So far in this
series, we've covered a lot of the technical aspects of object storage and have
explored how they are implemented in both cloud providers. For this post, I'd
like to examine a cloud architecture pattern called the valet key pattern, and
discuss how to implement this in both Azure and AWS. In this post, lets talk
about what the valet key pattern is.
Please note that
most of this content is based off of the cloud architecture patterns book. https://docs.microsoft.com/en-us/azure/architecture/patterns/valet-key
Traditionally, web
applications have always acted as a gateway for user access to protected
resources. This becomes quite apparent when you think about databases that back
these applications. They are a protected resource, and the web application
provides limited access for users to interact with those database resources.
Databases are not
the only resources that web applications can act as a gateway for. For many
applications, other services such as storage could be in use. Think about an
application that ingests video for downstream processing/hosting. Other
examples could be APIs that place transactions to back-end systems.
On-premises systems
architecture would general hide these types of protected resources from
external access. This is obviously a security best practice, especially when
the same "storage" engine is being used for all types of data. In the
cloud, however, it is possible to create resources for only a specific purpose.
Further to this, cloud resources such as storage and queues are already
available on the internet by default. The protection mechanism of those
resources have shifted from network controls to user based controls.
Because of this,
both internal facing and external facing web applications can make use of the
valet key pattern. The pattern looks something like this:
Effectively, instead
of the web application proxying access to protected resources, it acts as a
gatekeeper for credentials/access decision only. Let's take the example of a
user wanting to upload an image for processing purposes.
- User requests access to upload a file for processing
- Application checks the request (authentication and authorization)
- Application provides a temporary access token that grants the user appropriate permissions to perform the requested action
- User interacts with the protected service to perform the desired action
There are obviously
pros and cons to the above approach, which I won't dive in to here. Most of
them are trying to strike a balance between usability of the solution and
bandwidth/performance considerations.
In terms of object
storage, this pattern is applicable in both AWS and Azure. For AWS, we will be
using the secure token service to provide a temporary token and we will take a look at signed URLs. For Azure, we will
simply provision a shared access signature with the required permissions.
I am very happy to visit your blog. This is definitely helpful to me, eagerly waiting for more updates.
ReplyDeleteData Science Training in Chennai
Data Science Course in Chennai
Cloud Computing Training in Chennai
AWS Training in Chennai
Cloud Computing Training in Chennai
Machine Learning Training in Chennai
RPA Training in Chennai
Data Science Training in Velachery
Data Science Course in Chennai
I read your blog recently and its nice. Keep sharing more.
ReplyDeleteSpoken English Classes in Chennai
IELTS Coaching in Chennai
English Speaking Classes in Mumbai
IELTS Classes in Mumbai
IELTS Coaching in Mumbai
IELTS Mumbai
Best IELTS Coaching in Mumbai
IELTS Center in Mumbai
best baby walker
ReplyDeleteentertainment whatsapp groups
ReplyDeletephotography whatsapp groups
ReplyDeleteGreat Article
ReplyDeleteData Mining Projects
Python Training in Chennai
Project Centers in Chennai
Python Training in Chennai
These organizations have qualified specialists who can do everything to ensure one's car stays clean consistently, on the off chance that one has a bustling timetable and no opportunity to squander. Car valeting Galway
ReplyDeleteThank you so much for sharing this nice informations.
ReplyDeleteandroid training institutes in coimbatore
data science course in coimbatore
data science training in coimbatore
python course in coimbatore
python training institute in coimbatore
Software Testing Course in Coimbatore
CCNA Course in Coimbatore
This comment has been removed by the author.
ReplyDeleteThis is an awesome article. I really enjoyed reading this blog.
ReplyDeleteseo article writing
english in german
how to become a salesforce developer
software material testing
hacking books for beginners
tableau server interview questions
Really infomational and educative article thanks publisher for sharing this wonderful info i have shared this article on my blog tecktak flippzilla
ReplyDeleteand whatsaup, and Best smart tv
Internet slots (Slot Online) may be the release of a gambling machine. Slot machine As pointed out Used to produce electronic gaming systems referred to as web-based slots, as a result of the improvement era, folks have considered gamble by way of computers. Will achieve slot online games making internet gambling online games Via the internet network process Which players are able to play through the slot plan or maybe will play Slots with the system provider's site Which internet slots gaming systems are actually on hand in the type of taking part in policies. It's similar to taking part in on a slot machine. Each of those realistic pictures and also sounds are likewise thrilling since they go to living room in the casino in the world.บาคาร่า
ReplyDeleteufa
ufabet
แทงบอล
แทงบอล
แทงบอล
Be that as it may, the essential advantages of DAS incorporate minimal expense and effortlessness. Since it needn't bother with parts of organization storage frameworks like switches, switches and fitting cabling and associations. The downside of DAS is that it isn't available by numerous client gatherings and only each client in turn is permitted. Emergency Water Storage Bladders manufacturer
ReplyDeleteAmazing information i really enjoyed this article reall great article keep publishing i have bookmarked this blog for future post
ReplyDeletegossipmouth flippzilla
Excellent information. Thank you for sharing with us.
ReplyDeleteTamil novel writers
Ramanichandran novels PDF
srikala novels PDF
Mallika manivannan novels PDF
muthulakshmi raghavan novels PDF
Infaa Alocious Novels PDF
N Seethalakshmi Novels PDF
Sashi Murali Tamil Novels PDF Download
I truly appreciate this article post. Really thank you! Great.
ReplyDeletetape storage
One kind of game that is great to begin with is inquiring as to whether they need to have a competition to see who can tidy up the most toys the quickest. Have your youngster start in one corner of the room and you in the other. First individual to get to the center successes. cheap web hosting services
ReplyDeletewordpress design agency in united states Need professional WordPress Web Design Services? We're experts in developing attractive mobile-friendly WordPress websites for businesses. Contact us today!
ReplyDelete