Topic 9, Fourth Coffee
Background
Current Environment
Fourth Coffee is a global coffeehouse chain and coffee company recognized as one of the world's most influential coffee brands. The company is renowned for its specialty coffee beverages, including a wide range of espresso-based dnnks, teas, and other beverages. Fourth Coffee operates thousands of stores worldwide.
The company is developing cloud-native applications hosted in Azure.
Corporate website
The
company hosts a public website located at http://www.fourthcoffee.com/. The website is used to place orders as well as view and update inventory items.
Inventory items
In addition to its core coffee offerings, Fourth Coffee recently expanded its menu to include inventory items such as lunch items, snacks, and merchandise. Corporate team members constantly update inventory. Users can customize items. Corporate team members configure inventory items and associated images on the website.
Orders
Associates in the store serve customized beverages and items to customers. Orders are placed on the website for pickup.
The application components process data as follows:
1. Azure Traffic Manager routes a user order request to the corporate website hosted in Azure App Service.
2. Azure Content Delivery Network serves static images and content to the user.
3. The user signs in to the application through a Microsoft Entra ID for customers tenant.
4. Users search for items and place an order on the website as item images are pulled from Azure Blob Storage
5. Item customizations are placed in an Azure Service Bus queue message.
6. Azure Functions processes item customizations and saves the customized items to Azure Cosmos DB.
7. The website saves order details to Azure SQL Database.
8. SQL Database query results are cached in Azure Cache for Redis to improve performance.
The application consists of the following Azure services:

Requirements
The application components must meet the following requirements:
* Azure Cosmos DB development must use a native API that receives the latest updates and stores data in a document format.
* Costs must be minimized for all Azure services.
* Developers must test Azure Blob Storage integrations locally before deployment to Azure Testing must support the latest versions of the Azure Storage APIs.
Corporate website
* User authentication and authorization must allow one-time passcode sign-in methods and social identity providers (Google or Facebook).
* Static web content must be stored closest to end users to reduce network latency.
Inventory items
* Customized items read from Azure Cosmos DB must maximize throughput while ensuring data is accurate for the current user on the website.
* Processing of inventory item updates must automatically scale and enable updates across an entire Azure Cosmos DB container.
* Inventory items must be processed in the order they were placed in the queue.
* Inventory item images must be stored as JPEG files in their native format to include exchangeable image file format (data) stored with the blob data upon upload of the image file.
* The Inventory Items API must securely access the Azure Cosmos DB data.
Orders
* Orders must receive inventory item changes automatically after inventory items are updated or saved.
Issues
* Developers are storing the Azure Cosmos DB credentials in an insecure clear text manner within the Inventory Items API code.
* Production Azure Cache for Redis maintenance has negatively affected application performance.