
data
store,
also
identified
right
and
the
next
one
is
around
each
transition
processes
and
communicates
with
others
using
standard
communication
protocols
right
so
now
that
we
are
breaking
a
single
system,
our
single
application
to
multiple
microservices,
one
of
the
important
things
is
around
the
communication
protocols.
A
Right
it
could
be
an
http
based
protocol,
it
could
have
been
even
driven
or
it
could
be
message
driven
or
it
could
be
web
sockets
right.
But
the
important
thing
to
consider
is
the
communication.
That
is
how
all
these
can
can
work
together
and,
of
course,
all
of
these
different
micro
services
would
compose,
but
basically
all
work
together
and
they
compose
a
proper
application.
A
And
this
is
just
to
give
a
brief
about
how
the
deployment
would
be
different
between
monolith
and
micro
services,
right
so
with
the
monolithic
application.
What
we
do,
it
will
be
typically
an
entire
kind
of
an
application.
It
be
used
to
have
your
business
logically
or
a
front-end,
and
then
your
back-end,
and
then
your
database
and
things
like
that
right.
A
So
on
what
we
used
to
do
is
we
used
to
deploy
the
entire
unit
as
a
single
unit,
and
then
we
put
it
in
one
vm
or
so,
and
if
you
want
to
scale
the
application,
we
would
add
additional
vms
and
then
do
the
entire
module
deployment
there
and
then
put
a
load
balancer
and
that's
how
the
scaling
would
work
right.
What
it
brings
is,
every
time
you
want
to
make
a
change.
A
You
will
be
deploying
the
entire
application,
for
example,
if
a
search
model
is
getting
changed,
even
then
you
need
to
deploy
the
entire
application
where
that
might
not
be
any
changes
related
to
other
modules
right.
So
that
brings
its
own
challenges
so
with
microservices.
What
we
would
do
is
we
can.
We
would
have
the
flexibility
to
create
different
micro
services.
Basically,
we
break
a
single
monitor
into
multiple
micro
services
and
we
can
deploy
them
independently
and
we
can
scale
them
also
independently.
A
If
not
like
I
saw
in
the
left-hand
side,
you
would
be
adding
more
vms
and
then
you'd
be
spending
more
on
the
infrastructure
and
then
you'll
be
having
a
lot
of
issues
with
respect
to
your
deployments,
etc
too,
right
and
now
so
talking.
I
think
we
understood
what
are
cloud
native
apps
and
then
what
are
the
different
total
factor,
authentication
factor,
app
properties,
etc.
Right
now,
whenever,
whenever
you're
building
a
microsoft,
what
are
the
design
constructions?
We
need
to
have
that's
what
the
here
we
are
going
to
talk
about.
A
It's
one
part
is
communication,
so
communication,
like
I
said,
is,
is
one
of
the
key,
because
we
need
to
ensure
how
or
who
can
talk
to
these.
What
are
the
different
microstructures
that
can
communicate
with
each
other
right
and
how
are
those
communication
going
to
happen?
Is
it
going
to
be
by
an
http?
Is
it
going
to
be
a
rest,
or
is
it
going
to
be
a
grpc,
or
are
we
going
to
use
an
even
driven
system
may
be
putting
as
a
kafka
or
or
even
hub,
or
anything
for
that
matter
right.
A
So
this
is
this.
Communication
plays
a
key
role
when
you're
architecting
your
cloud
native
app
and
because
you
don't
want
to
make
it
too
chatty.
At
the
same
time,
you
don't
want
to
violate
the
principles
of
micro
services
right
telling
you
you
don't
want
to
directly
go
and
access
anybody
else,
any
other
bounded
contact
database
also,
so
we
have
to
clear
cut.
We
have
to
identify
clearly.
How
are
we
going
to
enable
the
communication
between
these
different
micro
services
and
resiliency
right?
That's
another
important
aspect,
so
the
resiliency
means
what
has
been
basically.
A
Instead,
we
we
our
application,
like
I
said
it's
going
to
be
running
on
the
cloud
and
then
could
be
moved
around
in
different
different
execution
environments
right.
So
if
one
of
your
dependent
dependent
micro
services
down
also,
how
are
you
going
to
handle
those
those
kind
of
things,
and
how
do
you
make
it
more
fault?
Tolerant?
How
do
you
make
it
more?
You
know
resilient
to
the
to
the
dependence
to
the
to
the
issues
with
the
respiratory,
different
systems,
etc.
A
That's
one
of
the
important
pieces
and
then
the
third
part
is
from
the
distributed
data.
So
here,
since
the
data
is
also
going
to
be
owned
by
indus
micro
services,
that
would
be
challenges
in
how
we
would
be
querying
the
data
and
then
how
we
would
be
maintaining
transactions
with
respect
to
the
data
et
etc.
That's
another
thing
which
we
need
to
mainly
focus
on
then
consider
and
also
the
identity.
A
So
we
also
need
to
understand
what
are
the
different
micro
services
and
then
what
is
the
induced
identity
and
then
who
can
call
who
other
so,
maybe
which
microservice
can
call
which
other
micro
microservice
right?
So
we
can't
simply
open
and
open
up
all
these.
Let's
say
if
you
have
a
bunch
of
microservices,
maybe
10
to
12
in
your
application.
We
need
to
know.
Okay,
maybe
so
vca
should
be
able
to
talk
to
only
b
c
and
d,
so
you
say
should
not
be
talking
to
maybe
e
f
and
h
right.
A
So
we
need
to
know
what
are
the
identities
and
then
who
can
invoke,
which
is
the
microservice
right
and,
of
course,
security
is,
is
the
base
of
all
of
these
things
we
need
to
ensure
all
of
these
are
happening
in
secured
manner.
You
don't
want
to
have
any
kind
of
an
non-https
request
or
anything
floating
around.
You
need
to
ensure
there's
a
mutual
trust,
enabled
and
there's
a
zero
trust
network
built,
etc
right.
A
This
is
also
another
one
of
the
important
considerations
what
we
need
to
have,
while,
while
working
with
microservices
architecture
and
and
backing
all
of
these
would
be
like
your
devops
processes.
Right
devops
is
not
just
about
running
cac,
it's
also
about
provisioning,
your
infrastructure.
How
would
you
make
your
infrastructure
as
a
code
and
make
sure
you're
able
to
get
immutable
infrastructures
right?
If
there
is
any
sort
of
an
issue,
you
should
be
able
to
bring
up
your
own
infrastructure
as
soon
as
possible.
That
would
be
possible
only
with
infrastructure
code.
A
A
So
that's
where
ci
and
cd
comes
into
picture,
we
will
have
to
have
a
convenience
integration
build
so
that,
as
and
when
developer
commits
the
code,
we
need
to
get
the
faster
feedback,
and
then
we
also
need
to
have
means
to
deploy
on
the
release
your
application
on
demand
any
time.
It's
all.
These
and
also
about
the
testing
process,
test
automation,
bringing
in
functional
automation,
on
eap,
automation,
ui,
automation
and
things
like
that
right
all
of
these
would
form
under
devops.
A
So
when
you
are
working
on
or
whenever
anyone
is
working
on
a
microservices
architecture,
you
need
to
ensure
at
least
these
are
the
different
things
which
needs
to
be
considered.
This
is,
of
course,
not
the
exhaustive
list,
but
these
are
the
bad
minimum
things.
What
we
would
need
to
consider
for
sure
right
now.
I
think
we
talked
about
a
lot
of
the
rate
now
to
understand
what
are
the
different
azure
services
that
could
help
us
in
building
cloud
native
apps
right
and
before
I
jump
into
services.
There
are.
A
There
are
multiple
ways
you
can
build
a
cloud
native
app
right
like
a
test
upon
the
first
slide
right.
One
part
is,
you
can
use
the
can
completely
converge
as
your
pass
offerings
like
using
app
services
and
things
like
that,
and
the
second
part
is
around
making
it
serverless.
When
you
go
to
serverless
model,
you
could
use
azure
functions
and
there
are
other
host
of
serverless
offerings
available
and
the
third
way
to
do
it
is
using
containers.
A
If
you
want
to
use
containers,
you
can
use
docker
based
containers,
and
then
you
can
use
an
azure
container
instance
or
kubernetes
service,
etc,
etc.
Right
so
first
thing
is
azure
app
service.
That's
one
of
the
easiest
way
to
you
know,
get
us
onto
the
cloud.
So,
instead
of
we
maintaining
our
own,
it's
basically
azure
tasks,
offering
it's
a
platform
as
a
service.
So
you
don't
you
don't
need
you
don't
have
to
worry
about
the
underlying
infrastructure.
All
you
need
to
worry
is
you
would
need
to
define,
is
what
is
the
underlying
runtime?
A
You
are
applying
to
have
your
application
running
on
user.net5.net6.net3.
Whatever
right,
you
need
to
just
specify
that
and
then
app
service
will
take
care
of
it.
App
service
will
run
the
execution
for
it
and
then
another
important
thing
you
might
need
is
an
azure
api
management.
Let's
say
you've
built
a
bunch
of
apis
like
web
apis
right
and
and
how
do
you
manage
those
apis?
How
would
you
ensure
that
routing
is
happening
appropriately?
How
would
you
ensure
we
are,
we
are
able
to?
A
You
know,
perform
authentication
and
authorization,
and
and
and
things
like
that
right,
that's
where
ap
management
would
come
into
picture
and
now
that
if
you
have
built
multiple
apis
and
then,
if
you
want
to
make
it
like
an
jio
replicated,
what
I
mean
by
that
is,
let's
say:
if
your
customers
are
across
the
globe
there,
you
have
a
global
customer
base
and
if
you
want
to
manage
your
applications
and
the
data
closer
to
your
customer
location,
so,
for
example,
I'm
building
an
application
which
is
for
which
my
customers
could
be
accessing
the
app
from
either
from
india
or
from
europe
or
from
the
us
right.
A
So
these
three
are
primarily
three
different
regions,
so
maybe
for
the
india
I
could
have
have
my
micro
service
running
in
my
india
data
centers
and,
if
I
for,
for
the
europe
customers,
maybe
that
the
the
application
calls
should
go
into
the
europe
for
specific
endpoints
right
and
then
for
the
u.s.
Maybe
it
could
go
into
their
specific
end
points
right.
A
So,
whenever
your
us
customers
hit
your
api,
it
will
route
the
calls
to
the
your
specific
micro
services
and,
and
that
way
you
could
reduce
latencies
and
then
you
can
handle
a
lot
of
things
right
and-
and
these
are
some
other
things
which
we
could
use
and
again
I'm
talking
about
the
containers
in
kubernetes,
which
is
a
vast
topic
by
itself.
You
could
also
use
azure
kubernetes
service,
it's
a
managed,
kubernetes
service
that
could
help
in
orchestrating
your
containers
and
yeah.
A
If
you're
not
looking
at
a
full-blown
kubernetes
service,
you
could
very
well
use
azure
container
instance.
So
these
are
like
standalone
instances
and
then
they
would
also
they
would.
They
would
also
be
able
to
help
you
running
in
the
running
docker
containers
of
your
applications
and
yeah.
Like
I
said
for
serverless,
you
can
use
azure
functions,
so
that
means
you
will
you
these?
A
The
functions
are
primarily
like
very,
very
my
new
entities
right,
so
you,
if
you
want
to
do
one
specific
operation,
you
put
an
azure
function
in
it
and
then
you
will
run
it
up
and
the
functions
have
multiple
multiple
triggers
and
multiple
bindings,
so
triggers
are
the
ones
which
would
trigger
the
function
on
what
basis
the
function
should
run
right.
It's
not
like
a
typical
web
application.
A
Where,
let's
say,
if
you
are
running
an
on-prem,
you
will
be
deploying
application
iis
and
then
it
will
be
always
up
and
running
and
whenever
a
request
comes
in,
it
serves
a
request
and
then
it
will.
The
process
would
still
be
there
right,
barring
the
is
timeouts
etc,
but
with
azure
functions
it
will
wake
up
whenever
there
is
a
need
and
then
it
just
goes
down.
So
that
way
you
do.
You
can
save
a
lot
of
money
in
in
the
execution
cycles,
etc.
You'll.
E
A
Paid
for
whatever
execution
cycle
you
are,
you
are
using
there
right
and,
of
course,
to
ensure
we
are
accessing
things
in
a
secured
fashion.
We
would
also
we
can
also
use
key
vault
and
yeah.
Cosmos
db
is
one
of
the
examples
of
a
back-end
store.
There
are
also
multiple
offerings.
You
can
also
use
azure,
sql,
azure
postgres
azure
for
cassandra.
Is
there
azure
for
mariadb
mysql,
a
lot
of
different
data
store
options
out
there
so
and
yeah?
There
are
many
more
applications
of
them.
A
Sorry,
many
more
services
which
you
could
use
from
azure
to
build
cloud
native
apps
right,
like
I
said,
the
focus
of
this
session
is
more
around
the
past
offering
so
we
wouldn't
be
touching
on
the
kubernetes
or
the
other
functions
or
anything
else
right.
So
now,
what
are
we
going
to
do
through
the
end
of
the
session
right?
A
So
we
try
to
build
some
of
the
use
cases,
and
then
we
are
going
to
have
we're
going
to
explain
how
we
we
are
trying
to
solve
it
by
with
a
cloud
native
kind
of
an
architecture
here
right.
So
it's
a
very
simple
use
case.
It's
nothing
fancy!
So
the
business
requirements
are
like
this:
we
should
have
enriched
interactive
client
applications
for
the
end
users,
which
is
what
everyone
needs
now
right.
A
That
means
you
could
technically,
you
would
need
an
sba
or
so
single
page
application,
and
then
the
client
set
app
should
be
able
to
load
the
data
dynamically
and
then
on
demand.
So
that
means
it's
not
a
static
application,
so
it
needs
to
be
wired
up
to
some
of
the
backend
apis
which
could
serve
the
data
right
and
yeah.
The
data
should
be
persistent
transaction
level
and
the
ability
to
query
and
the
pull
reports,
etc.
So
this
is
the
database
right,
so
it
should.
A
We
should
be
able
to
basically
perform
some
credit
operations
into
your
database
and
then
we
should
be
able
to
query
and
then
pull
the
reports
from
that
database
and,
of
course
we
need
to
enforce
security.
So
we
want
to
have
some
sort
of
role
based
authorizations
for
the
users
and-
and
then
you
see,
these
are
some
of
the
high-level
business
requirements
right,
but
we
don't
just
build
and
for
focus
only
on
these.
A
Typically,
if
you're
in
enterprise,
you
don't
hear
like
the
nfrs
and
other
things,
which
is
a
non-functional
requirement,
that's
what
I
call
it
as
a
technical
requirements
here.
So
another
thing
is
security
aspect
we
need
to
ensure
we
are
securely
handling
the
application
configurations
on
the
secrets
right
and
the
second
part
is
we
need
to
ensure
our
aps
are
able
to
give
the
responses
in
sub.
Second,
all
right
and
yeah.
We
need
to
also
have
an
end
to
an
observability
of
the
entire
solution.
A
So
what
I
mean
by
observability
is
you
need
to
know
how
the
traffic
is
going
between
different
micro
services
or
the
different
parts
of
your
application
from
your
ui
to
the
back
end,
and
then,
if
they're
back,
an
ap
is
calling
multiple
other
apis.
How
is
that
call
happening
all
those
need
to
be
able
to
monitor
and
then
also
the
logs
of
it
into
and
tracing?
Also,
we
need
to
be
able
to
do
so
that
the
moment
there
is
an
issue
we
should
be
able
to
go
and
troubleshoot,
what's
really
happening
there
and
yeah.
A
Of
course,
we
would
want
to
have
an
end
to
an
automated
deployment
of
the
application,
which
is
also
one
of
the
important
principles
or
the
design
which
would
need
to
follow
when
we
deal
with
the
cloud
native
apps
all
right.
So
with
this
with
these
different
requirements,
we
kind
of
you
know
we're
going
to
look
at
and
sample
architecture
which
will
look
like
this.
So
basically,
we
are
going
to
use
primary.net
as
our
programming
language
so
or
the
framework
and
how
we
are
going
to
build
this
cloud
native
app
right.
A
So
whatever
I
talked
until
now
is
is
kind
of
common
principles
on
the
under
design
patterns
or
the
design
methodologies
right
so
which
could
be
applicable
for
any
kind
of
any
kind
of
an
programming
language,
be
the
tool
factor
app
or
the
microservices
architecture,
or
the
cloud
native
principles,
etc.
Right
and
and
even
the
azure
services
also,
they
could
host
even
azure
apps
can
host
any
sort
of
and
any
sort
of
programming
language
if
you're
having
a
microservice
built
in
java
or
node.js.
A
You
could
technically
put
into
the
into
the
azure
app
service
too,
but
the
focus
here
is
more
on
the
dotnet
part
of
it.
So
we
are
going
to
use
dotnet
to
see
how
we
can
build
the
end-to-end
full
stack,
application.net
right.
That
means
the
back-end
web
apes
are
built
on
dot-net
based
apis,
and
then
the
front-end
also
is
built
on
the
blazer.
There's
a
wasm,
that's
nothing
with
the
blazer
web
assembly
and
both
of
these
are
deployed
into
into
the
azure
right.
A
So
the
numbers
mentioned
here
number
two
is
the
azure
app
service
right
and
and
for
the
security
to
enable
the
role
based
authorization
we
kind
of
integrated
with
r0,
but
it
could
be
any
any
kind
of
an
authentication,
any
kind
of
identity
provider
right.
So
you,
if
you're,
if
you're
on
in
an
enterprise
where
you
as
your
a
it,
is
enabled
there
right.
A
You
could
technically
connect
your
blazer
up
to
that
and
then
you
can
get
your
users
authorized
from
there
or
if
you
want
to
enable
third-party
integrations,
also
with
github
or
linkedin
or
whatever
it.
You
could
technically
be
do
that
too,
and
the
idea
is
we
want
to.
We
want
the
users
to
log
in
and
then
we
would
be
using
a
jot
token
as
a
means
to
you
know,
do
their
authentication
authorization
and
then
the
apas
would
honor
those
requests
right.
So
that's
where
you
see
the
api
management
here
mock
bus
number
four.
A
So
that's
going
to
be
the
entry
point
for
for
all
of
our
consumers
or
the
customer
or
consumers
in
this
simple
architect,
there's
only
one
consumer
which
is
basically
azim
app,
but
you
can
technically
think
of
multiple
other
consumers
too
right.
You
can
also
build
up
and
mobile
app
that
could
also
talk
to
the
apa
via
this
api
management
right
and
the
actual
apis
are
hosted
in
or
would
be
hosted
in
the
azure
app
service.
A
Here
again,
it
will
be
under
instance,
of
your
app
service,
and
the
key
vault
is
what
we
are
going
to
use
to
secure
the
connection
strings
and
everything
right,
because,
as
you
can
see
here,
the
web
api
is
going
to
talk
to
the
azure
sql
server
and
also
redis
cache
right.
Obviously,
we
can't
hard
code.
A
The
hardware
the
connection
strings
there,
so
we
need
to
be
able
to
put
it
in
a
secure
place
and
that's
where
keyword
comes
into
picture
right
and
here,
azure
sql
is
the
is
the
backend
which
would
be
used
and
just
to
enable
the
caching
like
a
cache,
has
a
pattern.
We
are
we're
trying
to
bring
in
the
azure.
It
is
cache
all
right.
A
So
that's
about
the
architecture.
So
what
we
would
be
doing
in
the
next
couple
of
hours,
or
maybe
one
two
and
a
half
hours
is,
we
will
start
looking
at
how
we
can
build
some
of
these
components
and
then
start
deploying
them
onto
the
azure
from
visual
studio
itself
right
and
yeah.
Before
we
get
there
one
last
thing
about
to
talk
about
the
cac
departure
you
want
to
set
up
a
ci
cdn
if
you've
not
done
it
before.
This
is
a
simple
steps
which
we
could
use
so
anytime.
A
A
You
need
to
pull
your
and
you
get
dependencies
and
then
build
your
application
and
then
run
your
unit
test
and
then
run
your
sonar,
cube
analysis
or
whatever
static
code
analysis
to
identify
any
code
smells
then
sac
is
nothing
but
the
static
analysis
for
security
testing,
so
you
can
use
polaris
or
any
or
any
other
such
tools
to
understand
your
and
are
there
any
security
vulnerabilities
into
the
code
etc?
A
Right,
you
can
do
all
of
these
things
as
part
of
your
ci
and
then
once
everything
is
ready,
you
could
have
another
cd
process
setup
that
would
try
to
deploy
your
application
into
the
app
service
right.
Can
I
try
to
put
it
in
a
generic
way
as
deploy,
because
there
are
different
way
you
could
do
the
deployment
and
this
deployment
would
vary
for
what
are
the
destinations
right?
If
it's
an
app
service,
it
could
be.
Maybe
your
entire
package,
you
could
just
deploy
there,
but
for
all
you
are.
A
You
are
deploying
into
an
azure
and
cuban
service.
You
will
need
to
push
it
into
an
azure
container
registry
and
then
you'll
have
to
deploy
the
image.
If
it's
a
serverless,
it
could
be
again
a
different
me
right.
So
that's
why
you
want
to
keep
it
generic,
so
this
also
would
be
to
you.
Can
you
know
you
could
be
relating
it
right?
So
the
build
part
is
what
is
the
ci,
which
is
one
of
the
things
with
build
and
then
our
release
and
then
the
run
part
is
all
isolated
here.
A
It's
one
of
the
principles
of
12
factor
app
right
so
that
that's
how
that's
what
how
or
that's
how
we
wanted
to
run
through
this
entire
session.
So
basically
we'll
be
building
different
components,
and
then
you
should
be
able
to
relate
on
how
these
things
fit
into
the
overall
collaborative
architecture
and
then
how
these
things
are.
How
are
we
implementing
some
of
these
12
factor
app
principles?
A
Yeah?
So
with
that
quick
intro,
I
would
let
which
one
start
with
the
with
the
demos
and
the
other
things,
and
we
would
like
to
make
it
a
little
bit
more
interactive
between
both
of
us.
And
if
you
have
any
questions,
please
feel
free
to
post
in
the
comments
and
then
I
will
be
picking
up
from
there
and
then
we
could
answer
over
the
course
of
the
session.
Also
yeah
over
to
you.
C
E
D
C
C
So
I
I
just
wanted
to
create
some
content
with
exceptions
and
other
things.
So
this
how
it
looks
I
just
will
take
quick
five
minutes
run
through
on
the
existing
infrastructure
and
we
have
another
resource
group
which
we
will
be
using
for
the
live
demo.
Just
in
case.
You
know
that
demos
will
not
work
on
time,
so
we
already
created
one
and
tested
everything
and
kept
it
ready.
So
we
can
fall
back
on
this.
C
So
this
is
the
application
map
where
you
can
trace
in
the
future
episode.
When
we
are
doing
the
architectural
thing,
we
will
introduce
the
client,
the
client
side
app
too,
so
that
you
will
get
a
full
end-to-end
picture.
So
at
this
point
of
time
we
are
tracking
from
the
a
beam
to
api,
then
sql
and
auth
0.,
okay,
and
also
you
can
come
and
see
the
failure
section,
I'm
just
giving
a
quick,
we'll
come
back
and
detailedly
discuss
about
this
just
quickly.
C
So
the
types
of
failures
this
if
this
numbers
are
more
so
we
can.
One
of
the
thing
we
can
take
out
of
that
is
someone
is
trying
to
hack
our
system.
He
doesn't
have
the
token,
but
he
is
trying
to
enter
into
this
one
okay.
Similarly,
the
subscription
key.
So
these
are
the
two
red
flags
really
red
flags.
We
need
to
focus
on,
and
apart
from
that,
we
can
have
this
live
matrix,
where
we
can
keep
a
watch
on
that.
I
will
go
ahead
and
use
this
for
sending
few
few
calls.
C
So
if
someone
is
monitoring
the
live
matrix
or
we
have
alerts
on
this
one
and
the
moment
someone
tries
to
enter
or
not
and
do
an
unauthorized
calls
that
gives
us
a
chance
to
look
into
that
red
flags.
Why
someone
is
trying
to
do
this
one,
and
we
will
go
in
depth
of
this
one.
Okay-
and
I
do
want
to
show
one
simple
piece
as
this
one.
C
When
I
come
into
this,
our
radius
cache-
and
this
is
our
system
and
I
go
and
do
a
first
hit
so
the
first
it
is
going
and
it's
bringing
it
took,
409
milliseconds.
C
So
now
you
can
come
back
here
and
do
a
quick
keys
and
check
that
at
this
point
of
time
we
have
all
the
records
stored
in
the
release
and
now
this
time,
when
someone
tries
to
go
fetch
the
data
it
brings
in
because
that
was
the
first
hit,
let's
go
and
get
the
second
it,
so
it
see
that
it's
coming
to
339
milliseconds,
because
it's
it's
it's
completely
passing
through
the
apm
then
goes
to
sql
then
goes
to
api
and
then
goes
to
this
one.
C
So
as
and
when
we
do
this,
it
takes
lesser
and
lesser
time
we
can
check
directly
from
the
api
we
are
hitting
it.
So
it
took
longer.
It
took
361
milliseconds,
so
the
time
varies
seat.
It's
it's
coming
down.
So
that's
one
thing
we
are
introducing.
So
let
me
come
back
to
start
discussing
on
the
piece
by
piece.
First,
let's
go
to
the
first
piece
we
are
going
to
chew.
Is
this
one
sql
azure?
C
So
let
me
walk
through
all
those
things
which
we
have
swami
just
give
me
a
shout.
If
you
are
unable
to
hear
me
because
I
see
because
of
this
rain,
sometimes
the
internet
is
fluctuating
it's
coming.
Actually
it
will
be
50,
but
for
some
reason
it
is
coming
down
just
to
give
me
a
shout.
C
Thanks,
so
this
is
a
production
resource
group
which
we
have
created
so
where
we
want
to
do
live
demo,
and
we
know
that
to
spin
up
this
apm
instance
it
stick.
It
takes
a
decent
time
of
45
minutes
to
one
hour,
so
we
just
created
but
nothing
in
there.
If,
if
we
come
and
see
this,
there
will
not
be
anything
here,
let
it
let
it
come,
and
also
the
sequel,
and
I
would
like
to
flash
one
of
the.
E
C
C
They
have
given
an
all
the
abbreviations
which
we
can
use
it,
and
also
there
is
an
corresponding
or
the
supporting
document
to
this
is
how
do
you
choose
the
name?
That
is
also
the
naming
convention
also
they
have
given-
and
please
use
these
two
like
you-
have
this
pip
sharepoint
like
a
resource
type
workload,
environment
region
and
instance
like
if
you
see
that
we
have
also
followed
the
combination
of
both
like
environment.
So,
if
you
come
back
to
here,
you
can
see
that
rg.
C
So
that's
coming
from
the
recommended
recommended
abbreviations
and
we
use
the
b.net
cloud
native
dev001,
and
here
we
used
prod001
yeah.
Here
we
used
plot001
just
to
differentiate.
So
please
keep
this
resources
very
handy,
I'll,
collect
all
this
in
a
notepad
and
end
of
the
session
I'll
give
it
to
swaminathan
so
that
you
know
we
will
put
it
in
the
youtube
channel
or
wherever
it
is
appropriate.
C
So
please
use
this
naming
convention
and
that
gives
if
anyone
sees
that
and
also
tagging
as
we
didn't
get
time,
we
didn't
do
it,
but
if
you
see
that
at
a
high
level-
even
if
you
don't
recognize
these
icons,
what
you
can
do
is
like
apm
api
management.
This
is
app
service,
app
service.
This
is
application
insights
keyword.
There
is
log
workspace
release,
there's
a
sql
server,
there's
a
sql
database,
so
we
have
pretty
much
clear
cut
by
seeing
the
name
itself.
We'll
know
that,
okay,
what
is
that
it
is
happening
over
here?
C
Okay,
then,
so,
let's
quickly
go
and
see
what
is
there
in
the
sql
server,
and
here
this
is
the
sql
server.
We
spun
up
a
very
small
resource
one,
but
you
can
use
whatever
is
applicable
for
your
production.
C
Scenarios
but
video
diligent
to
do
a
performance
testing
or
a
feasibility
study
before
choosing
the
tier
and.
E
C
And
also
we
use
the
single
database
because
we
just
needed
a
basic
basic
tier.
We
just
did
that
and
used
that
one
and
another
thing
is:
you
can
use
the
elastic
pull
where
you
can.
If
you
have
set
of
databases,
you
can
put
all
the
databases
in
an
equal
but
before
that
ensure
that
they
all
are
not
spiking
up
at
the
same
time.
C
So
if
you
will
save
some
money
when
you
use
the
elastic
pool
and
and
ensure
that
the
usage
pattern
is
not
at
the
same
time,
they
are
not
hitting
the
rooftop
at
the
same
time.
So
let
it
spike
at
different
instances
like
I
have
four
databases.
Every
database
is
individual
databases
each
of
hundred
dtu's
and
if
I
want
to
put
all
those
things
in
300,
d2s
or
250
or
400
videos,
whatever
it
is,
those
dt
will
deduce.
C
If
I
decide
I
need
to
ensure
that
the
database
a
b
c
and
d,
they
are
not
hitting
the
rooftop
on
the
same
time.
Let
them
hit
it
on
the
different
time
and
I
can
reduce
the
number
of
dtus
in
the
elastic
pool
to
250
or
300,
but
that
should
be
a
very,
very
careful
decision.
If
not,
we
will
have
a
sleepless
nights
for
sure.
Okay,
coming
back
to
this
sequel,
this
is
sql
server
database,
we'll
go
step
by
step.
C
Come
in
this
query
editor,
this
is
a
new
feature.
C
B
C
God
so
you
can
see
this,
the
minimum
tls
version
is
1.2,
which
is
the
latest
one.
So
we
got
additional
security
over
there
and
and
see
this
here,
allow
azure
services
and
resources
to
access
this
server.
So
at
this
point
of
time
initially
it
is
no.
That
means,
even
if
I
go,
and
even
if
I
go
and
connection
string
to
any
of
the
web
api,
they
will
not
be
able
to
come
and
hit
that
because
we
didn't
allow
anyone
to
come
and
hit
and
the
client
ip
address.
C
We
are
not
giving
to
anyone
the
client
ip
address
so
whether
to
have
a
dedicated
private
network
and
give
access
from
that
network.
But
at
this
this
is
a
demo,
I'm
just
giving
an
security
exception.
So
how
do
you
know
that?
What
is
your
ip?
So
you
can
go
to
browser
and
check
what
is
my
ip
address
and
then
enter,
and
then
you
will
get
the
same
ipad
address.
That's
for
your
router,
which
is
at
your
home
or
okay.
So
that's
2,
30
37!
So
that's
one,
two,
three!
Thirty
seven!
C
I
can
add
this
claim
ipfs,
but
you
guys
never
ever
do
and
it's
a
must
or
needed,
and
another
important
thing
is,
as
formula
then
touched
upon
this
one,
whatever
we
are
doing
is
everything
through
manual.
That's
just
like
a
demo
for
us
to
understand
the
little
bit
of
internals.
What
is
happening
where
the
connection
strings
are
where
the
configurations
is
changing.
So
for
that
reason
we
are
going
in
doing
mainly
technically
everything
will
get
deployed
through
ecd
and
another
important
point
is
accept
the
dev
resource
group.
C
You
will
not
be
given
access
the
right
access
to
any
of
those
resource
resource
resource
subscriptions
like
only
the
dev
subscription.
They
might
give
you
so
that
you
know
you
can
do
some
experiments
check
that
and
learn
about
this
configuration
only
for
that.
You
will
be
given
the
access
and
dev
subscription
from
test
qa
stage
you
at
and
fraud.
No,
no
one
will
give
you
an
access
right
access.
They
might
give
you
read
access
so
that
anytime,
you
need
to
check
whether
the
configuration
is
correct
or
not.
C
You
can
go
and
do
an
investigation,
but
never
ever
you
will
get
access
to
the
the
any
subscription
more
than
dev,
so
whatever
we
are
doing
is
assuming
that
you
are
doing
in
dev
and
everything
should
be
done
in
production
manner.
Okay,
now
that
we
have
added
that
we
did
the
white
list
and
we
are
going
into
the
database
and,
oh
god,
it's
troubling
me,
like
anything.
C
Today,
okay,
so
now
you
see
this,
there
are
no
tables,
no
stored
procedures
or
nothing.
So
it's
a
pretty
much
a
clear-cut
empty
database.
So
what
we
can
do
is
pretty
quickly.
We
have
a
database
project
here.
The
there
are
multiple
ways:
some
people
they
will
use
a
jumbo
sql
file
and
do
all
those
changes
and
maintain
that
in
the
maintain
that
in
the
repository
azure
radio
and
they
use
this
build
pipeline
and
release
pipeline
to
validate
the
sql
scripts
and
then
go
deploy
it
to
the
to
the
data
store.
C
So
that's
being
that's
being
done
in
one
of
the
some
other
people
they
do
it
and
some
people
they
do
this
sql
project,
which
will
be
creating
the
backpack
and
deploying
it
so
you'll
see
this.
C
It's
a
pretty
simple
thing:
we
have
the
books
table
and
you
can
see
that
it
has
got
few
columns
id
and
these
are
the
few
columns
and
we
have
this
and
there
are
few
basic
stored
procedures
like
add
a
new
record
and
get
all
books
by
get
all
books
by
get
all
books
and
get
booked
by
id
and
very,
very
simple,
stored
project,
update
and
delete
for
us
for
today,
we'll
be
focusing
only
on
get
all
books
and
ad
book.
C
C
I
will
go
ahead
and
set
this
as
a
startup
project,
and
we
have
already
seen
that
we
don't
have
anything
here
in
the
server
and
and
one
thing
as
we
said
this
as
a
startup
project
and
right
most
click
and
go
to
this
properties
and
from
this
properties
a
couple
of
things:
the
project
settings,
the
target
platform
is
sql,
server,
2016
or
14
or
12.
Whatever
is
appropriate
if
it
is
on
the
on-premise
or
on
your
local
laptop.
C
You
need
to
ensure
that
you,
you
will
choose
a
correct
version
of
that
and
then
go
ahead
and
click
on
start
and
ensure
that
you
are
having
this
as
a
startup
project,
and
you
will
see
that
it
will
go
ahead
and
compile
this
project
and
it
creates
the
dac
pack
over
here
and
it
starts
the
deployment
and
woo
okay.
That
is
the
second
part
I
will
come
back
over
here.
I
have
configured
to
azure
sql,
that's
a.
C
Problem,
okay,
so
I
will
go
ahead
and
browse
I'll
go
ahead
and
browse
and
in
local
I
will
select
this
sessionsdb
and
quickly
do
a
connection
test.
The
connection
it
is
connection
is
succeed
and
then
we'll
go
ahead
and
quickly
do
a
start
of
this
you'll
see
the
dac
pack
is
there
and
it
will
not
take
much
time
less
than
a
minute.
It
goes
and
deploys
that.
E
C
Creates
a
dac
pack
and
also
if
we
keep
a
watch
on
this
folder,
we
will
see
a
sql
file
getting
generated.
I
will
go
ahead
and
open
this
and
keep
myself
ready
and
wait
for
that.
It
ensures
that
the
all
the
scripts
are
in
a
compile,
compilable
state
and
the
advantages
advantages.
We
can
ensure
that
all
the
scripts
are
right
and
incrementally
we
can
do
deployment
and
the
backpack,
and
this
project
itself
will
take
care.
C
I
will
go
ahead
and
close
this
one,
so
it
deployed
here
in
this
one.
We
can
quickly
come
back
and
right
most
click
and
do
a
refresh
and
come
back
and
check
the
databases.
You
can
see
that
the
database
has
been
the
newly
created
database
has
been
there.
So
if
you
use
existing
database,
it
will
go
and
update
it
accordingly,
but
we
have
selected
the
new
one
so
now
that
we
know
how
to
do
it
locally.
C
C
C
We
can
keep
a
watch
on
this
like
the
tables
or
anything
getting
created.
So
let
it
take
a
little
bit
of
time
for
this
to
go
ahead
and
do
in
the
meanwhile.
We
can
start
discussing
so
some
of
the
things.
What
we
will
learn
is
no
problem,
let
it
be
so
we'll
come
back
and
save
this
connection.
String
and
I'll
save
this
connection
string
here.
C
Okay,
I'll
save
the
connection
string
and
another
important
point
we
can
we
can
see
over
here
is
the
this
one:
the
transparent
data,
encryption
encrypts,
your
data,
backup
and
everything
at
rest.
So
it's
sure
that
whatever
the
data
which
we
store
in
sql
azure,
they
are
encrypted
just
that
we
have
the
credentials.
We
are
able
to
see
the
content
in
clear
text
and
another
important
thing
is:
we
have
the
performance
overview
and
performance
recommendation
also
so
sometimes
when
we
write
those
sql
stored
procedures
or
the
tables
without
proper
indexing
and
other
things.
C
This
gives
us
an
decent
amount
of.
C
That
how
can
we
improve-
and
this
is
the
one
feature
which
I
really
liked
it-
I
never
used
it
but
reading
about
it
was
a
pretty
good
thing,
see
see
this.
What
it
is
doing
is
the
key
three
important
points
it
does
is:
let's
assume
that
you,
it
has
executed
a
plan,
execution
plan
it
has
got
and
that
plan
is
executing
the
stored
pressure
within
two
within
a
second
less
than
a
second.
C
Let's
take
it
less
than
a
second,
and
afterwards
we
created
an
index
or
it
created
an
index
or
dropped
an
index
in
any
combination
or
the
content
is
more
and
now
the
current
execution
plan
is
taking
two
two
and
a
half
seconds
to
four
seconds.
So
what
it
does
is
it
will
again
it
has
got
an
intelligence
to
go
back
and
forth
the
previous
execution
plan
so
that
it
gets
faster,
so
it
creates
automatically
it
understands
and
creates
the
indexes
and
what
are
the
indexes
which
are
not
applicable?
C
It
deletes
this,
so
these
are
the
top
three
things
which
it
does
and
that's
that's
one
one
important
thing
and
another
important
thing.
I
just
wanted
to
show
you
here
is
the
one
thing?
Is
this
yeah,
so
this
one?
So
another
point
is
another
point:
is
we
thought
about?
We
we
told
that
encryption
at
rest.
Now,
what
is
what
is
the
flexibility
or
a
feature?
We
are
getting
it
when
the
data
is
in
transit,
so
we
know
that
in
rest,
it
is
encrypted.
C
What
is
that
we
can
do
so
that
you
know,
data
in
transit
is
also
secure,
so
we
can
use
this
feature
always
encrypted.
So
if,
if
you
do
that
always
encrypted
data
will
be,
I
mean
if
you
go
and
use
the
select
on
the
table
that
particular
column
or
the
entire
table,
whatever
we
select
as
part
of
this
one,
those
will
be
in
an
encrypted
fashion.
I
mean,
when
you
do
the
select
query
on
this
on
that
particular
table.
C
You
will
not
see
the
original
content
like
ssn
or
other
number,
those
kind
of
things
those
will
be
in
encrypted,
and
even
if
you
do
a
select
query,
it
gives
us
an
encrypted
one.
So
we
need
to
use
a
libraries
to
go
and
do
that
transformation.
So
I
actually,
I
could
not
locate
that
I
did
one
sample
on
this
one.
I
could
not
look
at
but
use
these
two
features
from
the
security
perspective.
So
let's
come
back
to
this
and
all
is
well,
so
it
deployed
everything.
C
E
C
Yeah
yeah,
that's
that's
pretty
much.
We
we
covered
everything.
So
the
first
piece
is
down.
I
think
we
have
had
this
one.
So
let's
go
and
talk
about
this
web
api
and
I'm
closing
this
and
anyways.
We
are
going
to
delete
this
database
after
this
demo.
I
am
letting
my
secret
password
know.
A
F
C
C
Right,
so
what
we
thought
to
do
is
we
thought
of
to
give
a
short
on
dot,
net
5
and
dot
net
6,
and
we
didn't
notice
any
considerable
difference,
but
the
same
piece
of
code.
We
were
able
to
use
it,
and
here
I
just
wanted
to
highlight
one
piece
on
the
reusability,
so
we
created
set
of
dlls
libraries,
which
is
this
data
store,
bll
cash,
dal,
core
and
sql,
like
it's,
a
mix
of
n
layer
approach.
Come
the
domain
driven
descent,
so
the.
E
C
If
you
see
that
swami
correct
me,
if
I'm
going
off
the
track
so
see
that
we
have
the
set
of
front
ends,
blazer
was
a
manga
reactor
view
js
or
any
number
of
things
are
here
in
the
game
and
the
data
store.
We
have
it
and
this
middle
tier
and
there's
a
people
are
using
it
interchangeably.
Someone
will
call
this
as
a
back
end.
Someone
is
calling
is
apa
layer
or
middle
tier
whatever
it
is,
so
I'm
calling
it
as
a
middle
tier
if
it
is
wrong.
C
Apologies
for
that
and
inside
inside
this
tier
we
are
creating
api,
so
we'll
come
back
to
grpc
in
future,
but
as
of
today,
today's
demo
is
with
the
api,
and
that
goes
and
talks
to
the
business
logic
layer
and
you
have
a
data,
access,
layer
and
core.
So
within
the
tier
we
have.
Logically,
we
have
different
grouped
the
code
to
different
layers,
okay,
so
coming
back
to
the
code,
so
we
have
all
this
one.
So
why
do
we
need
to
move
one
of
the
advantages?
C
You
see
that
if
I
we
have
created
this
in
two
different
frameworks,
one
is
dot
net
five
and
dot
net
six.
So
what
does
this
api
project
contains?
Nothing.
It
just
contains
the
startup
cs
and
one
controller,
and
what
is
this
dotnet
six
one
contains
is
one
startup
and
one
controller.
So
where
does
the
code
lives?
The
code
lives
in
this
this
libraries
and
tomorrow.
If
someone
comes
and
says
that
hey
I'm
going
to
write
a
grpc,
one
of
the
customer
is
asking
for
an
integration,
and
what
does
he
does?
C
He
does
not
do
anything.
You
don't
need
to
reinvent
the
bill.
All
you
need
to
go
and
look
into
these
contracts,
create
the
create
the
protofile
and
write
a
service
and
reuse
the
same
components.
Nothing
will
change,
we'll
show
that
benefit
in
future
episode,
but
for
today
you
see
that
benefit
all
the
like.
All
the
code
has
been
pushed
to
the
libraries.
The
benefit
is,
we
are
not
repeating
ourselves
anywhere.
C
Only
thing
is
we
are
looking
at
hooking
it
up
in
the
in
this
respective
projects.
So,
coming
back
to
this
startup,
so
in
this
startup
we
have
white
opened
up
pretty
wide
to
the
entire
world,
any
origin,
any
other,
any
matter
any
method
plus
please
please
do
not
do
this.
This
is
only
for
the
demo
and
because
we
will
be
adding
multiple
things
coming
from
a
different
locally.
We
need
to
test
and
a
lot
of
places
just
wanted
to
keep
the
changes
minimum.
C
We
just
opened
it
for
the
while,
but
please
do
not
ever
do
that,
and
another
thing
is
how
we
are
hooking
up.
This
jwd
token.
Well,
we'll
come
back
and
look
into
look
into
that
a
little
later,
and
these
are
some
of
the
dependencies
we
have
application
dependencies
and
another
important
point
is:
we
have
added
the
use
authentication
in
this
okay,
now,
coming
back
to
controller,
we
have
added
the
authorized,
so
only
the
authorized
person
will
be
able
to
look
into
this
and
it
has
got
pretty
simple
methods.
It
is.
C
It
has
got
a
post
to
add
a
book
and
get
to
retrieve
all
the
books
and
get
by
id
it.
We
will
get
this
and
we
will
come
back
and
we'll
start
executing
this
step
by
step
and
we'll
deploy.
Also
pretty
quick
see
that
I'll
I'll
see
that
we
are,
we
are
doing
it
step
by
step.
Let
me
go
to
this
app
settings
here
and
yeah.
So
app
settings-
and
here
is
the
the
connection
string
here-
is
the
connect
system.
I
just
wanted
to
highlight
on
the
cache
side
pattern.
E
C
Oh
okay,
so
this
is
the
radius
cache
on
my
local.
So
you
do
this
keys.
There
is
nothing
stored
in
this.
Nothing
is
stored
in
this
this
one.
So
let
me
go
ahead
and
add
this.
E
C
C
So
we
can
come
to
this
kudu
console
anyone
who
is
pretty
good
in
console.
We
can
use
this
and
I
can
go
ahead
and
check
this.
You
can
see
all
those
connection
strings
and
everything
over
here
or
I
can
go
to
the
console,
and
here
we
will
come
to
know
that
how
our
application
has
been
deployed.
It
will
be
on
the
site
and
dub
dub
route.
C
Let
me
go
either
way
you
can
go
to
the
prod
subscription,
I
mean
go
to
the
kudu
console
or
the
app
files
just
give
it
a
moment,
and
the
difference
between
the
fqdn
is
that
sem
will
be
added
here
and
you
can
come
in
here.
You
can
see
the
things
whatever
as
a
configuration
which
gets
added
over
here
as
swami
was
right
pointing
out
about
this
one,
even
though
we
test
it
and
we
deploy
whatever
someone
has
access
to
this
resource
or
a
resource
group
through
our
back
or
whatever
the
mechanism.
E
C
They
will
not
be
able
to
get
any
credentials
because
we
are
not
at
all
storing
any
credentials
and
that
we
will
store
only
in
our
local
as
as
long
as
we
want
to
test
something
we'll
use
that
one.
Okay
and
another
key
thing
is
we
come
to
configuration,
so
this
guy
has
got
access
and
is
trying
to
find
out
some
pieces
of
information,
so
he
came
to
this
file.
He
didn't
find
anything.
So
the
next
thing
he
knows
is
okay.
I
need
to
go
check
here.
Oh
it's
here.
C
Let's
see
what
it
is,
so
you
click
on
that,
and
here
also
there
is
nothing
in
here
all
it
is
pointing
to
a
key
vault,
okay
or
zero
authority,
so
who
in
this
world
will
be
given
access
to
keyword
very,
very
few
people?
Only
the
devops
lead
our
architects.
C
Only
those
kind
of
people
they'll
be
given
access
to
this
one,
and
also
that
too,
based
on
the
policies
I
mean,
if
you
see
that
this
application
api
application
and
that
to
what
permissions
we
have
given,
we
have
given
only
this
get
and
list
technically
it
should
be
get.
We
don't
need
need
to
give
this
list,
but
I
have
bumped
it
up,
but
I
I
have
a
lot
of
lot
of
permissions
on
that
one.
C
So
if
you
come
to
this
secrets
here,
if
you
come
in
technically
you
will
not
be
able
to
come
to
this
level
because
they
will
never
ever
give
you.
They
will
never
ever
give
you
this
permission
for
permission
for
this
for
sure.
Okay,
let
me
go
ahead
and
copy
this
bookstore.
C
I'm
keeping
that
that's
the
audience,
I'm
keeping
it
okay,
so
I
just
wanted
to
show
that
piece
about
the
cache
aside
pattern,
we'll
do
very
quick
things
and
I
have
I'll
keep
one
debugger
over
here.
So
another
important
point
is
throughout
our
project.
If
you
see
that
lot
of
things
are
getting
dependency
injection,
so
in
this
books
controller
it
has
got
dependency
on
the
book's
bail.
So
when
you
go
to
this
books,
bll,
maybe
the
naming
convention
I
messed
up,
but
it's
a
mix
of
the
domain
driven
design
and
the
layered
approach.
C
I
just
used
both
approach.
I
am,
I
know,
I'm
wrong,
but
that's
how
I
did
it
so
here
we
have
the
books
repository
and
has
a
dependency
on
the
cache
repository
and
I
logger.
So
these
all
things
are
coming
in
here,
so
someone
can
ask
for
me.
You
have
done
and
I'm
seeing
that
the
application
dependencies
has
been
hooked
up
over
here.
But
where
does
this
logger
come
from?
Who
is
giving
this?
C
C
C
Okay,
so
this
is
the
one
which
is
coming
in
at
this
point
of
time
and
swami.
I
might
go
on
mute
because
sometimes
my
laptop,
when
I'm
going
on
this
quick
watch,
it
mutes
my
mic.
So
please
give
me
a
shout
so
when
you
come
and
see
that
before
even
hitting
the
first
line,
there
are
79
dependencies
and
you
can
get
into
this
result
view
to
see
that
what
all
those
default
dependencies
I'm
calling
it
out
of
the
box
dependencies
or
default
dependencies.
C
So
you
can,
if
you
look
into
that,
I
logger
is
one
of
that
I
logger
is
one
of
the
dependencies.
So
now
we
understand,
wherever
you
are
using
this
high
logger,
it
is
coming
as
part
of
the
default
dependencies
or
dependencies
coming
out
of
the
box
and
and
other
dependencies
which
we
are
adding
just
to
save
the
time.
I'm
just
hitting
this
one
and
let
me
do
an
f10
and
at
this
point
of
time,
if
I
go
and
do
a
quick
watch
again,
I
see
it
was
79.
C
Now
it
is
245
dependencies
and
we
can
expand
this
result
view
to
quickly
go
over
that
all
the
dependencies
which
has
been
added
so
yeah.
You
can
see
that,
apart
from
all
the
dependencies
which
was
added
our
application
dependencies,
you
see
this
ibook
repository,
I
cache
and
whatever
we
added
of
we
added
from
the
application
dependency
side,
you
see
that
the
idata
store
connection
strings
and
reduce
everything
whatever
we
added
it.
Everything
will
be
here,
so
this
is
like
a
container,
so
that
means
it
holds
the
entire
dependencies.
C
It's
like
you
have
deposited
money
in
a
bank
account,
take
the
credit
card,
go
to
an
atm
and
swipe
it.
So
if
you
don't
load
your
dependency
inside
the
dependency
injection
container
and
anywhere,
you
ask
it
like
in
atm,
it
says
the
decline
transaction,
your
the
application
will
blow
in
front
of
your
eyes.
C
Okay,
so
let's
go
and
quickly
do
this
one
end
point:
let
me
go
and
grab
this
guy
use
the
postman
I'll
come
in
here
and
drop
this
slash
api,
api,
slash
books
and
we'll
do
this
because
we
are
not
sending
the
token
it
will
definitely
blow.
C
Authorization
and
have
this
now,
I'm
sending
the
request,
so
we
have
sent
the
authorization
token.
You
see
that
first
it
comes
and
hits
the
key
store,
but
it
is
there's
nothing
in
here,
so
it
goes
and
finds
out.
There's
nothing
in
here
the
string
is
empty.
I
mean
there
might
be
better
ways
to
do
it.
This
is
how
I
implemented
so
then
we
are
going
to
the
sequel.
So
only
when
the
data
doesn't
exist
in
the
redis
cache,
then
I'm
going
to
the
sql
bringing
the
contents.
C
Now
we
have
the
books
now
I
am
storing
that
inside
the
reduce
cache.
So
I
do
continue
so
this
point
of
time,
if
I
come
and
I
see
the
keys,
there
are
all
books.
C
C
C
Redis
cache
has
got
this
entry.
Let's
do
this
one,
and
now
you
see
that
that
entry
is
removed,
because
now
the
single
source
of
truth
is
sql
server,
because
there
were
only
10
records
in
the
cache
and
we
added
in
11th
record
in
the
data
store
sql.
Now
there
is
a
difference.
The
single
source
of
truth
is
sql,
so
we
need
to
invalidate
the
cache.
So
we
did
the
invalidation
of
the
cache
and
we
did
a
continue
and
the
next
cycle.
A
I
think
you're
pretty
good
swami
yeah.
C
Whether
we
are
calling
I'm
calling
you
or
I'm
calling
myself,
that's
one
confusion,
okay,
so
pretty
much.
We
covered
a
lot
of
things
over
here,
so
we
have
the
connection
strings
and
all
those
things.
So
let
me
go
and
close
all
the
tabs
just
to
be
because
I
thought
it
will
be
easy
to
showcase
it
here
on
my
local
instead
of
on
the
server
okay
I'll
leave
this
over
here.
C
Let
me
come
back
to
home
and
go
to
the
broad
resource
group
and
inside
the
broad
resource
group.
We
have
the
key
vault
okay.
So
let's
start
having
those
key
vaults
and
here
is
the
secrets,
so
access
policy-
if
you
see
that
only
I
have
the
access
to
read,
even
if
swaminathan
logs
in
he'll
not
be
able
to
technically
not
be
able
to
do
that
view
it
because
I
have
not
given
access
to
anyone.
C
C
C
I'm
adding
some
content,
and
I
just
created
it
so
there
are
one
important
setting
which
you
can
select
is
purge.
C
Protection,
earth
protection-
I'm
very
bad
in
documentation,
so
I
rely
on
rely
on
the
companies
to
use
the
content.
So
if
you,
what
is
the
difference
between
soft
delete
and
purge
protection?
So
soft
delete?
Is
this
one
soft
delete
is
enabled
by
by
default?
Okay.
So
what
happen
is
if
you,
the
soft
delete,
is
enabled.
So
if
someone
is
coming
in
and
their
resource,
they
are
deleting
this
resource.
C
So
what
happen
is
that
will
be
put
into
to
be
deleted
condition
and
it
will
be
there
for
some
time
so
maybe
7
days
or
90
days,
whatever
is
applicable,
based
on
that
it
will
be
there
on
that
on
that
bench
for
us
to
go
ahead
and
recover
that
okay,
so,
let's
see
in
practical
action,
I
have
this
test,
I'm
going
into
this
test,
and
I'm
deleting
that
okay,
so
that's
it
is
deleting
and
it
didn't
delete.
We
have
to
wait
for
some
time
in
the
meanwhile,
let's
discuss
the
siri.
C
So
what
happen
is
once
you
go
to
this
manage
deleted
secrets?
You
will
see
that
all
the
items
which
has
been
deleted
over
here
so
now
you
have
two
options.
You
can
recover
that
or
you
can
purge
it
so
before
you
do
that,
whether
you'll
be
able
to
purge
it.
You
have
to
come
and
see
that
here
the
purge
option
that
privilege
is
not
enabled.
I
mean
I
didn't,
give
that
permission
even
to
myself,
because
the
prop
the
problem
is
it's
a
double-edged
sword.
C
That
means
I
have.
I
have
created
this
and
I
have
deleted
it
and
I
will
be
able
to
go
and
look
into
this
manage
deleted
items,
and
I
can
I
can
select
that
and
I
can
purge
it.
That
means
it
goes
out
of
this
place
also,
so
no
one
will
be
able
to
imagine
a
scenario
for
some
reason.
I
want
to
trouble
swaminathan
and
he
has
given
me
an
access
to
his
resource
group.
C
I
can
pretty
much
go
and
delete
that
and
come
here
and
purge
it
and
he
has
got
a
vacation
on
friday
and
his
boss
will
call
and
say
that
swami
this
is
not
working.
Can
you
take
off
next
week
and
work
over
the
weekend
to
fix
it?
So
to
avoid
those
kind
of
scenarios,
I
mean
wantedly
or
unwantedly.
For
any
reason,
if
you
someone
deleted
it,
they
should
not
be
able
to
purchase.
There
are
multiple
levels
of
security.
C
C
That
means,
even
if
someone
deletes
that,
even
if
someone
deletes
a
key
and
if
we
enable
the
purge
protection.
So
what
happen
is
when
you
enable
the
purge
protection,
they
will
ensure
that
seven
to
nine
seven
to
ninety
days,
the
configurable,
if
you
say
that
whenever
by
default
soft
delete,
is
enabled.
That
means
you
delete
any
of
this
keyword
item.
It
stays
on
the
bench
for
7
to
90
days.
C
Whatever
is
configured
and
within
this
90
days
no
one
will
have
permission
to
go
ahead
and
purchase,
even
though
they
have
the
access
policy,
even
though
they
have
the
access
policy.
If
the
purge
protection
is
enabled,
they
will
not
be
able
to
delete
it.
Okay,
that's
one
thing
I
just
wanted
to
cover:
that's
a
pretty
important
security
feature
we
have
to
enable
it
might
come
with
little
bit
of
cost,
but
I
think
that
should
be
fine
yeah.
We
are
good
now.
So
let
me
come
back.
C
C
C
Go
to
this
api
and
I
just
want
to
show
the
harder
way
so
I
apologize
if
I
am
troubling
you
people,
but
I
want
to.
We
can
see
this
app
service
editor
also
text
editor,
but
I
want
to
show
the
hard
way
to
do
it:
how
to
do
that,
so
that's
kudu
console.
We
have
seen
that
when
we
come
to
this,
you
can
see.
C
What
yeah
you
can
see
this
site
will
get
deployed
here,
there's
nothing
in
here.
So
this
is
the
hosting
start.
You
see
this
is
the
page
which
gets
deployed
if
someone
goes
to
this
end
point.
If
someone
goes
to
that
end
point
the
whatever
the
hosting
is
hosting
html.
You
see
here
hosting
start
html,
that's
the
html
it
gets
displayed.
I
mean
we
have
used
the
shared
app
service
plan,
so
it
will
be
little
low
on
the
resources.
Apologies
for
that
slowness.
C
And
you
can
see
this
environment
is
very
important
thing
where
you
can
it's
like
a
keys
of
the
kingdom.
Anyone
who
has
got
access
to
this
one.
They
will
be
able
to
see
everything
over
here.
What
configuration
is
there
so
be
little
attentive
to
this
one?
So,
okay,
that's
just
an
fai.
So
this
is
the
file.
C
You
do
publish,
and
again
we
just
want
to
call
it
out
that
whatever
we
are
doing
is
just
to
know
the
internals
are
a
little
bit
more
knowledge.
Definitely
the
devops
team
will
not
allow
you
to
deploy
directly
from
your
visual
studio,
visual
studio
code
or
as
your
cli
route
or
the
mechanism
for
sure.
A
D
A
A
C
E
E
E
A
C
Okay,
that
one
and
other
things
we
will
set
it
there
itself.
Okay,
let
me
go
ahead
and
click
it,
because
this
is
the
one
which
everyone
wants
to
avoid.
I
might
do
some
mistake
over
here
and
site
will
not
work,
and
everyone
will
come
on
to
the
bridge
to
hunt
this
down.
It's
an
unnecessary
pain
and
waste
of
efforts,
so
cicd
will
save
us
from
this.
Okay,
I'll
stop
sharing,
and
while
that
is
okay,
we
can
keep
it.
A
So
I
would
be
posting
a
link
in
the
youtube
chat
window,
so
I
would
request
all
the
audience
to
just
go
ahead
and
give
you
a
comment.
Whatever
will
be
good
bad,
actually,
don't
worry
about
it.
We
just
wanted
to
seek
your
feedback
over
the
course
of
the
session
as
well,
and
also
to
make
you
do
some
typing
right
so
that
you
don't
really
feel
the
monotonous
sitting
or
for
the
last
couple
of
hours
or
so
so.
Okay,.
A
Sorry
I
had
a
momentary
glitch,
so
this
is
a
request
to
the
audience.
So
I've
picked
a
link
like
a
mentee.com
link,
I'm
also
showing
up
in
the
notes
here
it's
available
in
the
youtube
chat
window.
Can
you
please
go
there
and
then
key
in
the
code?
Whatever
is
shown
in
the
in
the
stream
now
9073817
and
then
you
can
just
give
your
feedback
there
and
then
it
just
comes
up
here.
Whoever
wants
to
take
a
break
for
five
minutes
or
so
please,
if
you
do,
that,
whoever
is
there
in
the
stream
can.
A
Eight
one:
this
is
that's
one
of
the
ways
to
keep
yourself
more
engaged
because
in
a
virtual
environment,
it's
pretty
difficult
to
understand
the
audience
responses,
and
things
like
that,
so
yeah
we
just
wanted
to
all
right
live
demo
is
good.
Thank
you
good
to
know
that
people
are
following
us.
A
Okay,
as
as
that
comes
up,
maybe
I'll
bring
a
couple
of
questions
which
one
then
we
could
try
answering
them.
Okay,
yeah
sure
sure.
First
one
is
around
your
backpack
thing,
which
is
you
know
which
visual
studio
extension
is
used
to
run
the
sql
script.
I
think
you
show
it
directly
from
the
vs
and
deploy
it
into
the
you're
right.
Do
you
want
to
show
that
explain
which
visual
extension
are
you
using?
Is
it
out
of
the
box
thing
or
or
why.
C
Do
you
think
it
okay,
one
second
I'll
show
you
that
am
I
sharing
my
screen.
C
Yeah
just
bring
bring
my
screen
yeah,
you
are
there,
so
this
is
the
sql
proj
visual
studio
2019..
So
the
first
thing
is
this:
one
I'll
give
this
url.
Also,
so
you
guys
can
see
this
one,
so
sql
server
data
tools.
This
is
where
you
need
to
use
it.
C
So
once
you
use
that
one,
so
you
will
have
the
project
template
so
where
you
can
go
and
right
most
click
and
add
new
project
and
inside
this
template
you
will
have
that
sql
project
and
if
it
doesn't,
we
can
search
it
I'll
show
you
how
to
do
that.
So
you
can
see
that
sql
server
database
project
this
one.
C
A
B
A
What
we
typically
do
is
the
the
application
or
the
api
which
is
going
to
write
the
data
into
the
into
the
db
could
always
update
the
cache
or
refresh
the
cache.
Also
that's
one
way
other
way
is:
if
you
kind
of
know,
what
is
the
the
data
expiry
or
sort?
You
could
also
set
an
expiry
time
to
it
and
it
gets
automatically
expired,
and
then
you
could
do
the
rights
later
to
it.
These
are
couple
of
options
which
are
available
and
yeah,
which
way
you
could
add.
E
C
Oh
I'm
sorry,
I
was
talking
on
mute
okay,
so
this
is
my
favorite
topic.
So
the
thing
is
that
what
the
first
consideration
is,
what
kind
of
content
you
want
to
bring
it
on
to
the
reduced
cash?
So
the
first
one
is,
in
this
case
books
how
many
times
once
a
books
get
added
how
many
times
that
books
get
updated
the
same
book
very
rarely
throughout
the
lifetime
it
we
might
say
that
the
book
is
active
or
inactive,
but
that
that
too,
in
a
lifetime.
C
Someone
published
a
book
this
year,
so
for
next
ten
years
or
five
years
or
minimum
two
years,
it
will
not
change
until
unless
that
goes,
the
books
goes
out
of
this
one.
So
those
kind
of
things
and
like
if,
if
professors
are
students
in
a
college,
very
rarely
they'll,
their
data
gets
updated
either
they're
changing
the
address
or
professor
got
a
raise
in
his
paycheck,
or
he
has
got
a
promotion
very
rarely
so
choosing
the
data.
C
What
you
want
to
store
is
the
first
important
consideration
before
before
going
ahead
and
using
the
radius
cache,
and
the
second
important
point
is
how
second
second
important
point
is
how
much
data
you
want
to
bring
in,
because
this
is
the
in
memory.
It
stores
the
content
in
in
memory.
So
you
have,
the
pricing
tier
will
go
into
the
pricing
tier
of
that
reduce
cash.
I
have
already
placed
it
yeah
you.
This
is
the
one
which
I'm
flashing
it
here
so
in
this
pricing
tier.
C
If
you
see
that
the
basic
you
don't
have
the
availability,
nothing
is
there.
We
are
using
this
one.
So
if
you
use
this,
if
you
use
the
standard
one,
so
they
are
giving
the
250
mb,
plus
53
gb
and
they
have
a
replication.
The
failover
is
there.
C
So
if
it
is
a
premium,
so
they
are
giving
6
gb
to
1
120
gb
and
you
have
the
failure,
failover
and
some
of
the
other
features,
and
what
is
pretty
important
is
we
are
getting
the
size
whatever
is
the
size
and
as
in
when
you
grow
as
and
when
your
demands
are
more,
what
you
can
do
is
you
can
start
spin
up
a
cluster
to
bump
up
this
right
now
you
have
only
53
cash
size,
whatever
is
the
cash
size
at
53,
and
this
one
is
120
gb
and
what
you
can
do
is
you
can
spin
up
a
cluster
and
add
more
of
this
ready
cash
so
that
you
will
be
able
to
access
it?
C
The
third
important
point
is
how
much
time
this
content
should
be
there
on
the
radius
cache.
So
that's
a
pretty
important
thing.
So,
as
swaminathan
already
pointed
out,
one
of
the
thing
is:
if
you
want
to
automatically
remove
from
the
cache
you
can
do
that
tag
it
the
timeline
time
to
leave,
and
another
thing
is,
I
personally
don't
prefer
the
time
to
live,
because
it
is
our
responsibility
if
I
say
that
use
this
set
of
books
for
10
minutes.
C
So
are
you
sure
that
there
is
no
other
book
is
getting
added
to
the
database
within
10
minutes?
I'm
not
sure
at
least
so.
In
that
case,
what
is
happening
is
the
difference.
What
is
there
in
the
redis
cache
and
what
is
there
in
the
sql
server
doesn't
match,
so
whoever
is
using
the
cache,
because,
according
to
our
code,
it
goes
and
first
hits
if
it
is
a
hit,
it
gives
this
content
from
the
cache.
C
A
A
On
the
use
case
right,
you
can't
always
use
detail,
or
you
can't
always
use
even
based.
Also,
it
has
to
be
a
mix
of
mix
up
of
things
right.
You
need
to
choose
what
is
the
data
set
and
how
frequently
it
changes
and
then
how
long
it
needs
to
be
lived,
etc.
Right,
if,
let's
say,
if
you're
caching,
a
data
which
is
not
your
own
transaction
ladder,
but
from
an
external
system
that
could
maybe
live
for
longer
right
if
it's
not
going
to
be
changed
very
often
right.
A
So
caching,
strategy
by
itself
is
a
bigger
topic
all
right,
so
we
need
to
choose.
What
is
the
data
set?
How
big
is
the
data
set
and
how
long
the
data
should
should
be
there
and
how?
How
frequently
it
should
be
refreshed
but
to
factor
in
all
of
these
things
and
then
come
up
with
the
caching
and
the
invalidation
of
cache,
etc.
Yeah.
C
One
final
point:
the
one
final
point
for
prasad
is:
you
can
very
well
do
with
the
event
mechanism
also,
and
that
depends
upon
the
moment
here.
What
is
happening
is
the
web.
Api
itself
is
taking
a
decision
whether
to
remove
the
content
from
the
cache
or
not.
Imagine
a
serial
scenario
like
you
placed
an
order
and
they
say
that
we
received
your
order
and
right
now
they
are
not
confirming
that
the
order
has
ordered
they
have
taken
it
or
not.
They
will
put
it
in
a
queue.
C
There
might
be
some
worker
processing
which
takes
this
message
from
the
queue
and
adds
it
into
the
database
after
verifying
your
history,
whether
you
are
the
regular
pa,
you
are
paying
it
regularly
or
there
are
a
lot
of
check
bounces
from
you
or
different
scenarios,
then
either
they
will
add
the
add
this
record
into
the
table
table
so
that
you
they
will
ship
the
book
or
they
will
reject
your
order.
So
in
that
case,
what
happen
is
the
moment?
C
They
add
it,
so
they
will
also
need
to
add
drop
a
message
in
some
other
which
a
process
exclusively
works
only
for
this,
but
only
for
this
removing
the
content
and
refreshing
with
the
latest
content
that
will
pick
up
the
message
from
the
queue
and
gets
all
the
latest
records
and
drops
it.
So
that's
a
little
bit
of
more
work.
So
me
am
I
on
the
right
track
on
this
one
like
order.
D
E
A
A
Handle
the
entire
micro
services
and
even
driven
fashion
right,
okay,
getting
back
to
the
topic.
I
know
there
are
a
lot
of
interesting
questions
coming
up,
so
maybe
we'll
take
next
15
to
20.
Minutes
to
you
know
close
the
demo
part
and
then
we'll
have
a
q
one
day,
starting
from
12,
five
or
so.
Okay,
maybe
we'll
have
we'll
take
more
questions
by
then
yeah.
Oh.
A
A
Negative
response
or
a
response
which
is
lower,
I
won't
say,
negative,
some
constructive
feedback
for
us
right,
which
is
like
which
I
completely
agree.
That's
one
of
the
reasons
why
you
try
to
pull
this
in
now,
but
yeah
with
the
virtual
sessions.
There
are
little
other
technical
challenges
too,
but
let's
see
how
we
can
make
it
more
interactive.
A
C
C
Sense
make
sense,
so
let
me
quickly
go
ahead
and
deploy
the
web.
Also,
then
I'll
set
it
up
the
key
vault
and
everything
and
we'll
see
one
round
of
yeah
that
that
makes
more
sense
and
let's.
C
C
A
Yeah
yeah
right
so
yeah
since
you're
doing
on
that,
I
just
wanted
to
pull
this
up
right
around
the
azure
keyword
services.
Right
I
mean
it's
not
definitely
it
comes
with
the
cost,
but
it's
not
a
huge
cost.
It's
very,
very
minimal.
That's
one
thing
and
also
well.
The
key
walls
would
have
tightened
iterations.
I
think
amish
also
pointed
out
in
the
comments
right
akb,
which
is
azure
keyword,
has
great
integrations
with
all
other
azure
services.
The
tab,
service
or
kubernetes
service
functions
are
variable
right.
A
It's
it's
one,
common
stop
shop
for
you
to
store
all
your
secrets,
keys,
certificates,
etc.
Right,
if
you
want
to
move
to
another
cloud,
for
example,
all
you
would
need
to
do
is
just
maybe
take
these
secrets
and
then
put
put
it
into
the
cloud
native
cloud.
Specific
secret
store
there
right
in
aws,
so
other
option
is
the
photo
you
are
using
kubernetes.
Yes,
like
you
mentioned,
like
I'm
just
mentioned,
you
can
use
either
k8
secrets
or,
if
you
want
to
keep
it
completely
cloud
diagnostic,
you
could
also
go
with
the
third
party.
A
Walls
like
hashicorp
walls
or
different
other
walls
are
available,
which
would
become
like
an
external
to
the
cloud,
but
the
thing
is
that
tighter
integration
would
not
be
there.
What
I
mean
by
tighter
integration
is
now
when
he
shows
the
demo
right.
He
would
deploy
the
dotnet
app
into
the
azure
app
service
and
from
app
service.
You
can
directly
connect
to
the
keyword
and
then
you
can
pull
all
the
secrets
during
runtime
or
during
build
time,
and
those
kind
of
tight
integrations
would
would
not
be
possible
if
you
are
using
external
external
walls.
A
C
Just
want
to
highlight
I
just
I
just
want
to
highlight
one
piece
over
here
is:
I
need
to
look
into
the
keyboard,
I'm
I'm
in
the
wrong
place.
Apologize
for.
E
C
I
just
want
to
bring
one
important
point
here,
this
one,
so
this
security
comes
with
backed
up
with
hsm
hardware
security
model.
That
means
I
I
worked
on.
I
worked
on
on
etm
applications.
So
what
happen
is
the
hsm
security?
Is
that
it
generates
this
keys
or
32.
C
I'm
talking
I'm
telling
this
story
about
2010.,
so
the
security,
whatever
it
generates
out
of
this
hsm.
That
will
be
in
two
different
pieces.
So
I
know
the
first
16
digits
of
the
key
and
swaminathan
knows
the
second
16
digits
of
the
key,
so
he
comes
and
he
keys
in
16
digits
and
I
come
and
I
key
my
second
16
digits,
so
that's
secured.
So
what
is
hsm
managed?
You
can
have
use
this
one.
This
is
a
pretty
much
tightly
secured.
C
The
hardware
security
model
which
generates
the
keys
and
a
lot
of
things
are
there.
I
mean
it's
very
tough
to
crack
this
one,
because
until
unless
both
the
people
are
using
that
you
can't
crack
it,
because
only
you
will
have
only
the
partial
key
and
the
second
thing
is,
you
can
have
your
own,
you
don't
want
to
use
this.
Hsm
security
backed
up
and
you
want
to
bring
in
your
own
keys.
You
can
do
that
one
also.
C
This
is
also
highly
secured
that
one
point
I
just
wanted
to
bring
in
while
it
is
getting
deployed.
I
just
want
to
speak
on
this
app
service.
Also.
This
is
pretty
pretty
good
thing.
So,
while
you
take
this,
what
is
available
so
if
you
use
free,
you
will
get,
you
can
deploy,
10
websites
1gb
and
it's
a
shared
compute,
so
you
will
have
60
minutes
of
dedicated
time
and
the
shade
you
have
this
thing.
C
C
So
if
for
for
some
reason
and-
and
it
goes
on
like
this-
and
something
known
as
isolated,
that
means
you
are
not
using
the
here.
It
is
a
shared
compute
and
here
is
a
dedicated
compute.
This
is
an
isolated.
I
mean
the
dedicated
compute
is
other
people
also
can
be
there
within
the
same
infrastructure,
but
here
it
is
only
you,
no
other
person
will
be
sharing
it.
C
Okay
and
another
important
point
I
just
wanted
to
use
is
this
authentication
mechanism.
I
think
I
will
not
have
some
time.
I
just
picked
it
up,
but
I
will
go
into
this
settings
section
so
in
this
settings
section
there
are
a
couple
of
important
points.
I
want
to
highlight
that
the
key
thing
is,
you
can
do
a
bulk
edit
or-
and
this
is
the
key
thing
so
in
our
configuration
in
our
local
configuration.
If
you
come
and
see
how
do
we
use
the
connection
connection
strings
or
whatever
the
settings?
C
I
said
that
odd
zero
authority,
r0
colon
authority,
r0
colon
client,
id
r0,
colon
response
type-
so
that's
how
we
go
ahead
and
read
it
from
within
the
from
within
our
code.
This
is
how
we
read
it.
Web
api
is
colon
book
and
and
rest
of
the
things
also,
you
can
see
this
baby
colon
books,
so
that
will
not
work
when
it
gets
deployed
to
azure.
So
what
happen
is
this
colon
has
to
be
replaced
with
double
underscore
underscore
underscore?
C
Please
ensure
that
you're
doing
that,
and
you
can
do
it
bulk
edit,
we'll
see
that
underscore
underscore
in
a
moment,
and
another
important
point
which
I
want
to
highlight
is
this
will
come
into
the
picture
when
you're
using
the
connection
strings
from
this
block.
I
would
quickly
switch
over
here.
C
To
this
guy
I
mean
technically,
I
just
want
to
give
that
right.
Now,
I'm
not
using
that
way.
Maybe
in
the
next
month's
demo,
when
we
introduce
azure
function,
we'll
definitely
I'll
definitely
show
that
the
this
we
will
come
back
to
that
one.
So
if
you
have
the
connection
string,
so
the
block
itself
will
be
connection
strings,
colon,
something
default
connection
string
or
something.
So
if
I
come
back
over.
C
Here
yeah
here
you
can
see
this
so
the
connection,
the
connection
strings,
colon
connection
string
because
it's
a
child
object
in
that
json.
So
what
happen
is
you
should
be
very
careful
when
you
are
using
in
azure
functions
when
you
create
the
when
you
create
this
sql,
when
you
create
this
connection
string
for
azure,
so
it
will
prefix
this
with
this
sql
azure
con
str
underscore,
and
if
you
try
to
access
like
access
the
way
which
we
do
it
locally
connection
strings
colon,
then
it
will
blow.
C
So
you
need
to
ensure
that
your
the
way
you
are
accessing
will
also
change.
I
have
used
in
the
core,
I
just
created
a
so
if
it
is
like
a
connection,
strings,
sql
connection
string,
this
will
work
here
in
app
service.
When
you
go
to
that
azure
functions,
it
should
be
the.
It
should
be
this
model,
so
sql
azure
con
str
underscore
your
sql
connection
string.
If
not,
it
will
be
gone.
You'll
spend
hours
together.
I
spent
myself
spend
four
hours
to
crack
that
it
was
my
mistake.
C
So
that's
one
point
and
the
second
important
point
to
highlight
over
here.
There
are
a
lot
of
things
to
discuss,
but
I'm
just
highlighting
the
one
which
troubled
me,
so
I
think
that's
it
from
there
and
I
piled
up
few
important
points
to
discuss.
Yeah
scaling
is
very,
very
important.
So
how
do
you?
How
do
you
scale?
C
Okay,
I
mean
scale
up-
is
adding
more
resources
and
scale
out
is
adding
more
instances?
Okay,
so
here
we
need
to
come
and
verify
that
what
app
service
plan
supports.
What
facilities
features
include
like
you
say
that
I
want
a
pizza
with
pineapple
topping
you
say:
that's
20,
rupees
more
with
another
topping
you'll
say
this
are
40
minutes,
40,
rupees
more!
It's
like
the
same
toppings.
C
Okay.
That
shows
that
I'm
feeling
angry
I'm
talking
about
this
one.
Okay,
so
the
scaling
is
very,
very
important.
The
configuration
we
have
gone
through
the
configuration
yes.
So
this
is
the
important
point
which
I
want
to
highlight
here.
So
what
we
can
do
is
we
can
scale
if
it
is
the
basic
one
you
can
do
a
manual
scale
and
if
it
is
standard
and
double
you
can
do
a
autoscale
so
in
auto
scale.
C
Also,
there
are
a
couple
of
things
which
we
can
do
so
for
the
first
thing
is
where,
where
you,
you
have
scale
based
on
the
schedule,
so
what
I'm
telling
is
next
month,
like
whatever
the
festival,
whichever
is
coming
so
on
those
first
12
days.
C
We
want
to
bump
it
up
to
three
instances
or
two
instances,
so
we
can
say
that
our
on
weekends
reduce
to
one
sentence,
one
instances,
and
you
can
say
that
okay,
minimum
maximum
and
the
default
so
based
on
this
scaling
and
scale
out
and
scale
on
schedule
or
scale
differently,
on
specific
dates,
like
whatever
the
festival
like
black
friday
or
whatever,
not
coming
in
number.
C
So
sales
will
be
huge,
so
we
can
increase
bump
it
up
to
more
number
of
things
and-
and
another
important
point
is
we
have
to
auto
scale
based
on
the
metrics.
C
So,
whenever
the
auto
scale,
based
on
the
metrics,
whenever
the
cpu
is
more
than
70
for
past
15
minutes
or
10
minutes,
bump
up
a
new
instance
and
while
bumping
up
the
new
instance
also
what
we
can,
what
we
have
to
definitely
do
is
we
need
to
ensure
that
the
load
is
because,
while
the
new
instance
is
coming
the
current
instance
or
the
current
instance,
whatever
is
whatever
is
accepting
the
request,
it
should
not
blow
because
if
it
is
more
number
of
users
are
adding
and
it
goes
to
75
18
90
and
at
some
time
it
might
say
that
it's
not
able
to
process
or
it's
taking
longer
time
or
it
might
say,
503,
that's
one
consideration
and
another
important
thing.
C
As
azure
okay,
so
this
is
very
very
important.
While
we
are
switching
between
slots,
so
you
can
see
this.
We
can
add
a
slot
and
test
it
like
you
have
staging
and
fraud
and
we
will
switch
while
switching
also,
what
we
have
to
ensure
is.
We
are
doing
a
balance
of
this
traffic
percentage.
So
how
do
you
want
to
handle
this?
Do
you
want
to
send
100
of
the
traffic
to
the
new
and
nothing
to
the
old
slot,
or
how
do
you
want
to
50
50
60
40?
C
Whatever
is
the
combination
with
real
time
scenarios,
because
the
new
slot
will
definitely
they
they
see
that
change
and
another
important
point
is:
please
go
through
this
documentation,
so
we
need
to
have
that
warm-up
and
application
initialization.
So
it
will
ensure
that
until
unless
the
application
installation
is
done
in
the
new
slot
and
the
warm-up,
that
means
it
is
able
to
hit
that
end
point
and
it
is
able
to
get
the
response.
C
C
C
I'll
go
back
to
the
prod
instance,
get
the
radius
and
there
are
again
some
consideration
in
the
redis
cache.
Also
redis
cache
is
in
memory.
So
if
some
piece
of
some
piece
of
information
which
is
which
you
are
storing
in
red,
is
that
is
in
memory,
someone
can
get
that
information
so.
C
Security,
so
you
need
to
bump
up
your
radius
cache
to
premium,
so
that
will
be
backed
up
with
the
content,
storing
in
the
storage
and
where
you
will
get
the
benefit
of
benefit
of
data
in
rest,
so
somewhere
it
will
be
here
in
this.
You
need
to
go
and
check
the
security
practices
over
here
you,
you
can
have
this
network
house
isolation.
This
is
one
thing
and
another.
Another
important
thing
is
the
storage
address.
Rest,
that's
very
important.
Let's
see
that
encryptions
are
in
encryption
yeah.
So
this
is.
C
This
is
one
of
the
important
things,
so
you
need
to
ensure
that
how
much
it
is
there
and
what
level
of
plan
you
need
to
take
so
that
you
know
you
will
have
this.
This
is
the
one
which
is
there,
but
the
content
which
is
stored
on
the
memory.
If
someone's
get
into
that
it
might
be
dangerous.
So
we
have
to
use
that
security
practice.
While
I
was
creating
it,
I
got
the.
C
C
A
I
think
we
are
ready
to
showcase
the
blazer
wisem
and
the
auto
part,
maybe
yeah.
C
C
Okay,
so
just
you
want
to
take
a
audience
puller,
let's
go
ahead,
and
do
that.
That's
also
fine
with
me.
C
No
10
minutes
will
be
less
yeah
unrealistic.
Like
I'm
preparing
for
failure.
I
don't
want
to
do
that.
Okay,
I
can
explain
that
there
itself.
That's
that's
good
thing,
let's
go
ahead
and
do
it
so
folks,
let's
we
are
falling
back
on
the
demo
which
we
set
it
up.
That
way.
You
know
we'll
understand
this
one
and
the.
C
Before
yeah
yeah.
A
Is
also
and
dotnet
app,
so
that's
also
different
into
the
app
service
right.
So
how
which
was
showed
now
about
deploying
the
web
api
into
the
app
azure
app
service,
it's
the
same,
exactly
the
same
pattern.
What
would
be
used
for
that
also,
but
there's
no
difference.
That's
one
of
the
one
of
the
best
things
about
using
dot
net
right.
You
can.
You
can
use
the
same
language
in
the
same
deployments
at
the
same
development
and
everything,
and
then
you
can.
You
can
do
front
end
and
the
back
end
also
right.
A
So
what
we
would
do
now
is.
We
will
just
go
ahead
and
show
the
application
and
then
show
how
the
authorization
everything
is
work.
And
then
maybe
you
could
just
touch
upon
the
zero
integration
here.
How
we
have
done
yeah.
C
Right
right,
I
just
want
to
highlight
one
piece
of
information
here.
That's
my
favorite
tool,
kudu.
E
C
Okay,
this
is
a
very
good
place
for
us
to
find.
Sometimes
what
happen
is
we
have
a
scenario
where
the
application
is
failing
and
you
are
getting.
You
are
having
no
clue
why
it
is
failing
seriously,
no
clue
why
it
is
failing.
So
you
have
to
come
to
this
kudu
console
get
into
that
log
files
and
there'll
be
different
errors
like
a
detailed
errors
or
a
lot
of
other
logs
or
application
inserts
or
application
logs.
So
I
really
fall
back
on
this
guy
detailers
I'll
show
you
why
and
also
this
is
iis
logs.
C
You
can
see
that
this
one
is
logs
and
this
is
http,
and
this
is
application
logs
you're
having
the
diagnostics
and
all
those
things.
So,
coming
back
to
this
detail,
detailed
error-
I
want
to
highlight
one
piece:
is
this
one?
I
will
want
to
not
this
one.
C
Whatever
is
our
event
lock
yeah,
this
is
the
one
I
was
searching
for.
Whatever
is
our
windows
event
lock
that
will
be
here
so
anytime.
You
landed
in
a
critical
situation
where
you
you're
not
able
to
crack
it.
So
please
fall
back
on
this
guy.
This
guy's
gives
you
very,
very
detailed
information,
so
whatever
you
see
in
your
in
your
event,
log-
that's
what
is
this
so
see
this?
This
one
keyboard
not
supported,
so
we
will
not
have
this
clues
so
why
this
unhandled
exception
is
being
thrown
or
whatever
it
is.
C
So,
please
fall
back
on
this
one
and
okay,
and
also
you
can
see
the
process
explorer
on
here,
and
this
logs
is
very,
very
important
point
and
you
see
this
process
explorer
the
site
extensions.
C
So
that's
two
that
shows
that
what
commands
are
being
run-
and
there
are
a
couple
of
tools
which
you
can
use
and
another
important
point
I
want
to
highlight
here
is:
I
mean-
which
technically
do
with
this
app
service
editor.
Also
that's
more.
If
you're
a
command
line
guy,
then
you
can
come
in
here
and
this
is
under
wrote.
C
C
Into
the
cat
of
this
one-
or
I
can
select
this
and
click
on
this,
I
will
know
what
information
is
there.
This
is
the
important
point
I
just
wanted
to
show
that
and
from
the
auth
zero
perspective.
I
really
like
this
r0,
that's
a
fantastic
application,
they're
giving
it
for
free
and
we
can
use
it
for
any
number
of
days.
So
what
we
did
is
we
have
created
a
application
here.
We
called
it
as
a
this
one,
bookstore
blazer
vasm
and
inside
that
bookstore
blazer
version.
We
have
this
bookstore
blazer
version.
We
have
this.
C
We
have
this
here,
so
allowed
callbacks
your
callback
url
and
allowed
log
out,
and
they
did
a
very
fantastic
job
of
creating
the
documentation.
So
we
don't
need
to
go
speak
to
anyone
ask.
Did
you
configure
how
to
configure?
No,
nothing,
nothing
is
needed.
I
don't
need
it
I'll.
Show
you
a
couple
of
urls,
it's
pretty
pretty
extensive,
so
you
can
come
in
here
and
how
to
integrate
this
or
how
to
secure
your
blazer
basm
or
how
to
secure
your
web
api.
They
have
given
step
by
step
instruction.
C
That's
that
is,
for
the
dot
net
file.
Okay,
the
sdk
is
also
latest
one.
So
what
we
have
to
do
is
technically
we
need
to
come
and
create.
This
is
the
one
which
is
showing
that
how
they
are
accessing
without
authentication
mechanism
and
and
then
what
we
need
to
do
is
we
need
to
go
to
that
zero
dashboard
and
create
an
application
and
select
the
single
page,
spa,
okay
and
then
we
need
to
add
the
we
need
to
settings.
We
need
to
add
this
allowed
callback
urls
and
allowed
log
out
urls.
C
So
technically,
that's
what
we
need
to
do
here
so
here
in
this
callback
urls
and
we
need
to
add
the
logout
urls
and
because
there
are
multiple
things
you
need
to
set
the
return
to
url.
If
you
don't
what
happen
is
it
will
return
to
the
first
end
point.
So
whatever
is
the
first
endpoint?
Is
this
one?
It
will
always
go.
Go
back
to
this
one,
even
if
I
am
accessing
from
my
local.
It
always
go.
Go
back
to
this
one,
so
you
need
to
ensure
that
you
are
hooking
up
this
return
tool.
C
C
The
settings
I
will
go
to
yeah,
I
actually,
I
did
one
short
circuit
technically,
I
should
have
technically.
I
should
have
used
a
api
method
to
bring
in
this
configuration,
because
this
is
not
safe,
safe.
It
is,
it
is
going
to
spit
out
all
these
credentials
openly,
so
it
is
dangerous.
I
am
it
was
my
mistake.
I
didn't
do
a
call
to
key
vault
and
bring
in
those
credentials
through
api
and
use
it.
C
So
I
did
a
short
of
that.
I
want
to
show
that
so
that's
the
first
piece
of
information.
We
need
to
have
the
authority
and
client
id,
so
this
is
the
other
way.
Instead
of
using
the
kudu
console,
you
can
use
this
one.
Also,
the
prod
json
is
one
so
your
authority
and
client
id.
So
these
two
pieces.
You
need
to
have
this
one
in
the
blazer
app
this
one.
Okay
and
then
we
need
to
add
this
package,
and
then
you
have
to
add
this
authentication
mechanism.
C
I
mean
that
was
also
given
in
a
different
place,
but
I
had
to
look
out
for
that.
So
in
this
program.cs
we
will
add
the
authentication
this
piece,
and
the
second
important
piece
is
where
you
are
calling
the
web
api.
We
need
to
add
this
piece
of
information
so
that
you
know
it
will
pass
the
access
token.
It
doesn't
use
the
identity
token.
So
when
I
was
doing
that
mistake,
I
came
to
know
that
I
should
not
use
the
id
token
when
I'm
doing
a
handshake
with
the
api
we'll
see
that
in
in
live.
C
So
that's
the
one
thing
which
you
need
to
do
it:
okay
and
then
the
next
piece.
What
we,
what
we
have
to
do
is
coming
back
to
this
shared.
We
have
this
access
control.
We
need
to
create
this
component.
Everything
is
has
been
documented.
Nothing
is
missing,
so
everything
is
documented,
makito
monkey.
If
you
copy,
follow
in
the
instruction
in
this
r0
documentation,
you
will
be
able
to
set
it
up.
Everything
within
one
or
two
hours
did
not
take
much
time.
C
So
that
is
another
piece
of
information
you
need
to
do
that,
and
another
thing
is
this:
in
the
main
layout:
we
are
placing
this
access
control,
this
razor
component
and
in
the
nav
menu.
We
are
using
this
one
and
coming
back
to
this
appraiser.
This
is
where
we
are
saying
that
it
was
like
this.
It
wasn't
using
the
authentication.
Now
we
are
saying
that
authorized
view
and
if
it
is
not
authorized,
we'll
say
that
you're
you're
not
able
to
use
it.
C
Okay,
if
something
is
not
one
we'll
come
in
here
and
this
one,
that's
about
the
changes
which
you
have
to
do
see
this
the
sorry
north
ordinance
and
then
corresponding
the
access
token,
what
we
get
it
from
the
identity.
We
need
to
pass
that
to
do
a
exchange
with
the
api.
We
need
to
get
the
content
from
the
api.
So
what
we
do
is
we
need
to
register
an
api
either.
We
can
do
that
or
we
already
have
it
isn't
it.
C
The
work
from
home
and
the
school
is
also
from
home,
so
you
might
use
here
some
background
noise.
My
son
answering
the
question
to
a
teacher
to
his
teacher.
I'm
sorry
so
definitely
you'll
hear
some
background
noises.
So
this
is
the
one
one
piece
of
information
we
need
to
add
it
and
and
that's
it
and
then
you
will
add,
use
authorization
use
authentication.
These
are
the
two
pieces
after
routing
this
is
the
order.
It
should
be
just
before
the
end
point.
C
So
just
before
the
end
point,
it
should
be
routing
and
use
authentication
and
authorization
and
add
this
stack,
that's
it
so
we
go
in
here.
So
you
see
that
so
now
it
is
all
configured
now.
We
will
come
back
to
this
one
where
we
are
adding
the
message
analyst.
So
the
message
analyst
will
ensure
that
it
is
sending
the
it
is,
sending
the
access
token.
Instead
of
the
id
token.
Let's
see
that
what
is
access
token
and
what
is
id
token,
we
will
speak
speak
on
that.
C
But
there
is
an
issue
defining
the
default
audience
because
at
this
point
of
time
he
mentioned
it
that
what
was
happening
is.
It
was
not
passing
the
proper
proper
id
token
and
I
was
getting
this
four
zero
four
zero
one.
So
it
was
happening
for
a
long
time
and
he
has
given
the
work
around
also,
but
he
told
that
the.
A
C
C
C
Now
uss,
so
you
see
that
whenever
the
laser
basm
you
use
it
for
the
first
time
but
which
you
are
not
seeing
here,
which
you
are
not
seeing
here
in
this,
the
main
one.
So
when
this
is
the
one
which
I'm
accessing
for
the
first
time,
so
when
I'm
accessing
for
the
first
time
is
that
it
will
bring
in
everything,
see,
I
told,
isn't
it
if
you
put
it
anything
in
the
app
settings.json,
it
is
not
at
all
secure.
C
If
I
come
and
click
it
that
guy
will
get
every
piece
of
information
whatever
I
am
using
my
security
codes,
everything
is
out
so
actually
technically.
I
should
use
it
some
c
sharp
code
to
bring
in
from
an
api
some
mechanism.
Might
we
need
to
add
it
we'll
look
into
that
in
future
episode.
But
this
is
the
security
stuff
do
not
put
anything
over
here
and
every
c-sharp
dll
will
get
downloaded
to
the,
because
this
is
a
single
page
application.
C
Isn't
it
everything
will
get
downloaded
okay,
including
the
blazervasm
and
net
everything
is
coming
in
here.
So
I
will
clear
this
and
again
I
do
a
refresh,
and
now
you
see
that
only
the
things
which
are
needed,
it's
bringing
in
that
those
pieces
but
rest
of
the
pieces.
They
are
not.
So
I
just
click
on
this.
It
is
not
authorized
and
again
I
will
click
on
login.
So
the
moment
I
click
on
login.
It
goes
and
hits
the
auth
0.
So
I
use
this
demo
user
one
the
same
password
I
use
universal.
C
So
we
do
that
and
what
happen
is
now
it
goes
and
authenticating
and
it
is
coming
back
to
the
login.
It
shows
that
welcome
demo,
one
user
and
now
I
will
go
and
speak
about
the
tokens
here-
the
couple
of
tokens
here
so
so
we
have
this
id
token
and
auth
token
jwt
io.
C
Okay
now
see
this,
this
access
token
always
use
access
token
to
do
an
handshake
with
an
api.
So
this
shows
that
audience
and
it's
it's
a
little
bit
secure.
I
mean
some
of
the
pieces,
it's
spitting
it
out,
but
that's
what
it
is
use,
access,
token
and
I'll
take
another
instance
of
io
and
what
happens
if
we
use
the
id
token
I
mean
we
can't
protect
ourselves,
but,
yes,
we
are
seeing
what
best
can
be
done
in
this
agile
world.
C
A
lot
of
information
is
coming
out
of
this,
so
always
when
you
do
an
handshake
with
an
api
use,
the
user
access
token,
so
you're
not
having
those
things
here
in
this,
the
claims
and
other
things
will
also
come
in
in
this
piece,
so
always
use
id
token
at
the
front
end
or
the
place,
the
main
app,
which
is
using
so
just
to
understand
that
what
menu
options
we
need
to
enable
do.
C
I
need
to
enable
the
book
list,
or
do
I
need
to
enable
the
fetch
data
or
counter
are
those
kind
of
things
okay,
this
guy
has
logged
in
and
what
claims
it
is
coming.
Where
should
you
use
and
all
those
things-
and
this
access
token
is
just
you're,
giving
a
proof
to
api,
saying
that
hey,
I'm
a
legal
guy?
I
authorize
myself.
Please
accept
this
access
token
and
give
me
the
content.
Okay.
That
being
said,
let
me
come
back
over
here
and
do
a
clear
to
the
network
and
I
go
and
come
here.
C
It
is
bringing
in
this
content
for
the
first
time
and
I
go
to
the
content,
even
though
it's
a
c
sharp
see
that,
even
though
it's
a
c
sharp
it's
not
executing,
if
it
is
an
asp.net,
mvc
web
forms
or
whatever
it
is,
when
you
click
the
button,
it
goes
and
executes
the
code
on
the
server.
So
here
see
that
there
is
no
network
activity
happens
and
another
important
point
is:
I
do
the
fetch
again
see
this?
E
C
C
Sending
the
access
token
it's
not
sending
the
id
token
okay
and
another
important
point
which
I
want
to
highlight
here-
is
I'll.
Take
quick
minute
couple
minutes
to
speak
about
the
apim.
So
this
is
an
api
management,
and
how
do
you
configure
here
so
you'll
go
to
this
apis
and
you
will
have
these
funny
facilities
create
a
blank
api
or
open
api,
spec
or
wsdl,
your
old
soap
or
xml?
I
used
to
use
in
2003
four
five,
six,
seven
and
eight
and
wsdls
and
logic
app
service.
C
Azure
functions,
we'll
see
that
in
in
a
future
episode
where
we
are
doing
the
functions
in
api
management-
and
this
is
the
things
and
here
couple
of
important
points.
What
we
can
do
is
I
just
want
to
highlight
that
I
am
here.
I
have
an
access
to
this
api
management
and
I'm
heating
one
two,
three,
four,
five,
six,
I
write
a
script.
C
I
can
bring
down
this
server
so
in
that
inbound
policies,
something
you
know
you
have
this
known
as
a
rate
limit,
so
you
can
say
that
within
one
minute
from
a
particular
ip,
you
can't
hit
more
than
five
times
or
10
times,
based
on
the
user's
journey.
How
much,
how
much
time
you
need
to
place
an
order
in
amazon
or
any
e-commerce
shopping.
So,
based
on
that,
you
need
to
decide
that
how
many
calls
I
can
expect
that
from
this
particular
user.
C
So
you
can
use
this
one
and
you
can
have
an
ip
filter
and
allow
cross
origins
lot
of
other
things
are
there,
but
please
do
explore
this
one
and
we
have
the
jwt
world
validation.
Also,
let's
go
and
quickly
see
that
so
the
jwt
validation
is
saying
that,
if
cross
origin
allow
this
from
the
website
or
the
local
and
as
I
told
we
have
opened
it
for
a
while
just
for
the
demo,
please
do
not
do
this
in
your
production
and
and
another
important
jwbt
validation
is
pretty
simple.
C
All
you
need
to
do
is
go
this,
bring
it
this
configuration
and
give
the
audience
that's
it
now.
It
is
going
to
take
care
of
your
access
token.
So
if
I
come
in
here-
and
I
don't
send
that
access
token-
and
I
do
a
hit-
it
says
that
it's
not.
This
is
the
message.
I've
given
here,
please
pass
r0
axis
token:
that's
what
I'm
getting
in
here.
Okay,
the
other
mechanism
is
to
do
it
over
here.
So
it
says
that
subscription
key
is
missing.
C
C
A
Okay,
yeah,
before,
as
we
take
the
questions,
I
also
have
put
a
ticker
in
the
bottom
of
the
stream
right,
so
please
go
ahead
and
fill
in
your
feedback.
If
in
case
you
think
the
content
could
be
made
concise
or
I
know
if
you
have
any
other
content
options.
If
you
want
to
hear
from
us
or
any
sessions,
etc,
please
go
ahead
and
pass
on
the
feedback.
A
We
will
take
it
up.
That's
one
part:
that's
the
important
part
of
taking
the
feedback,
and
the
second
part
is
in
the
beginning.
Like
I
mentioned,
we
will
be
doing
a
raffle
and
then
I
will
be
picking
a
couple
of
winners,
a
couple
of
folks
from
there
from
the
raffle
and
then
they
would
be
getting
a
just
branch
license,
so
you
can
download
resharper
or
whatever
the
rider
or
whatever
the
tool
of
your
choice.
Okay,
so
please
feel
the
so
even
for
that
I
would
need
the
need
to
know
the
identities
of
the
people.
A
So
that's
one
of
the
reasons
why
we
are
capturing
the
email
address
in
there
in
the
feedback
all
right,
so
please
go
ahead
and
do
the
feedback.
As
we
answer
a
couple
of
questions
here,
okay,
I
see
only.
A
F
A
C
Oh
actually,
what
happen
is
the
backpack
the
project
itself?
You
see
this.
The
project
itself
will
be
one
single
project.
This
will
be
the
this
will
be
the
project.
Okay,
while
you
are
deploying
it
to
the
resource
resource
group,
you
will
have
the
release
pipeline,
so
each
of
those
release
pipe
each
of
those
release
pipeline
will
be
pointing
to
a
re
to
a
different
resource
group
or
a
different
subscription.
C
Once
again,
azure
release
pipeline
so
serious
here
what
happen
is
when
you
are
going
and
deploying
it
so
the
release
pipeline
will
go
and
deploy
to
different
environments,
but
the
project,
whatever
the
sql
server
project,
is
only
one
in
one
project.
Okay,
so
you
do
it
because
the
same
set
of
tables,
stored
pressure,
the
content
and
everything
should
get
deployed
across
multiple
environments.
A
Okay,
yeah,
I
think
it's
more
around
different
databases
if
I'm
not
wrong
or
if
you
understand
the
question
properly.
So
let's
say:
if
we
have
multiple
databases,
should
we
create
one
backpack
project
per
database.
A
A
See
if
you're
having
two
different
sql
databases
right,
can
one
dashboard
project
deploy
into
both
of
them
or
do
we
need
two
different
backpack
projects.
C
I
think
we
have
to
go
with
two,
because
what
is
happening
is
here
when
we
try
to
deploy.
We
are
targeting
to
one
particular
database
if
you
have
two
different
databases:
let's
assume
that
the
customer
and
professors
like
this
is
the
e-commerce
shop,
and
this
is
a
student
or
a
college
shop.
If
you
mix
up
both
this
in
a
single
project
when
you
deploy
all
the
artifacts
from
this
particular
sql
server
project
gets
deployed
in
that
particular
database.
C
A
A
Context
perspective:
yes,
it
it
validates
that
principle
right.
You
need
to
separate
things
and
then
each
microservice
should
have
its
own
database.
So
technically
you
will
have
one
backpack
project
catering
to
that
particular
micro
service,
related
tables
or
so-
and
I
just
greatly
mentioned.
If
you
take
an
example
of
college
and
the
other
one.
Yes,
you
don't
want
to
do
that
way.
B
A
Yeah,
this
is
what
actually
was
pipelines
in
azure
devops.
You
could
do
that
right,
you,
you
can
define
different
enrollment
specific
variables
and
then
you
can
change
your
app
settings
appropriately
if
you're,
using
azure,
devops
or
if
in
case
you're
using
github
actions
or
anything
else.
Also,
it
is
possible
all
right.
Go
ahead.
Good
I'll
I'll
I'll
talk
afterwards.
A
Yeah
sure
yeah
what
I
was
the
thing
I
was
going
to
tell
this.
Even
with
the
code
projects
also,
you
can
have
different
json
files,
it
app
settings.development.org
app
settings
dot,
whatever
your
production.json
and
different
things.
That's
also
another
way
to
handle
the
environment
specific
variables,
but
if
you
want
to
maintain
only
one
and
then
want
to
change
it
dynamically,
yes,
you
can
use
azure,
devops
pipelines
to
do
that.
E
C
Tokens
so
whatever
the
json
files
are
the
config
files
you
bring
in
all
those
config
files,
and
you
tell
the
you-
will
have
this
prefix
token
prefix
and
then
based
on
the
variables
that
will
go
and
replace
this
one.
You
will
have
a
variables
here
in
the
release
pipeline
or
sorry
bill
pipeline
in
the
ci
bill,
so
we
used
to
have
the
gated
builds
and
the
ci
bill,
so
the
gated
bill
gets
triggered.
When
you
raise
someone
raise
the
pull
request.
C
It
needs
to
know
whether
the
code
is
in
a
compilable
state
and
we
run
the
sonar
queue
and
if
the
number
of
issues
are
more
than
the
quality
gate
check,
it
will
break
the
build.
And
if
the
unit
test
is
not
more
than
eighty
percent,
it
will
break
the
build
lot
of
bill
breakers
and
we
should
ensure
before
doing
the
code
review.
That
code
is
in
a
compilable
state.
C
So
in
the
ci
bill
is
where
we
go
and
replace
the
tokens
and
do
all
those
kind
of
things
so
that
you
know
the
artifact
has
got
the
the
file
so
based
on
the
environment,
where
you're
doing
or
you
can
do
that-
one
if
it
is
a
common.
If
it
is
a
separate
again,
you
need
to
handle
it
in
the
release
pipeline.
The
as
swaminathan
was
mentioning.
We
used
to
have
a
separate
parameter
file,
as
well
as
a
json
file
for
each
environment,
so
that
will
be
easy
to
handle.
A
Yeah
another
question
from
is
not
a
question
just
to
ask:
is
that
can
these
documentation
links
be
shared,
and
so
what
I
would
request,
if
you
could
add
these
reference
documentation,
links
in
your
github
readme
right
and
then
that
would
be
good
and
we
will
share
the
github
link
with
that
with
the
audience
I've
already
posted.
A
Okay
and
yeah,
so
this
is
more
of
a
kind
of
feedback,
a
future
session,
I
believe,
can
you
expect
azure,
ad
config
and
code
walkthrough
for
web
and
api,
app
app
service,
environment
and
virtual
networking
with
sample
reference
architecture?
Yes,
that's
a
very
good
thing
to
cover
something
they
will
try
to
create
some
sessions
around.
That.
C
Yeah,
definitely
I
mean
what
we
can
showcase
is
we
can
take
an
application,
angular
application
and
and
show
how
we
can
configure
then
in
r0
how
we
can
configure
in
azure
ready
how
we
can
configure.
E
C
Identity-
third
third
party
idp,
so
they
know
the
difference
talking
to
multiple
idps.
We'll
definitely
do
thanks.
C
E
A
C
That
should
be
here
cross
site,
request
forgery.
It
is
not
possible
once
again
I'll.
Tell
you
I'll
tell
you.
C
With
pixie-
and
this
is
the
one
which
is
going
to
protect
us
from
with
this-
is
the
one
which
is
going
to
protect
us
from
cross
right
cross
site,
request
forgery.
If
I'm
not
wrong
once
again,
for.
C
C
A
Is
is
an
evolving
technology
now,
right
and
and
the
kind
of
yes
both
are
for
building
sps,
which
is
single,
page
applications
right,
but
both
solves
different
purposes,
and
it's
not
like
an
apple
typical
kind
of
a
comparison
right.
Blazer
is
not
there
to
kill,
angular
react
view
or
anything
like
that
correct.
If
you
are
having
a
dotnet
background,
if
you
want
to
get
into
your,
if
you
want
to
get
into
the
front
end
kind
of
an
application
development,
you
don't
want
to.
A
Programming,
language,
like
javascript
or
typescript,
or
anything
else,
you
could
leverage
your
dotnet
knowledge
and
then
build
with
blazer,
right
and
and
since
blizzard
is
a
single
page
application.
Definitely
it
also
supports
the
pws,
which
is
a
progressive
web,
apps
right,
so
it
it
really
boils
down
to
what
kind
of
apps
we
are
building
right.
I
I
like
this
statement,
which
one
of
my
colleagues
mentioned.
It
are
we
looking
at
building
the
fastest
application
in
the
world,
or
are
we
looking
at
building
the
application
in
a
faster
manner
right?
A
That
means,
if
you
are
a
dotted
background,
you
don't
have
a
lot
of
learning
curve.
If
you
are
building
applications
on
blazer
right,
it
really
depends
on
what
kind
of
functions
you
want
to
implement
and
then
and
and
that's
what
would
define,
which
would
be
faster
or
which
would
be
better
over
there
right.
C
Yeah
yeah
and
another
another
thing
I
will
I
will
speak
is
yeah
technology
point
is
one
which
you
already
covered
swarming
and
another
point
is
we
need
to
do
a
technical
feasibility
study
and
performance
testing
of
a
p0
use
case
before
choosing
a
or
b
you
know
I
selected
blazer
and
I'm
seeing
that
blazer
doesn't
support
a
particular
thing
or
react
doesn't
support
a
particular
thing.
Then
there
is
no
going
back.
You
already
committed
your
four
sprints
or
five
friends
into
the
project
and
and
you'll
be
beaten
to
death.
C
If
you
say
that
I've
selected
a
wrong
technology,
I
need
to
go
back
and
do
it
in
another
technology.
Isn't
it
so
just
to
be
on
a
safer
side?
You
need
to
do
a
take
feasibility
study
before
choosing
it
and
and
at
least
a
performance
testing
of
a
p0
use
case
and
that
to
very
toughest
use
case
in
your
entire
project.
C
Do
that
technical
feasibility
and
a
performance
study
on
those
one
or
two
toughest
use
cases,
not
a
simple
screen
where
you
go
and
talk
to
a
sql
server
flush
it
some
table
onto
the
screen.
That
will
be
easy.
Anyone
can
do
it
so
check
on
the
features.
What
is
needed
and
check
whether
this
particular
technology
supports
it
or
not.
So
that's
very
important.
C
I
mean
it's
all
like
trial
and
error.
You
need
to
try
and
then
you
need
to
come.
I
mean
I
mean
if
we
start
thinking
about
that
see
in
dotnet,
lot
of
dlls
are
getting
downloaded
onto
the
browser.
We
saw
that
just
now
and
in
one
of
my
tech
talk
the
audience
they
asked
it.
Can
we
do
a
debug
as
we
are
doing
it
in
angular,
and
he
said
that
no
blazer
doesn't
c-sharp
doesn't
surprise
laser
doesn't
support.
C
A
A
They
can
so
different
things
yeah
and
just
to
add
an
on
the
debugging
perspective
before
dot
net
fight
blazer
was
not
having
that
particular
feature,
but
with
dotnet
5.
The
debugging
experience
is
it's
a
lot
better
from
visual
studio
or
visual
code
itself.
You
can
do
an
fa
and
then
you
can
put
debug
points
and
then
you
can.
You
can
debug
a
blazer
or
some
applications
running
in
edge
or
chrome
or
any
browser
for
that
matter.
A
E
A
A
A
Yeah,
you
wouldn't
want
to
do
that
actually
see
azure
ad
has
it.
I
mean
it's.
It's
by
itself
is
an
authentication
authorization,
provided
you
haven't
built
in
an
idp
inside
it
right.
So
if
your
users
are
part
of
the
ad,
it
wouldn't
really
make
sense
to
create
anything
for
with
the
not
zero
or
any
other
third
party
things
right.
A
If,
if
your,
if
your
customers
or
your
users
are
not
part
of
the
ad
group
and
if
they
are
somewhere
else
outside,
then
only
you
might
need
to
look
at
any
other
third
party
idps
to
onboard
them
right.
Let's
say
if
you
are
creating
a
developer,
focused
website,
so
typically
all
of
these
websites,
you
would
have
seen
sign
in
with
github
or
signing
with
linkedin
etc.
Right.
Those
are
some
of
the
options,
but
yeah
you
would
need
to
choose.
Who
are
your
audience
and
then
what
kind
of
roles
you
want
to
see
and
then
how?
A
C
You
can
have
a
lot
of
identity
providers,
whether
you
want
to
use
the
sign
in
into
this
web
app
using
azure
id
or
this
facebook
or
google
or
twitter
like
what
we
can
do
is
go
to
this
r0
and
there
they
are
asking
you
to
sign
up
using
the
acme
or
continue
with
google.
If
I,
if
I
go
and
click.
E
C
Login,
so
this
guy
will
give
you
give
us
a
set
of
options
like
we
can
use
our
own
identity
provider
or
the
partner,
sts
security,
token
service
or
a
partner
id
piece.
Maybe
the
google
or
github
or
microsoft
account,
or
this
is
the
one
which
he
is
providing
so
this
this
is
a
different
set
of
things
like
I
can
have
my
own
user
username
password
database,
which
I
can
validate.
On
top
of
that,
I
can
go
ahead
and
ask
him
if
he
is
not
a
valid
user
in
our
database.
C
I
think
I
understood
yeah.
I
think
I
understood
raul's
question.
If
something
else
is
there
rahul
you
can
get
back
to
us,
maybe
in
the
meetup
or
somewhere
I'll
definitely
revert
back
to
your
query.
A
For
sure
sure,
so
I've
got
the
list
of
people
who
have
committed
the
feedback
and
I
will
be
doing
the
raffle
right
now
and
then
I'll
share
the
share.
The
winners.
It's
going
to
be
pretty
straightforward,
so
we've
got
close
to
16
folks,
so
I'll
be
using
google
random
number
generator
to
just
pick
up
randomly
a
couple
of
folks
and
then
I
would
start
their
names
now,
okay
in
the
meanwhile,
if
you
want
to
answer
one
another
question,
you
could
do
that.
C
A
C
Yeah,
so
there
are
a
couple
of
things
in
the
node.js
in
angular
we
use
that
env
files
to
a
decent
extent
and
then
in
angular.
Specifically,
let
me
share
my
screen.
Please
flash.
C
It
in
angular
itself,
under
the
vishy
pylor
speaker,
series.
C
Nice
conference
and
v.net,
I
think,
in
year,
2020
we
did
easy,
conf
and
then
said
the
source
angular
web
app
here
and
says
the
source
and
the
environment
you
can.
You
can
use
this
to
a
decent
extent,
I'm
not
telling
that
this
is
safe,
at
least
to
a
decent
extent.
You
can
use
this
like
when
I'm
when
it
is
a
environment,
it
is
the
local
thing
and
if
it
is
hitting
the
prod
instance,
you
can
give
the
apm
instance
where
you
want
to
hit
it
and
the
corresponding
this
one.
C
C
Api
mission,
so
once
once
we
start,
we
should
go
and
call
that
api
to
get
the
configuration.
So
now
the
content,
all
the
credentials
and
everything
is
in
in
memory
and
then
configure
your
app
based
on
that.
I
I
technically
I
didn't
do,
but
I've
seen
a
couple
of
projects
doing
that,
so
there
should
be
a
I
mean
we
did
it
in
one
of
our
atm
application
back
in
2012
where,
where
this
asp.net
waveform
application,
it
goes
on
the
boot
up.
C
When
you
start
in
the
7
am
in
the
morning
when
it
starts,
it
goes
and
invokes
the
api
to
get
the
configuration
like
the
language,
what
languages
it
has
to
support
what
payment
methods
it
has
to
support.
Do
I
need
to
support
the
check
today,
or
only
cash
or
only
credit
card,
for
all
these
configuration
the
start
of
the
day
configuration
we
should
we
will
make
an
api
call
to
bring
it.
So
we
need
to
do
the
similar
thing
in
angular.
I
didn't
do,
but
I
have
seen
others
doing
it.
A
A
A
Okay
and
rest
of
the
others.
Thank
you
so
much
for
all
your
honest
feedback.
We
will
take
it
up
and
then
we
will
plan
our
future
sessions
accordingly,
right
and
yeah.
I
think
that
brings
to
the
closure
of
the
session.
Thank
you
so
much
vishwanath
for
sharing
all
your
knowledge,
and
I
hope
everyone
enjoyed
the
sessions
as
much
as
we
did
in
planning
and
then
delivering
it
so
yeah
so
much
and
we
are
available
all
of
our
github
urls
and
everything
was
shared.