azure-architecture-patterns

star 5

Well-Architected Framework principles and Azure best practices

fabioc-aloha By fabioc-aloha schedule Updated 4/15/2026
play_arrow Run Skill in Manus View GitHub

name: azure-architecture-patterns description: Well-Architected Framework principles and Azure best practices tier: standard applyTo: '/azure,/cloud,/waf,/architecture'

Azure Architecture Patterns

Well-Architected Framework principles, reference architectures, and Azure best practices.

The Five Pillars

Pillar Focus Key Question
Reliability Resiliency, availability Will it stay up?
Security Protection, compliance Is it safe?
Cost Optimization Efficiency, value Is it worth it?
Operational Excellence Manageability, observability Can we run it?
Performance Efficiency Scalability, responsiveness Is it fast enough?

Reliability Patterns

Key Patterns

  • Circuit Breaker: Fail fast when downstream unhealthy (Polly)
  • Retry with Backoff: Handle transient failures with exponential delays
  • Availability Zones: Distribute across datacenters

Reliability Checklist

  • Single points of failure identified and mitigated
  • Health endpoints implemented (/health, /ready)
  • Retry policies with backoff
  • Circuit breakers for external dependencies
  • Availability zones utilized
  • RTO/RPO defined and tested

Security Patterns

Zero Trust

Principle Implementation
Verify explicitly Always authenticate/authorize
Least privilege Minimal necessary permissions
Assume breach Segment, encrypt, detect

Identity

  • Managed Identity: Eliminate credential management
  • RBAC: Built-in roles, scope to resource group, use groups

Network

  • Private Endpoints: Keep traffic on Azure backbone
  • NSG: Default deny, explicit allow (priority 100-4096)

Security Checklist

  • Managed identities (no stored credentials)
  • Key Vault for secrets/certificates
  • Private endpoints for PaaS services
  • NSG rules deny-by-default
  • TLS 1.2+ enforced
  • Microsoft Defender enabled

Cost Optimization

Strategy Impact
Right-size Match SKU to workload
Reserved Instances 40-72% savings
Spot VMs 90% discount (interruptible)
Auto-shutdown Dev/test off at night
Serverless Pay per execution

Compute Selection

Workload Recommended
Steady-state web App Service Premium
Event-driven Azure Functions
Batch processing Container Apps + KEDA
Big compute Spot VMs + Batch
Dev/test B-series VMs

Storage Tiers

Tier Use Case Cost
Hot Frequent access ~$0.02/GB
Cool Infrequent (30+ days) ~$0.01/GB
Archive Rarely accessed ~$0.002/GB

Cost Checklist

  • Azure Advisor recommendations reviewed
  • Reserved Instances for predictable workloads
  • Auto-shutdown for non-prod
  • Right-sized based on utilization
  • Storage lifecycle policies
  • Cost alerts and budgets set

Operational Excellence

IaC Tools

Tool Best For
Bicep Azure-native, declarative
Terraform Multi-cloud, state management
ARM Legacy (avoid for new)

Observability Stack

Layer Service
Logs Log Analytics
Metrics Azure Monitor
Traces Application Insights
Alerts Azure Alerts
Dashboards Azure Workbooks

Operational Checklist

  • IaC for all resources (Bicep/Terraform)
  • CI/CD pipelines for deployment
  • Diagnostic settings to Log Analytics
  • Application Insights integrated
  • Alerts for critical metrics

Performance Efficiency

Scalability

Service Mechanism
App Service Autoscale rules
Azure Functions Event-driven automatic
AKS HPA + Cluster Autoscaler
VMSS Autoscale rules

Caching Strategy

Type Use Case Service
CDN Static content Azure Front Door
Distributed Session, computed Redis Cache
Local Hot data In-memory

Performance Checklist

  • Autoscaling configured and tested
  • CDN for static content
  • Redis cache for hot data
  • Database indexes reviewed
  • Load testing completed

Reference Architectures

Web Application

Internet → Front Door → App Service → Azure SQL + Redis

Microservices

Internet → API Management → AKS → Cosmos DB + Service Bus

Serverless

Events → Event Grid → Functions → Cosmos DB + Storage

SKU Selection

Series Use Case
B-series Dev/test (burstable)
D-series Most production
E-series Memory-optimized
F-series Compute-optimized

Anti-Patterns

Anti-Pattern Fix
Monolithic deployment Microservices or modular
Hardcoded config App Configuration, Key Vault
Single region Multi-region + Traffic Manager
Over-provisioned Right-size + autoscale
No IaC Bicep/Terraform everything

MCP Tools Available

Tool Use Case
mcp_azure_mcp_cloudarchitect Interactive architecture design
mcp_azure_mcp_documentation Search Azure docs
mcp_azure_mcp_get_bestpractices Code gen, deployment patterns
Service-specific tools AKS, App Service, Functions, Cosmos, SQL
Install via CLI
npx skills add https://github.com/fabioc-aloha/Alex_Plug_In --skill azure-architecture-patterns
Repository Details
star Stars 5
call_split Forks 3
navigation Branch main
article Path SKILL.md
Occupations
Computer Network Architects
More from Creator
fabioc-aloha
fabioc-aloha Explore all skills →