Hello fellow Data Enthusiasts and welcome to my Blog,
today we’re going to take a short detour into Azure Network Infrastructure, so we can later on this Blog know what we’re talking about. I’ll come back to this Post from time to time, to add new stuff to it.
Hub and Spoke
The Hub and Spoke architecture is a strategic design pattern that organizes resources in a centralized “hub” and decentralized “spokes” model. In this framework, the hub serves as a central point for managing and governing shared services, such as security, compliance, and networking, while spokes represent individual business units or projects.
This pattern promotes scalability, efficiency, and easier management. The hub facilitates standardized controls and policies, fostering consistency across the organization. Meanwhile, spokes maintain autonomy, enabling independent development and deployment.
So why do you need to know this?
This is because most of the Azure Tennants are designed like this. Usually the Hub is called Azure Landing Zone and does serveral things like DNS Resolving or keeping the VPN/Express Route to the On Prem Network. Basically everything that needs to work for your whole tennant and not just for your Data Plattform usecase. What I usually see in my proejcts is, that the Data Plattform is one of many Spokes so keep this in mind for your further developments.
Azure Landing Zone
The Azure Landing Zone should contain stuff that your whole company needs to work in Azure. It should manage your whole Azure Network, so it contains e.g. the private DNS Zones, manages the VPN/Express route to your office Network or could also contain a central Key Vault which manages your encryption keys of your Azure ressouces.
Azure Ressource Naming Pattern
Regarding naming of Azure resources check out the guide of Microsoft. I personally prefer to exclude the region from the name. I also recommend to use ‘0’ as seperator, since some ressources don’t accept ‘-‘ in ressource names.