Real world private endpoints for Cosmos DB, Storage and Redis

If you’re anything like me, you were shocked to discover the default configuration of backing services in Azure is public.

Image for post
Image for post
Photo by Dayne Topkin

When you create resources like Cosmos DB, Redis and Storage, the most intimate and sensitive parts of your infrastructure, these resources come into the world nakedly exposed to the internet with nothing more than a password, the security equivalent of a bikini, standing between your crown jewels and spectacular headlines airing the dirty laundry of your very own data breach.

Don’t get me wrong, it looks like a pretty good password, but it is just a password. You’re up against the computing might and mischief of the internet. Do you really want to run out into that firefight, carrying your customers’ precious data, wearing a skimpy swimsuit? I thought not. Me neither. Bikinis are for beaches. A place where you want to be able to relax. So let’s fix it. …

Triangulating AWS, Azure, and GCP for perspective

Here’s something I found myself saying — it’s stuck with me and that’s prompted me to look into it:

“Technology isn’t a thing you do, it’s a metaphor for exploring a philosophy of being”

Image for post
Image for post
Photo by Zane Lee

There’s a moment in every discipline, art, craft and practice when you find yourself reaching beyond what you see, through the looking glass, to touch the essence. What is cloud really about?

Leaving home

My last couple of work years have sent me on a pilgrimage, prised me from my slumbering comfort zone and put me on a hard trail of discovery — to walk the halls of the three great American clouds — the great religious institutions of the technology world. …

Unlearnings from Serverlessdays Cardiff 2020

Do not try and bend the spoon. That’s impossible. Instead, only try to realize the truth. There is no spoon. Then you’ll see that it is not the spoon that bends. It is only yourself — The Matrix

Image for post
Image for post
Photo by Dan Kb

I had the pleasure of being a part of Serverless Days Cardiff 2020. If I could sum up my takeaway from the day, that classic quote from The Matrix would be it. Serverless has come a long way in the last couple of years. …

A stack for your hack

You have brains in your head. You have feet in your shoes. You can steer yourself any direction you choose. ― Dr. Seuss, Oh, the Places You’ll Go!

Image for post
Image for post
Photo by Adam Whitlock

I like this sentiment for hackathons. The stories of Dr Seuss have stuck with me, peeping out from time to time from the recesses of my lived and imagined experience offering gentle wisdom. Hackathons are about creativity.

Hackathons are great for stepping out of the practical constraints of day to day work.

It’s a time to see what’s possible from a fresh perspective and perhaps being able to try new directions when we’re back in our real worlds. It’s a space for imagination and experimentation. Living well in that space is about getting in the arena and wrestling with the delight, triumph and tragedy of the unknown. It’s one of those creative tensions where what looks like winning is actually opening yourself to uncertainty. …

If you missed Swanseacon 2019, here are the spoilers

Containers are complex, but they needn’t be mysterious. Here’s my de-jargoned guide to what they are and why they matter.

I had the pleasure of speaking at SwanseaCon this year for the second time and wanted to spread some love and understanding about containers. I find it’s great to be able to take something technical and make it accessible to a wider audience. I believe it helps us work better together.

Image for post
Image for post
Photo by David Carboni

As the title suggests, this is about containers “in practice”. As it happens, I spend a lot of time with four actual shipping containers that belong to Beechbrae, a social enterprise and charity based in the Scottish central belt, founded by my partner Ally who I can best describe as a kind, warm and unflinchingly kick-ass woman who’s created a remarkable organisation, out of sheer will and intention, to connect people with nature and each other. …

The prize of ubiquity is invisibility

I have an idea about the trajectory of Kubernetes. Instinct tells me it will both win and, simultaneously, become irrelevant to software delivery organisations.

I’ve been listening to conversations about Kubernetes (k8s) and trying to identify the recurring themes that polarise debate on whether it’s a “good” or “bad” idea. Ther are sensible points of view on both sides of the debate. It seems, like most of our ambiguous collective debates, that these are parallel conversations. Moving beyond binary opposition to a “yes, and” integration is one of the greatest human skills. …

Taking a leap over the rainbow

Ever since working with a great team at the BBC, I’ve been noticing the momentum behind Google Cloud. I’ve been looking to do a certification for a while, so decided to go with Google’s Professional Cloud Architect.

Image for post
Image for post
Photo by Dewang Gupta

If you do some research on the certification, you’ll find words like “vast” describing the scope of the exam. They’re not wrong. From compute, storage and networking, through business requirements, capacity planning, SRE, regulatory compliance, containers, continuous deployment, even kubectl commands, this isn’t something you can study for straight out of the gate from coding bootcamp.

The range of topics and the layers of knowledge, from CIDR blocks to Continuous Deployment to cloud migration and hybrid connectivity, sets a high bar. That’s what makes it both tough and also respected. It takes a healthy and broad level of experience to tackle it. What’s nice is that experience is more than theoretical and more than rote product knowledge, and there are common-sense aspects in there too that probe real-world experience. Something I particularly like is that the answer isn’t always Google. …

How does the UK Government Service Standard look from a technology point of view?

I think a lot about technology design, whether that’s architecture, build and deployment pipelines or the structure and clarity of code. The value of technology is in what you do with it.

The UK Government has an open Service Standard setting out the perspective and principles on which services (often citizen-facing services) are expected to be designed and built. I’m a fan of principles. They encode layers of experience and wisdom, making them accessible for our future selves to learn from and experiment with.

Image for post
Image for post
Photo by Scarlet Ellis

For me there’s no distance between service design and technology design. They’re integral to each other. Technology has little intrinsic meaning and value until it’s part of a connected whole: put into practice in service of a meaningful outcome. …

Scale is more of a quality than a quantity

Enterprise has become one of those over-used words that mean anything and nothing to everyone. What does it actually mean and what does that mean for our organisations?

Image for post
Image for post
Photo by Benjaminrobyn Jespersen

Back in the noughties I worked for a mid-sized technology consultancy called Detica. It was made up of around 500 people when I joined, steadily grew to a thousand or more and was eventually swallowed into BAE Systems. I learned something that’s stuck with me on that journey:

Scale is not quantitative, it’s qualitative

It might seem contradictory at first glance, but I had a series of experiences that led me to this insight. The first was then CEO Tom Black saying that, up until shortly before I joined, he knew every person in the company by name. The small-company quality had already shifted a notch and changed into something different by the time I arrived. …

Less eats more for breakfast

I design and build systems. Sometimes those systems are made of technology and sometimes they’re made of people. I’ve learned, and keep learning, that doing less is invariably greater than doing more.

Image for post
Image for post
Photo by Shawn Ang

The phrase keeps coming to me: “it’s an engineering solution to a design problem”. I’m giving a name to our very human tendency to come up with more layers of complication to solve a problem, when a better answer is likely to take away something we’re already doing. We, more often than is comfortable, are the architect of our own problem.


Complicatedness kills. It creeps up on you, it hides under your bed, it seeps in through the cracks in your attention and energy, and it throws a party all over your front lawn when there’s uncertainty and unwillingness to make choices. …


David Carboni

Hands-on culture and techology. Work hard be kind. Chief Engineer and head geek at Foundry4 (

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store