The Core Architectural Components of Azure

Source: Dev.to

Azure Regions and Availability Zones

Azure Regions

An Azure region is a set of datacenters deployed within a latency‑defined perimeter and connected through a dedicated regional low‑latency network. As of 2025, Azure operates in over 60 regions worldwide, more than any other cloud provider.

Key characteristics of Azure Regions

• Each region contains multiple datacenters.

Availability Zones

• Provide protection against datacenter failures.
• Enable high availability and disaster recovery capabilities.

Resource Groups and Azure Resource Manager (ARM)

Resource Groups

• Fundamental organizational units that hold related resources for an Azure solution.
• Group resources by lifecycle—resources that share the same deployment, update, and deletion cycle.

Azure Resource Manager (ARM)

• Declarative templates (ARM templates or Bicep) for provisioning and managing resources.

Azure Compute Services

• Multiple compute options to meet different application requirements.

Virtual Machines (VMs)

• Ideal for lift‑and‑shift migrations.

Azure App Service

• Built‑in auto‑scaling for web apps and APIs.

Azure Container Instances and Azure Kubernetes Service

• Managed Kubernetes control plane for container orchestration.

Azure Networking Components

• The backbone that connects all Azure services together.

Virtual Network (VNet)

• Provides isolation and segmentation using subnets.

Load Balancer and Application Gateway

• Distribute traffic and provide application‑level routing.

Azure VPN Gateway and ExpressRoute

• Secure site‑to‑site connectivity and private dedicated connections to Azure.

Azure Storage Services

• Massively scalable object store with multiple storage types.

Storage Account Types

• Hot tier – Frequently accessed data.
• Azure Files – Fully managed file shares accessible via SMB and NFS.
• Locally Redundant Storage (LRS) – Three copies within a single datacenter.

Azure Identity and Access Management

• Security and identity management are critical components of any cloud architecture.

Microsoft Entra ID (formerly Azure AD)

• Single sign‑on (SSO) to thousands of applications.

Role‑Based Access Control (RBAC)

• Owner – Full access, including the ability to delegate access.

Azure Monitor and Diagnostics

• Observability is crucial for maintaining healthy cloud applications.

Azure Monitor

• Collects metrics (numerical time‑series data).

Log Analytics

• Enables troubleshooting of application issues.

Azure Database Services

• Managed database services for various workloads.

Azure SQL Database

• Fully managed relational database service based on Microsoft SQL Server.
• Provides PaaS capabilities with automatic updates, backups, and high availability.

Deployment options

• Single database – Independent database with dedicated resources.

Azure Cosmos DB

• Turnkey global distribution.
• Multiple consistency models.
• Single‑digit millisecond latency.
• Supports multiple APIs (SQL, MongoDB, Cassandra, Gremlin, Table).