Microservices

In the ATG monolith, production DB credentials lived behind a JBoss SSH gate — effectively unreachable without infra access. After modernizing to microservices on Azure Kubernetes, every developer’s Azure account could read prod DB, Redis, and Service Bus secrets from Key Vault with a single CLI command. VPN and device whitelisting gated the network path, but not the humans. The migration didn’t just change our architecture — it quietly widened the insider blast radius.

HAProxy sidecars for mTLS. Hystrix for circuit breaking. Apache Camel between layers within the same service. Six API versions. A mandated common framework. A squash merge ban. Each decision was defensible. Combined, they created a system that took three months to onboard into.