CodeIsGo.com

Stream Azure Security Center alerts and recommendations to Azure Monitor for enhanced visibility, custom dashboards, and automated responses to security events. By Charbel Nemnom.

Interesting points discussed:

• Setting up continuous export to Azure Monitor
• Configure Azure Monitor alerts rules (default)
• View alerts in Azure Monitor
• Configure Azure Monitor alerts rules (update)
• Verify Azure Monitor alerts rules

Author focuses on leveraging Azure Security Center’s continuous export feature to send security alerts and recommendations to Azure Monitor. This moves past the standard Azure Security Center dashboard, allowing for more advanced analysis and automation. The process involves enabling continuous export to a Log Analytics workspace, selecting the data types and severity levels to export, and then utilizing Azure Monitor’s built-in capabilities to create alert rules. These rules can be customized to trigger actions based on specific security events. The article provides step-by-step instructions, including creating custom queries to view exported data and configuring action groups for automated responses (e.g., email notifications). This significantly enhances security monitoring and response capabilities within Azure environments.

This article provides a clear and practical guide to a valuable integration. While the concept of exporting security data isn’t new, streamlining the process and providing automated rule creation within Azure Monitor represents a significant usability improvement. This integration empowers DevOps and security teams to leverage the power of Azure Monitor for more sophisticated security monitoring and incident response, solidifying Microsoft’s commitment to cloud security automation. Good read!

As software engineering and operations forge a new cultural bond around continuous improvement of applications and infrastructure, the database is something “dev” and “ops” have in common – and there are things to learn from both perspectives on distributed data. By Mark Burgess.

The CAP theorem, while influential, isn’t a strict theorem but a conceptual framework highlighting trade-offs in distributed systems, emphasizing that true consistency, availability, and partition tolerance can’t coexist, with implications for DevOps and infrastructure design.

The main points discussed:

• CAP theorem lacks mathematical rigor and precise definitions.
• Promise Theory provides a clearer framework for understanding CAP components.
• Availability and consistency are relative to observer perspectives.
• End-users often experience inconsistencies due to latency and scale.
• Eventual consistency and user responsibility are viable alternatives to strict CAP trade-offs.
• Examples like Git and CFEngine demonstrate practical approaches to balancing CAP elements.
• CAP’s concepts apply beyond databases to broader IT infrastructure

Burgess’ essay offers a thought-provoking critique of the CAP theorem, challenging its theoretical foundations while providing practical insights. His use of Promise Theory and real-world examples enriches the discussion, emphasizing the need for user-centric approaches in distributed systems. While CAP isn’t a theorem, it remains a valuable framework for understanding trade-offs, encouraging developers to prioritize flexibility and scalability in system design. Interesting read!

Combining DORA metrics with Process Behavior Charts (PBCs) enables teams to distinguish normal process variation from real signals, turning delivery metrics into a reliable decision-making tool. By Egor Savochkin.

This article explains how engineering teams can use DORA metrics in conjunction with Process Behavior Charts (PBCs) to transform delivery metrics into a tool for informed decision-making. DORA metrics, which track aspects like Change Lead Time and Deployment Frequency, are paired with PBCs—a statistical tool—to differentiate between common process variations and significant, actionable signals. This approach helps teams validate hypotheses about process changes, identify real issues early, and assess the impact of improvements like pair programming or tooling changes. The methodology emphasizes outcome-based metrics and focuses on addressing bottlenecks, providing a structured way to analyze and improve software delivery processes.

This is the list of key learnings:

• Combining DORA metrics with Process Behavior Charts (PBCs) distinguishes normal process variation from real signals.
• DORA metrics (CLT, DF) track software delivery performance, while PBCs visualize trends and identify special causes or shifts.
• PBCs help detect deployment issues, validate process changes like pair programming, and reveal long-term improvements.
• Sustainable improvement requires outcome-based metrics, bottleneck focus, and iterative learning.
• DORA metrics alone describe delivery; pairing with product metrics and well-being indicators provides a holistic view.
• PBCs show statistical shifts but require contextual analysis to link changes to interventions.
• Long-term data reveals systemic improvements, often from strategic changes like automation or cultural shifts.

This article offers a pragmatic and valuable approach to using DORA metrics with Process Behavior Charts, providing engineering teams with a structured method to distinguish between noise and real signals in their delivery processes. By combining statistical process control with outcome-based metrics, teams can make data-driven decisions, validate process changes, and achieve sustainable improvements. While the methodology is not novel, its clear application and real-world examples enhance its accessibility and relevance, making it a significant contribution to the DevOps and software delivery community. Nice one!

In 2026, programming language choices should align with career goals, sustainability, and modern demands - from Rust’s efficiency to Python’s AI dominance. By Zeeshan Ali.

The article provides an in-depth analysis of programming language choices for 2026, emphasizing the importance of aligning language selection with career goals, sustainability, and modern technological demands. It begins by discussing the evolution of programming languages and the importance of choosing tools that fit specific needs rather than following trends. The guide explores green coding practices, highlighting languages like C, Rust, and Ada for their efficiency and environmental impact.

Further in the article:

• Introduction to Coding Careers in 2026
• How to Choose a Programming Language
• Green Coding and Sustainable Programming
• Best Green Programming Languages
• Programming Languages for Cybersecurity
• Creative Programming Languages
• Modern Programming Languages for the Future
• Why Modern Languages Matter
• Top Programming Languages in January 2026
  • Top AI Programming Languages in 2026
  • Why Rust Is Critical in 2026
  • How to Build Your Programming Language Stack

It also provides a valuable roadmap for developers navigating the programming landscape of 2026. While it covers a wide range of languages and specializations, its focus on practical considerations like sustainability, cybersecurity, and modern challenges makes it particularly relevant. The inclusion of both established and emerging languages demonstrates a comprehensive understanding of current trends and future directions. The emphasis on aligning language choices with career goals and system requirements represents a significant advancement in programming education, moving beyond mere popularity to strategic skill development. Good read!

AWS’s 2025 was a pivotal year, marked by the rise of Agentic AI, custom silicon advancements, and real multicloud integration, fundamentally altering how developers build and deploy software. By Damien Gallagher.

Some key points in the article:

• Agentic AI: AWS introduced autonomous agents like Amazon Nova 2 models and Bedrock, enabling developers to build intelligent systems that perform tasks independently.
• Custom Silicon: Graviton5 and Trainium3 offer improved performance and energy efficiency, making custom silicon a cornerstone of AWS’s compute strategy.
• Multicloud Integration: Partnerships with Google and Azure provide practical multicloud solutions, enhancing interoperability and flexibility.
• Developer Experience: Updates like Lambda Durable Functions and Kiro IDE improve developer productivity and simplify complex workflows.
• Global Infrastructure: New regions in Mexico, Thailand, Taiwan, and New Zealand expand AWS’s global footprint, ensuring low-latency and data residency compliance.
• Storage Enhancements: S3 Vectors and S3 Tables offer scalable and cost-effective solutions for managing vector embeddings and running analytics.
• Strategic Deprecations: AWS’s decision to deprecate services like AWS Cloud9 and AWS WAF Classic reflects a commitment to modernizing its service offerings.
• Customer Feedback: The reversal of CodeCommit deprecation demonstrates AWS’s responsiveness to customer needs and feedback.

AWS’s 2025 is a testament to the company’s forward-thinking approach to cloud computing. The focus on agentic AI, custom silicon, and multicloud integration represents a significant advancement in the field, providing developers with more powerful and flexible tools. The strategic deprecations and global infrastructure expansions further solidify AWS’s position as a leader in the cloud market. Overall, the advancements made in 2025 set a new benchmark for what developers can expect from cloud services, making it a pivotal year for AWS and the broader tech community. Nice one!

Enhance your Angular forms with metadata and ARIA attributes for improved user experience, inclusivity and accessibility. By Danny Koppenhagen.

The article covers:

• Assigning metadata to form fields enhances user guidance and experience.
• Metadata keys are created using createMetadataKey() and assigned within the form schema.
• The FormFieldInfo component displays field information, validation errors, and loading states.
• The FieldAriaAttributes directive automatically manages ARIA attributes for improved accessibility.
• ARIA attributes managed include aria-invalid, aria-busy, aria-describedby, and aria-errormessage.
• The article includes a demo application on GitHub and Stackblitz for further exploration.

This article provides a thorough guide on enhancing Angular forms with metadata and ARIA attributes, making it a valuable resource for developers aiming to improve form accessibility and user experience. It represents a significant advancement in leveraging Angular Signal Forms for creating inclusive and user-friendly applications. Good read!

The OpenAI report reveals a rapid adoption of AI in enterprises and ChatGPT usage is increasing significantly, with users saving up to 60 minutes a day. The report suggests that AI usage is directly correlated to an increase in efficiency. By Mark McCormick.

OpenAI’s “The State of Enterprise AI” report reveals that enterprise AI adoption is rapidly accelerating. Key findings include a 9x increase in ChatGPT Enterprise seats year-over-year and a 320x increase in token consumption per organization. The report underscores that AI helps solve complex enterprise problems, requiring reliability, safety, and security at scale. This phase of enterprise AI adoption is said to be entering a phase where significant economic value is created through scaled use cases.

The report also highlights that AI usage directly correlates with time savings. Enterprise workers sending 30% more ChatGPT messages since November 2024 are saving 40 to 60 minutes per day. Frontline workers in the 95th percentile of adoption, especially in coding, writing, and analysis, generate significantly more messages than median users. The report concludes that the benefits of AI scale with the depth of use, making it crucial for enterprises to integrate AI across multiple tasks to maximize efficiency. Interesting read!

Nvidia’s Rubin platform cements its dominance in AI infrastructure, locking customers into a vertically integrated ecosystem that promises unmatched efficiency at a cost. By Marcus Schuler.

Nvidia’s Rubin platform, announced at CES, represents a bold move towards vertical integration in AI infrastructure. Comprising six specialized chips, Rubin is designed for optimal performance when used together, locking customers into Nvidia’s ecosystem. The platform promises a 10x reduction in inference token cost, a significant advantage for running large language models. However, this efficiency comes with strings attached, requiring the use of Nvidia’s entire hardware stack.

Rubin’s impact extends beyond data centers to automotive AI, with Mercedes-Benz adopting Nvidia’s autonomous driving stack. This move undercuts Tesla’s pricing and offers a safer, more integrated solution. The coordinated endorsements from tech CEOs highlight Nvidia’s market power and the strategic importance of securing GPU supply.

For developers and DevOps engineers, Rubin presents both opportunities and challenges. While it offers unmatched performance, it also deepens dependency on a single supplier. UX designers will need to consider the implications of this dependency on AI-driven features and user experiences. Nice one!

Master GitHub Copilot for IaC by wiring repository‑scoped custom instructions, tightening naming and tooling rules, and treating the AI as a co‑pilot—not a replacement—for safer, faster Terraform deployments. By Lukas Rottach.

The blog post explains some good practices:

• Precision – use exact wording and list every allowed version to avoid ambiguous guesses.
• Conflict avoidance – ensure new rules don’t contradict existing ones.
• Structure exposure – map the directory layout so Copilot can locate entry points quickly.
• Example‑driven guidance – embed short snippets illustrating conventions.
• Iterative rollout – start with core rules, validate Copilot’s adherence, then expand.

The author warns that overly large instruction files (> 1 000 lines) exceed the model’s context window, causing inconsistent behavior. He stresses that developers retain full accountability for security, stability, and architectural decisions; Copilot merely accelerates routine coding tasks.

Lukas Rottach’s post is a practical handbook for DevOps engineers who want to embed GitHub Copilot Agents into their IaC processes, particularly Terraform projects on Azure. After a brief personal backstory, he positions Copilot as a “co‑driver”: it can surface patterns, generate boilerplate, and respect project‑wide policies, but the engineer remains the ultimate decision‑maker. Good read!

Amazon Bedrock’s AgentCore Gateway now supports API Gateway, enabling seamless integration of existing REST APIs into agentic applications using the Model Context Protocol (MCP), enhancing security and observability. By Sparsh Wadhwa, Dhawalkumar Patel, and Heeki Park.

The article provides a detailed walkthrough of setting up an existing REST API with API Gateway as a target for AgentCore Gateway. It covers the prerequisites, including an AWS account with an existing REST API and necessary IAM permissions. The walkthrough includes steps for setting up inbound and outbound authorization, with options for IAM-based authorization and API key authorization. Code examples using Boto3 are provided for creating a gateway and configuring targets, along with examples of target configurations and credential provider configurations.

The integration supports IAM and API key authorization, ensuring secure connections between AgentCore Gateway and API Gateway. Observability is a key feature, with detailed logs and metrics available through Amazon CloudWatch, AWS CloudTrail, and AWS X-Ray. The article also includes a section on testing the gateway with the Strands Agent framework, demonstrating how to list and call available tools from the MCP server.

The article concludes by emphasizing the benefits of this integration, such as simplifying the connection between API Gateway and AgentCore Gateway, eliminating the manual export/import process, and enabling the use of existing REST APIs as tools for agentic applications. It also highlights the built-in security and observability features, making it easier for developers and DevOps engineers to modernize their API infrastructure for AI-powered systems. Nice one!