Book Image

The Azure Cloud Native Architecture Mapbook

By : Stéphane Eyskens, Ed Price
Book Image

The Azure Cloud Native Architecture Mapbook

By: Stéphane Eyskens, Ed Price

Overview of this book

Azure offers a wide range of services that enable a million ways to architect your solutions. Complete with original maps and expert analysis, this book will help you to explore Azure and choose the best solutions for your unique requirements. Starting with the key aspects of architecture, this book shows you how to map different architectural perspectives and covers a variety of use cases for each architectural discipline. You'll get acquainted with the basic cloud vocabulary and learn which strategic aspects to consider for a successful cloud journey. As you advance through the chapters, you'll understand technical considerations from the perspective of a solutions architect. You'll then explore infrastructure aspects, such as network, disaster recovery, and high availability, and leverage Infrastructure as Code (IaC) through ARM templates, Bicep, and Terraform. The book also guides you through cloud design patterns, distributed architecture, and ecosystem solutions, such as Dapr, from an application architect's perspective. You'll work with both traditional (ETL and OLAP) and modern data practices (big data and advanced analytics) in the cloud and finally get to grips with cloud native security. By the end of this book, you'll have picked up best practices and more rounded knowledge of the different architectural perspectives.
Table of Contents (13 chapters)
Section 1: Solution and Infrastructure
Section 2: Application Development, Data, and Security
Section 3: Summary

Understanding the one that rules them all

Before jumping into our declarative deployment options, it is important to first step back and understand what is the single endpoint that rules everything.

No matter which tool or language you choose, they will ultimately all talk to the same Azure API, namely, the Azure Resource Manager (ARM) endpoint. The commercial endpoint is Any call to this endpoint requires the caller to provide a valid access token, retrieved from Azure Active Directory. Remember, in our Understanding the ARM template deployment scopes section, we discussed the least privilege approach and the empowerment of the deployment tools. That is what this access token will be validated against, for any interaction with the ARM API.

Terraform, Azure Bicep, native ARM templates, and imperative client tools all talk to the ARM endpoint. This is important, because if a feature is not exposed through the ARM endpoint, none of the tools will...