- Architecture Nugget
- Posts
- Architecture Nugget - January 23, 2025
Architecture Nugget - January 23, 2025
Everyone thinks they know logging until they're debugging a production issue at 3 AM.
Liam Manesh
January 23, 2025
In partnership with
Hey folks!
Welcome to this week’s Architecture Nugget, where I share some of the most interesting insights and resources I’ve come across.
I’ve got a quick favour to ask at the end, so stick around.
Now, let’s dive in!
REST API Design Best Practices — I’m a big fan of best practices—why? Because they help me focus on what really matters and save me from reinventing the wheel. That said, I also believe there’s tremendous value in understanding the reasoning behind these best practices and, once in a while, re-evaluating them.
That's why I’m sharing this quick cheat sheet on REST API design best practices. It covers naming conventions, versioning, HATEOAS, asynchronous operations, and idempotency.
MasterCard DNS Error Went Unnoticed for Years — MasterCard recently fixed a typo in their DNS records that had been there for almost 5 years. Akamai is a well-known CDN and cloud service provider, and MasterCard had pointed 5 NS records to Akamai. But because of a typo, akam.net was typed as akam.ne for one of the records, and interestingly, akam.ne was available to purchase 🙂. So, Philippe Caturegli, a security researcher, registered it and received a huge amount of traffic on that domain.
Check out the full story as it’s fascinating, but this is a reminder that misconfigured DNS records could become an Achilles' heel of the whole system.Preventing unintended encryption of Amazon S3 objects — SSE-C is a method of encrypting data on a server, where the encryption key is provided and managed by the customer. Recently, there have been some attacks on S3 where an attacker encrypts S3 objects with SSE-C and demands ransom money. If you have an S3 bucket, this blog post by Amazon explains how to mitigate the risk and reduce the attack surface.
Youtube Time
Everyone thinks they know logging until they're debugging a production issue at 3 AM.
I couldn’t agree more with this quote! I’ve seen services that log absolutely everything—or nothing at all—because figuring out what’s actually useful during troubleshooting is a challenge in itself.
Excessive logging isn’t just expensive; the signal-to-noise ratio drops so low that debugging turns into a guessing game. On the other hand, no logs mean flying blind.
This is a short must-watch video that covers the essential dos and don’ts of effective logging.
Writer RAG tool: build production-ready RAG apps in minutes
Writer RAG Tool: build production-ready RAG apps in minutes with simple API calls.
Knowledge Graph integration for intelligent data retrieval and AI-powered interactions.
Streamlined full-stack platform eliminates complex setups for scalable, accurate AI workflows.
In Depth
We tend to think we can ditch complexity and aim for simplicity. But when it comes to solving complex problems, that rarely works. The truth is, complex problems usually need complex solutions—or as the author puts it, “only complexity can handle complexity.”
When designing a system to tackle a tough problem, we have to accept that complexity has to live somewhere—but it doesn’t have to be everywhere. It’s important to recognise the balance between simplicity and complexity.
A friend of mine mentioned that sometimes Architecture Nugget ends up in his spam folder. I believe I could use a little help from you to show email providers that Architecture Nugget isn’t spam.
If you could reply to this email—whether it’s sharing your thoughts, giving feedback on, or just saying hi—it would be a huge help in making sure the newsletter always lands in your inbox.
Thanks a ton for your support!
Reply