The cloud is a powerful thing, and often I find when people get to the cloud, they are stuck with a blank subscription and a strong case of “Analysis Paralysis.” In the technology world, security is a constantly evolving space. All to often I see people start building development machines in an azure sub to be able to do work, and they don’t take the necessary steps to secure these machines.
VS Code’s remote development is one of my favorite features of modern software engineering. The ability to have a separate machine running and work against that machine as if it were my local machine offeras a lot of power. Specifically it makes our dev machines ephemeral, and dare-I-say disposible. But in addition to that, it means that I can have significantly higher compute at my finger tips.
But those benefits can be negated rather quickly, if you are using a virtual machine with a public IP and no security.
So to resolve this problem, I created a repo, found Mack-bytes-government/devenvironment And this allows for providing the appropriate bicep templates to stand up the following:
- Hub Virtual network with VPN Gateway
- Spoke virtual network for development
- Container Registry
- Key Vault
- Storage Account
- The ability to create X number of Data Science Virtual Machines to support development.
The goal of this is to stand up a development environment quickly.