In the last post we narrowed down on what is in our bag towards building a cloud platform. We identified Office 365 and Microsoft Azure as the base for the Cloud Platform. This platform will provide patterns for implementing mid tier web services, jobs, cache, storage and of-course cloud identity based authentication and authorization, in short everything that an enterprise developers team will use as a framework to build custom solutions. We will be making use of the following:
- Azure Active Directory
- Azure Web Sites
- Azure Redis Cache
- Azure SQL Storage
- Azure Job Scheduler
Additionally I will be using Office 365 – SharePoint and Exchange online to build following
- SharePoint Apps
- Email Notifications
We will break this framework as follows:
- Cloud Platform Toolkit (.net dll)
- Cloud Platform Services (WCF REST Services)
- Cloud Platform App (SharePoint App)
Cloud Platform Toolkit:
The toolkit will provide .net developers a collection of classes and methods to access SharePoint and Azure securely from WCF service endpoints. This approach will also enforce the abstraction of sensitive credential information as service accounts, connection string etc. Just to make clear that we are not building a composite Cloud App but instead we will be building atomic REST Web Services that can be consumed by Apps for SharePoint and mobile devices.
Above image highlights a summary of classes that the toolkit will provide. I will talk about the first aspect of the Cloud Platform in the next post that will cover storing of Credentials (Service Accounts), we will store them as Connection Strings in Azure Websites with Encryption and Expiration, that almost all Enterprise Security Officers ask for. We will be tapping into Azure Management APIs and will provide some REST endpoints to achieve this functionality.
There are also a handful of NUGET packages wrapping these REST services and providing a .NET wrapper, it will be easy to use them but I am not sure how flexible they are so I will try to use the REST APIs directly using the HTTP GET/PUT/POST.