Azure Cloud Solutions: Design & Configuration Insights

Classified in Technology

Written on in English with a size of 6.11 KB

Azure Core Services & Features

Application Gateway & Web Application Firewall

  • Service: Azure Application Gateway
  • Feature: Web Application Firewall (WAF)

Messaging & Integration

  • XML Message Handling: Azure Service Bus
  • Recommended Serverless Solution: Azure Logic Apps and Azure Functions
  • Event Grid C# Response: Azure Functions in Consumption Plan

Content Delivery & User Proximity

  • Solution for Data Proximity to User: Content Delivery Network (CDN)

High-Performance Computing (HPC)

  • HPC Cluster Node Management: CycleCloud

Application Hosting & Scalability

General Hosting Solutions

  • App1 Hosting Solution: Load Balancer with VM Scale Set across two availability zones
  • Service1 Hosting: VM Scale Set
  • Deployment of Two VMs with Traffic Manager: Recommended
  • VM Scale Set Deployment: Not recommended for this specific scenario

Microservices & API Exposure

  • Microservices Exposure Design: Azure API Management (Premium Tier) with VNet Integration
  • API Availability Over Internet: Yes
  • APIM for Real-time Data: Yes
  • VPN Gateway Access: No

Data Management & Analytics

Database Solutions

  • Application Database Recommendation: Azure SQL Database with Active Geo-Replication
  • SQL Database Service Tier: Hyperscale
  • Database Requirement Recommendation: Configure Long-Term Retention Policy
  • Recommended Database Hosting Service: Azure SQL Managed Instance
  • Recommended Database Platform: Elastic Pool

Storage Solutions

  • Storage Configuration: Premium Tier with Zone-Redundant Storage (ZRS)
  • Storage Account Type: BlockBlobStorage
  • Storage Type: Blob Storage
  • Cost-Minimized Storage for Large Video Files: Azure Blob Storage
  • Storage Account Type (Liteware CS1): General-Purpose v2
  • Configuration (Liteware CS1): NFSv3

Data Migration & Transformation

  • Company File Migration (Server1 to Store1): Azure Import/Export Job and Azure Data Factory
  • Cost-Minimized Data Migration to Azure SQL DB: DTU-based Standard Tier
  • Data Factory for Data File Transformation: Self-Hosted Integration Runtime

Data Analytics & Databricks

  • Databricks SKU: Standard
  • Cluster Configuration: Credential

Networking & Connectivity

Network Monitoring & Diagnostics

  • Traffic Analytics in Network Watcher: Not recommended
  • Network Watcher for IP Flow Verification: Recommended

Traffic Management & Global Routing

  • Service: Azure Traffic Manager
  • Routing Method: Priority Traffic Routing

Hybrid Connectivity

  • ExpressRoute to VW1 Creation: Upgrade VW1

Identity, Access & Security

Identity & Access Management

  • Group1 Membership Recommendation: Access Review
  • App1 Functionality Post-Migration: Azure AD Domain Services (Azure AD DS)
  • Recommended Azure Service for Deployment Support: Azure AD Domain Services (Azure AD DS)
  • SSO for Remote Users to WebApp1: Azure AD Application Proxy and Access Policies

Key Vault & Secrets Management

  • Number of Key Vault Instances: 1
  • ARM Deployment with Key Vault Integration:
    • Access Policies for ARM access
    • Assign IT staff roles

Storage Access & Security

  • Enabling Access to Blobs (April): Shared Access Signature (SAS)

Monitoring, Governance & Operations

Logging & Monitoring

  • Windows Event Logs: Event
  • Linux System Logging: Syslog
  • Monthly ARM Deployment Report: Azure Activity Log

Azure Policy & Governance

  • Policy Definition Scopes:
    • Azure AD Units
    • Subscriptions
    • Management Groups

Backup & Disaster Recovery

  • VM Backup Retention: 36 Months
  • Recovery Point Objective (RPO): 1 Day

File Sharing & Access

  • Access to Shared Files on VM1 (Toronto): File Share and File Sync

Case Studies & Specific Scenarios

Liteware Case Study (CS1)

  • Minimum Number of Assignments: 1
  • Storage Account Type: General-Purpose v2
  • Configuration: NFSv3

Fabrikam Case Study (CS2)

  • Application1 Permissions: Azure AD with access review
  • Inclusion in Identity Management Strategy: Domain Controllers for corp.fabrikam.com

Contoso Case Study (CS3)

  • App1 Deployment Across Availability Zones: Azure Cosmos DB
  • Azure Subscription File Sharing: Azure Files
  • On-premises Network File Synchronization: Azure File Sync
  • App1 Authentication: Service Principal
  • App1 Key Vault Secrets Authorization: Role Assignment
  • Service (PIM): Azure PIM (Privileged Identity Management)
  • Feature (PIM): Access Reviews
Karma: 8%
Visits: 0

Related entries:

Tags:
Web Application Firewall Azure Data Factory Azure Service Bus Azure Blob Storage Azure Traffic Manager Azure Azure Active Directory Cloud Architecture Azure Functions Azure Key Vault VM Scale Sets Application Gateway Azure SQL Database