Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The Azure Architecture Center (AAC) helps you design, build, and operate solutions on Azure. Learn about the cloud architectural styles and design patterns. Use the technology choices and guides to decide the services that are right for your solution. The guidance is based on all aspects of building for the cloud, such as reliability, security, cost optimization, operations, and performance.
The following new and updated articles have recently been published in the Azure Architecture Center.
July 2025
New articles
- Domain Name Considerations in Multitenant Solutions
- Tenant Life Cycle Considerations in Multitenant Solutions
Updated articles
- Advanced Azure Kubernetes Service (AKS) Microservices Architecture (#95a051bfff)
- Deploy AD DS in an Azure Virtual Network (#417cdcd602)
- Architectural Considerations for Identity in a Multitenant Solution (#53d19ea22c)
- Noisy Neighbor Antipattern (#ce68a59508)
- Azure for AWS Professionals (#b6ae212e2c)
- Mission-critical baseline architecture on Azure (#b6ae212e2c)
- Web architecture design (#b6ae212e2c)
June 2025
New articles
- Extract and Map Information from Unstructured Content
- Considerations for Multitenant Control Planes
- Tenancy Models for a Multitenant Solution
- Hub-Spoke Network Topology That Uses Azure Virtual WAN
- Windows 365 Azure Network Connection
- Architectural Approaches for a Multitenant Solution
- Prevent IPv4 Exhaustion in Azure
- Baseline Azure AI Foundry Chat Reference Architecture
- Implement SMA OpCon in Azure
- Build a Multiple-Agent Workflow Automation Solution with Semantic Kernel
- Cross-Region Resiliency for SQL TDE with Azure Key Vault Managed HSM
Updated articles
- Architectural Approaches for Control Planes in Multitenant Solutions (#596f98a1e8)
- Azure Kubernetes Service (AKS) Baseline Architecture for AKS on Azure Local (#2607b97c53)
- Deploy and Operate Apps with AKS Enabled by Azure Arc on Azure Local (#2607b97c53)
- Azure Virtual Desktop Landing Zone Design Guide (#c08914da3f)
- Service-Specific Guidance for a Multitenant Solution (#f77a9eb614)
- Baseline Azure AI Foundry Chat Reference Architecture in an Azure Landing Zone (#044ad95c35)
- AI Architecture Design (#67e00137ce)
- Choose a Stream Processing Technology (#28af09d05c)
- Choose an Azure Container Service (#c7dde0a13f)
- Architectural Considerations for Choosing an Azure Container Service (#c7dde0a13f)
- Azure Kubernetes Service (AKS) - planning (#869ea8c700)
- Baseline highly available zone-redundant app services web application (#ccfa7b6a50)
- Considerations for updating a multitenant solution (#d005fb7b98)
- DevSecOps for Infrastructure as Code (IaC) (#3b64332719)
- Deploy IBM Maximo Application Suite (MAS) on Azure (#a8ae8f2059)
- Use Azure Firewall to help protect an AKS cluster (#a8ae8f2059)
- Azure Resource Manager Considerations for Multitenancy (#ca7914beff)
- SAP S/4HANA in Linux on Azure (#0c7aa6c9bf)
- Deploy Microservices with Azure Container Apps and Dapr (#2bf20fb4ab)
- Use AI to forecast customer orders (#dd428d3ab1)
- Minimal storage – change feed to replicate data (#dd428d3ab1)
- Use AI enrichment with image and text processing (#dd428d3ab1)
- Building the First Layer of Defense with Azure Security Services (#dd428d3ab1)
- Data streaming with AKS (#dd428d3ab1)
- Highly available SharePoint farm (#dd428d3ab1)
- Build ETL pipelines with Azure Databricks and Delta Lake (#dd428d3ab1)
- Map threats to your IT environment (#dd428d3ab1)
- Build the second layer of defense with Microsoft Defender XDR Solutions (#dd428d3ab1)
- Integrate Azure and Microsoft Defender XDR security services (#dd428d3ab1)
- Migrate IBM mainframe apps to Azure with TmaxSoft OpenFrame (#dd428d3ab1)
- Multilayered protection for Azure virtual machines (#dd428d3ab1)
- Project 15 Open Platform IoT Sustainability (#dd428d3ab1)
- SAP S/4 HANA for Large Instances (#dd428d3ab1)
- Modern Data Platform Architecture for SMBs (#dd428d3ab1)
- AKS baseline for multiregion clusters (#69a84710fd)
- AKS baseline cluster for a PCI-DSS 3.2.1 workload - Access controls (#c33187a67c)
- Deploy Azure Landing Zones (#f631aedcfa)
- Zero-trust network for web applications with Azure Firewall and Application Gateway (#ff2bccc86b)
- Patterns for inter-spoke networking (#f2d5a65b3e)
- Guidance for using Azure Event Hubs in a multitenant solution (#8ae080a36b)
- Azure Storage considerations for multitenancy (#8ae080a36b)
- Guidance for using Azure NAT Gateway in a multitenant solution (#3b18425a8a)
- Kubernetes Monitoring and Logging (#0f15cb4959)
- Enhance Network Access Security to Kubernetes (#0f15cb4959)
- Kubernetes Workload Identity and Access (#0f15cb4959)
- Pricing models for a multitenant solution (#0f15cb4959)
- Guidance for using Azure Kubernetes Service (AKS) in a multitenant solution (#0f15cb4959)
- Multitenancy and Application Insights (#0f15cb4959)
- Messaging Bridge pattern (#0f15cb4959)
- Architectural Approaches for Identity in Multitenant Solutions (#6d6acc32ed)
- Noisy Neighbor Antipattern (#5cd73dc642)
- Scale out an Azure IoT Hub-based solution to support millions of devices (#54c99a236d)
- IoT Hub-based Multitenant Solution Architectural Approaches (#c92d3f1e02)
- Overview of Microsoft Machine Learning Products and Technologies (#110aa0e75a)
- Choose an Azure service for vector search (#110aa0e75a)
- Multiple forests with AD DS and Microsoft Entra ID (#3e311eaba8)
- Enhanced-security hybrid messaging — client access (#3e311eaba8)
- Enhanced-security hybrid messaging — mobile access (#3e311eaba8)
- Enhanced-security hybrid messaging — web access (#3e311eaba8)
- Identity architecture design (#3e311eaba8)
- Microsoft Entra security for AWS (#3e311eaba8)
- Integrate on-premises AD domains with Microsoft Entra ID (#3e311eaba8)
- Microsoft Sentinel automated responses (#3e311eaba8)
- Cloud Design Patterns (#3c77e71076)
- Migrate IBM System i (AS/400) to Azure by Using Infinite i (#b786930e24)
- Architectural Considerations for Identity in a Multitenant Solution (#f7fdd54452)
May 2025
New articles
- Backends for Frontends Pattern
- Extend Mainframes to Digital Channels by Using Standards-Based REST APIs
- Design to Support Foundation Model Life Cycles
Updated articles
- Use Azure Front Door in a Multitenant Solution (#fa99f8af18)
- SaaS and Multitenant Solution Architecture (#0f76c2f436)
- Architectural Approaches for Identity in Multitenant Solutions (#350d437efd)
- Architectural Approaches for Compute in Multitenant Solutions (#5998e0f989)
- Considerations for Using Azure Container Apps in a Multitenant Solution (#5998e0f989)
- Azure Service Bus Considerations for Multitenancy (#5998e0f989)
- Generative AI Operations for Organizations with MLOps Investments (#a3f82db38d)
- Choose an Azure data service (#30d024dc16)
- Mainframe File Replication and Sync on Azure (#e63f05ade9)
- Build and Deploy Custom Document Processing Models on Azure (#9be7ee44b0)
- Choose an Analytical Data Store in Azure (#2390621603)
- Deploy Microservices with Azure Container Apps and Dapr (#7e9010efc1)
- Autoscaling Guidance (#0b258e9b9b)
- Multitenancy Checklist on Azure (#496e7a1937)
- Architect Multitenant Solutions on Azure (#496e7a1937)
- Migrate an Oracle Database to OD@A Exadata Database Service (#5e3ae5b5d5)
- Multitenancy and Azure OpenAI (#9b3946b7a4)
- Multiregion BCDR for Azure Virtual Desktop (#8c60960755)
- Apache Kafka Migration to Azure (#bc6d5e9cd8)
- Related Resources for Multitenancy (#6dd821802b)
- Move an IoT Hub-Based Solution from Test to Production (#d6d45463f0)
- Multitenancy and Azure SQL Database (#b018dfd4c8)
- Automate Document Classification in Azure (#071155e674)
- Web API Design Best Practices (#ad86c398cd)
- Azure DNS Private Resolver (#de4e1ff583)
- Implement Advanced Monitoring for Azure OpenAI Through a Gateway (#d11c6c7ff1)
- Message Encoding Considerations (#457876053e)
- Choose a Data Analytics and Reporting Technology in Azure (#f3e3c2d8b8)
April 2025
New articles
- Deploy Highly Available NVAs
- Online Analytical Processing
- Big Data Architectures
- SAP S/4HANA in Linux on Azure
- Cost Management for Kubernetes
- Migrate from Amazon Elastic Kubernetes Service to Azure Kubernetes Service
- Kubernetes Monitoring and Logging
- Manage Kubernetes Nodes and Node Pools
- Enhance Network Access Security to Kubernetes
- Kubernetes Workload Identity and Access
- Replicate Mainframe Data by using Precisely Connect
Updated articles
- Migrate IBM z/OS OLTP Workloads to Azure (#ace16bc3ba)
- Replicate Mainframe and Midrange Data to Azure by Using Qlik (#ace16bc3ba)
- Modernize Mainframe and Midrange Data (#ace16bc3ba)
- Rehost IMS DC and IMS DB on Azure by Using Raincode IMSql (#ace16bc3ba)
- Replicate and Sync Mainframe Data to Azure (#ace16bc3ba)
- Governance Options for a Kubernetes Cluster (#ade25804b5)
- AKS for Amazon EKS Professionals (#ade25804b5)
- Storage Options for a Kubernetes Cluster (#ade25804b5)
- Foundations of Assessing Harm (#3faccc2c85)
- Responsible Engineering Overview (#3faccc2c85)
- Migrate Cloud Workloads Across Security Tenants (#4eae6ed023)
- Migrate Mainframe Data to Azure (#5b28fa3068)
- Load-balancing options (#0a441feecd)
- Design for Operations (#4abcb44a53)
- DR for Azure Data Platform - Recommendations (#be5522b006)
- Deploy IBM Maximo Application Suite (MAS) on Azure (#7d45a953e1)
- Enterprise file shares with disaster recovery (#140e3ddc51)
- Oracle Database with Azure NetApp Files (#140e3ddc51)
- SQL Server on Azure Virtual Machines with Azure NetApp Files (#140e3ddc51)
- Computer Forensics Chain of Custody in Azure (#140e3ddc51)
- GitOps for Azure Kubernetes Service (#140e3ddc51)
- Azure Kubernetes Service (AKS) Baseline Architecture for AKS on Azure Local (#140e3ddc51)
- Deploy and Operate Apps with AKS Enabled by Azure Arc on Azure Local (#140e3ddc51)
- Azure Files Accessed from On-Premises and Secured by AD DS in a Private Network (#140e3ddc51)
- Enhanced-security hybrid messaging — client access (#140e3ddc51)
- Enhanced-security hybrid messaging — mobile access (#140e3ddc51)
- Hybrid file services (#140e3ddc51)
- Enhanced-security hybrid messaging — web access (#715c3bf500)
- Deploy AD DS in an Azure Virtual Network (#715c3bf500)
- Multi-tier web application built for HA/DR (#715c3bf500)
- WordPress on App Service (#715c3bf500)
- WordPress on Azure Kubernetes Service (#715c3bf500)
- Azure API Management landing zone architecture (#715c3bf500)
- Extend mainframe applications to Azure by using Verastream Host Integrator (#715c3bf500)
- Run HP-UX workloads in Azure with Stromasys Charon-PAR (#715c3bf500)
- Migrate IBM System i (AS/400) to Azure by Using Infinite i (#715c3bf500)
- Azure AI Video Processing Guide (#92dba45459)
- Choose an Azure Speech Recognition and Generation Technology (#92dba45459)
- Choose an Azure AI Targeted Language Processing Technology (#92dba45459)
- Choose an Azure AI Services Technology (#92dba45459)
- BCDR for Azure Data Factory and Azure Synapse Analytics pipelines (#216825e836)
- Secure a data lakehouse on Synapse (#216825e836)
- Enable real-time sync of MongoDB Atlas data changes to Azure Synapse Analytics (#216825e836)
- Securely managed web applications (#216825e836)
- IBM z/OS mainframe migration with Avanade AMT (#216825e836)
- Use Azure NetApp Files to deploy IBM Power in Skytap on Azure (#216825e836)
- Replatform AIX workloads on Azure (#216825e836)
- Azure DNS Private Resolver (#216825e836)
- Massive-scale VWAN architecture design (#216825e836)
- Virtual WAN architecture optimized for department-specific requirements (#216825e836)
- Implement TIC 3.0 compliance (#216825e836)
- Starter web app for SaaS development (#249f8c9ec2)
- Near real-time lakehouse data processing (#249f8c9ec2)
- Analytics end-to-end with Azure Synapse (#249f8c9ec2)
- Automated API deployments using APIOps (#249f8c9ec2)
- Certificate Lifecycle Management on Azure (#5f8cefbf09)
- Monolithic Persistence Antipattern (#4146f310ab)
- General Mainframe Refactor to Azure (#326b3995f8)
- Compare AWS and Azure Identity Management Solutions (#1ab5fc7556)
- Unisys ClearPath MCP Virtualization on Azure (#2310bff65a)
- Core startup stack architecture (#59d4a8cec6)
- Unisys ClearPath Forward OS 2200 Enterprise Server Virtualization on Azure (#a95ed47c51)
- Multitenancy and Azure OpenAI (#4cd26a7fc3)
- Generative AI Operations for Organizations with MLOps Investments (#9ef1418ce8)
- Cloud Design Patterns (#03c62aa25d)
- Design and Develop a RAG Solution (#70840c3465)
- Use Azure Front Door to Secure AKS Workloads (#3882965be5)