Utilizing PaaS services and ARM deployment templates on Azure Government
There are many Platform as a Service (PaaS) offerings available in Azure Government that you can easily leverage to build compelling applications. It is extremely easy to get up and running with PaaS services, and PaaS services offer a quicker path to compliance. Other than some different endpoints, developing with PaaS services in Azure Government is virtually identical to the developer experience in Azure public.
In this post, we’ll cover the Azure Government PaaS sample application. We will walk through setting up a simple CRUD (Create/Read/Update/Delete) web application that interacts with a Cosmos DB, Redis Cache, Storage Queue, and authenticates with Azure AD. We will also leverage ARM templates to deploy and configure applications in Azure Government. We’ll also show videos for this walk-through so you can see how easy it is to do step-by-step.
Traffic Case Application:
Our PaaS sample consists of a Traffic Case App, which is a web application running in Azure Government that allows users to manage a repository of traffic violation cases. The user can file a new case, edit an existing one, and view cases that have been closed. We go through each PaaS service included in our sample:
- Web App: Our sample is a ASP.NET Core 2.1 Azure Web App running in Azure Government.
- AAD Authentication: When the user opens the app they are directed to the Azure AD login page. The Traffic Case app is configured to reference a specific Azure AD app registration, which is used to authenticate users to a specific Azure AD tenant. The video shows how AAD authentication is integrated.
- Cosmos DB: All the CRUD operations such as creating, editing, and deleting a case consist of interacting with a Cosmos DB. The cases are written as individual JSON documents to a collection in the database. There are also SDKs available to easily interact with Cosmos DB, which you can read about here. Developing with Cosmos DB is exactly the same in Azure Government as Azure public – just point your connection string to the instance in Azure Gov.
- Storage Queue: When the status of a case is set to “Closed”, the case is written to a storage queue. The app reads from this queue to then display the closed cases for the user. The video will show this implementation.
- Redis Cache: To take load off our database and increase performance and throughput, it’s common to cache static data that rarely changes. We’ll utilize a Redis cache for this purpose. A Redis cache is read from to populate a static list of statuses for a case. We implemented a cache-aside pattern, so that when a user creates or edits a case, the list of statuses will be read from the Redis Cache. There is a console in the Azure portal where users can query their cache directly, this is all shown in the screencast.
The PaaS application consists of many Azure resources. Deploying each of these resources manually would be time consuming. Fortunately, these deployments can be automated with Azure Resource Manager (ARM). The repository includes an ARM template that not only deploys all of the resources needed for the Traffic Case App, but also dynamically configures connections to each service for the web application!
Best practices for ARM templates include never hardcoding anything. This ensures that the template works across different environments. For example, if you hard-code an endpoint for a service that is in Azure public, that same ARM deployment wouldn’t work for Azure Government. In our ARM template we are dynamically setting all locations to the resource group location, so when this is deployed in Azure Government the location will be set to an Azure Government region. In order to grab config settings from the PaaS services such as Cosmos DB, Azure Storage, and Redis Cache we are calling a method that lists the keys when that service has been deployed. We can see that when we run this ARM deployment template, all the connection strings and keys have already been added to the application settings for our web app. This fully automated template ensures a quick and painless deployment, allowing users to get started using the application immediately!
Check out the video of the ARM deployment here:
We walked through setting up a basic CRUD application in Azure Government and configuring it to interact with various PaaS services. Please check out the code for the PaaS sample – as well as other samples in our Azure Gov GitHub library – and go through these PaaS and ARM template screencasts which walk through the topics above more in-depth!