What are microservices and why should you care about them?
Microservices are an architectural approach to build software applications with a combination of
re-usable set of smaller services that run independently. Microservices can be developed in
parallel by self-contained, smaller teams much quicker and cheaper than using traditional
monolithic architectures where all processes are tightly coupled and run as a
single service. Applications using monolithic architectures make it more complex to add or
modify features to meet new business requirements. Monolithic architecture-centric applications
are also expensive to scale, especially when there is a demand spike in only one process.
Microservices provide significant benefits to organizations including:
- Re-usability across several business functions that reduces development costs
- Agility and faster time-to-market with modern capabilities
- Improved scalability, fault tolerance, data security, and resilience
- Simplicity and better cost-effectiveness for deployments, maintenance, and enhancements
- Ability to innovate and experiment with smaller and nimbler teams
- Long-term flexibility that avoids being locked into a specific technology or programming language
Good news and bad news about Microservices
Firstly, the bad news. If you are building your own microservices, you can create a different set
of complexities and frustrations if strong governance and operational agility are not in place
for key aspects such as integration testing, interface control, operational levels of service
etc. Because you are assembling several individual microservices that comprise an application,
the ingestion of microservices also depends on several enterprise factors on how information is
organized, stored, managed, and shared. You can overcome this challenge with an understanding
of the data relationships across the mission/enterprise applications and how data is originated,
appended, validated, consumed, and authorized.
Now for the good news: you don’t always have to build your own microservices. There are numerous
commercial and open source based microservices available. And they continue to grow at a rapid
pace. Governance, security, and integration are already defined with best practices and
optimizations baked in and these microservices are easily deployable with container technology
such as Docker, Redshift, etc. You already have access to them within the cloud platforms
and services you deployed. By taking advantage of these features of your preferred cloud
platform, you can assemble a major portion of your application leveraging readily available
microservices.
What is the best approach to focus on microservices that suit your business needs?
Individual microservice at a granular level may appear to be IT-centric and not business-centric,
so by assembling each microservice collection with the intent to create a valuable business
service, you build necessary capability sets that power the business. This approach solidifies
the foundation to meet mission goals and deliver business services using microservices.
You can begin your journey by cataloging the business-centric microservices of existing, new,
internal, external, or to-be-developed services based on ranking by various categories such as
core business function type, enterprise value, consumption readiness, mission value, potential
cost savings, cost of maintenance, and any other categories that help with the investment
decisions. With this catalog in place, you can build business centric microservice capability
sets or collections that are carefully weaved together for consistent re-use in the context of
business services.
Top 10 Microservices Capability Sets You Cannot Live Without
We have curated a “Top 10” list for microservice capability sets you need to be thinking about
as you design a sustainable and ideal future based in efficiency and agility.
1. Identity, Authorization, and Security Services
Provides identity services with the ability to enable and track authentication and authorization
permissions for users and various resources in an environment with Multi-Factor Authentication
(MFA); Maintains the history of security events.
Examples include Azure AD, AWS IAM, AWS Cognito, and Login.gov
2. Real Time Enterprise Cybersecurity Management Services
Transforms Cybersecurity into a very dynamic (real-time) and self-healing/self-remediating
environment; Provides automated, rule-based, highly available, and scalable services with
context-sensitive dynamic monitoring and remediation.
Examples include Azure Monitor, Azure Reliability, Azure AIOps, Microsoft Sentinel,
Microsoft Defender for Cloud, AWS Hub, AWS GuardDuty, AWS Inspector, AWS Audit Manager
3. Communication and Notification Services
Enables centralized configuration endpoints to securely integrate to send emails, SMS, and
chat-based notifications within your applications; Minimizes manual notifications enablement
for workflows and business process automation while enhancing security posture.
Examples include Azure Communications Services and AWS SNS
4. App Insights, Observability, and User Experience Analytics
Provides performance, security, and sequence of events capturing throughout transaction life
cycle; Allows easy integration of various applications/systems as plug-in methods to drive
intelligence of how applications transactions traffic and User Experience (UX) metrics goals
are met.
Examples include Amazon EventBridge, Amazon Security Hub, Azure Monitor, Azure AppInsights,
Google Analytics, and App Dynamics
5. Data Search and Integration Services
Enables effective and efficient information sharing by integrating, securing, and unifying data
boundaries by eliminating technical challenges for data retrieval and access; Allows unified
control of data authentication and authorization and promotes standardization of technology,
schema, and consumption methods for data access.
Examples include Elasticsearch, datadog, Azure Data factory, Azure Data Lakes,
AWS Lake Formation, AWS Data Exchange, Google Cloud Search, Google Data Cloud Services and
Databricks
6. Payment Services
Provides for secure internal payment collection or external processing with integrated business
process flows traversing multiple systems; Enables an enterprise approach for payment services
with built in data protection while significantly reducing maintenance costs and increasing
performance for payment processing.
Examples include Pay.gov, Stripe, PayPal, Amazon Payments, Square...etc.
7. Asset and Resource Management Services
Provides the ability to manage physical, virtual, IT, non-IT or other assets by increasing data
protection and simplifying the overall asset tracking of assets present in different locations
across regional, security, data center, and cost pool boundaries.
Examples include DX360°® Security ARMOR™, DX360°® Self-Reporting Asset Auditor, and ServiceNow CMD
8. Employee Information Service
Provides authenticated employee information using “Data as a Service” model by eliminating
burdensome data entry and data maintenance requirements while enabling secure information
sharing with PII protections.
Examples include Microservices assembled using Microsoft, ServiceNow, and Opensource
platforms integrated with Verification, Payroll, Benefits, Skills, Certifications, and Public
Records
9. Customer Information Service
Provides consolidated customer (or citizen or external stakeholder) information using “Data as a
Service” model by streamlining business processes that collect or process customer data;
Provides better security and privacy while eliminating duplication of effort to maintain the
information and reducing the IT resource demand.
Examples include MS Power Platform CRM Entities for Contact, Company, User, Login.gov, Email
Profile Services (Azure, AWS, Google), and LinkedIn
10. Location Services
Provides whereabouts information of entities in an enterprise to support capturing
employees/customers/asset’s location information in real-time; Enables enterprise location
services with the ability to connect to geographic maps and satellite maps along with
intelligence for asset and resource management teams to track and provide proximity-based
value-added services.
Examples include ESRI, Google Maps, and Azure Maps
