Book Image

The Azure Cloud Native Architecture Mapbook

By : Stéphane Eyskens, Ed Price
Book Image

The Azure Cloud Native Architecture Mapbook

By: Stéphane Eyskens, Ed Price

Overview of this book

Azure offers a wide range of services that enable a million ways to architect your solutions. Complete with original maps and expert analysis, this book will help you to explore Azure and choose the best solutions for your unique requirements. Starting with the key aspects of architecture, this book shows you how to map different architectural perspectives and covers a variety of use cases for each architectural discipline. You'll get acquainted with the basic cloud vocabulary and learn which strategic aspects to consider for a successful cloud journey. As you advance through the chapters, you'll understand technical considerations from the perspective of a solutions architect. You'll then explore infrastructure aspects, such as network, disaster recovery, and high availability, and leverage Infrastructure as Code (IaC) through ARM templates, Bicep, and Terraform. The book also guides you through cloud design patterns, distributed architecture, and ecosystem solutions, such as Dapr, from an application architect's perspective. You'll work with both traditional (ETL and OLAP) and modern data practices (big data and advanced analytics) in the cloud and finally get to grips with cloud native security. By the end of this book, you'll have picked up best practices and more rounded knowledge of the different architectural perspectives.
Table of Contents (13 chapters)
Section 1: Solution and Infrastructure
Section 2: Application Development, Data, and Security
Section 3: Summary


In this chapter, we introduced the vast security landscape of Azure, which deserves an entire dedicated book. We gave you a glimpse into cloud-native security, and what it implies in terms of mindset and technology choices.

We explained to you why identity is the primary layer of defense in the public cloud, and we highlighted a few trade-offs that are incurred by a network-centric approach. A network approach is often the default approach, which is inspired by decades of traditional security practices on-premises. We saw that Azure has quite a lot of built-in security features and services that we can use to our advantage not only to secure our Azure workloads but also to secure other clouds and even on-premises systems.

Lastly, we reviewed our initial Contoso use case, from the eyes of a security architect, by adding two specific security views to our diagram. By now, you should be better equipped to tackle Azure-specific security topics as well as to deal with cloud...