copilot — blog/welcome-to-azurecraft
node v20
$ cat posts/welcome-to-azurecraft.md

Welcome to AzureCraft

by AzureCraft March 2026 ⏱ 3 min
azure architecture welcome

So What Is This?

AzureCraft started because I kept solving the same problems. Different customers, different industries, same handful of architecture questions coming up again and again — subnet sizing, private endpoint wiring, managed identity plumbing, "should I use Cosmos or Postgres?"
I figured I might as well write it down.
This isn't a Microsoft docs mirror. It's the stuff I actually use when I'm staring at a whiteboard with a customer. The reference architectures with real CIDRs. The NSG rules that don't lock you out of your own deployment. The patterns that survived production — not just passed a design review.

What's In Here

Infrastructure That Actually Works

I'm talking about the boring-but-essential stuff:
• Hub-spoke networks with proper IP planning (not the ones where you run out of addresses six months in)
• Private endpoint topologies — because "just add a private endpoint" is about 20% of the actual work
• DR patterns I've tested. Not designed. Tested. There's a difference.
• Cost-optimised setups for teams that don't have unlimited Azure credits (most of us)

Data & AI — Without the Hype

Azure has roughly 47 database services. Okay, maybe not 47. But it feels that way.
• When Cosmos DB is the right call vs SQL vs PostgreSQL — and when honestly it doesn't matter much
• Azure OpenAI patterns: RAG pipelines, fine-tuning trade-offs, and why your prompt engineering matters more than your model choice
• Data pipelines that won't bankrupt you when traffic spikes
• Real-time analytics with Event Hubs and ADX for when you need answers now, not tomorrow

Modern App Patterns

• Container Apps vs AKS vs App Service — I'll give you the honest version with actual numbers, not the marketing slide
• Managed identity everywhere. Zero passwords in your entire stack. It's possible and it's worth the upfront effort.
• Event-driven architectures that don't turn into debugging nightmares
• Blue-green deployments and feature flags for when "just deploy it Friday evening" stops being acceptable

How I Write These

Every post has opinions. I'll tell you which trade-offs I'm making and why — and you can disagree. That's fine. Architecture is about trade-offs, not right answers.
Every post has diagrams. If I can't draw it, I don't understand it well enough. Neither do you. (That's not a dig — it's just true.)
Every post has working code. Bicep templates you can deploy. Not pseudocode. Not "left as an exercise." Actual deployable infrastructure.

Coming Up

• Azure Landing Zones from an architect who's deployed them (next post)
• The Container Apps vs AKS decision — when the answer is "it depends," what does it depend on?
• Multi-tenant SaaS on Azure without losing your mind
• Azure networking from first principles — because most confusion starts at layer 3
• How I built this entire site with Copilot CLI (yes, really)