Managed services
Look for areas in the architecture where it may be natural to incorporate platform-as-a-service (PaaS) options. These include caching, queues, and data storage. PaaS reduces time and cost of managing servers, storage, networking, and other application infrastructure.
With PaaS, the infrastructure cost is included in the pricing model of the service. For example, you can provision a lower SKU virtual machine as a jumpbox. There are additional costs for storage and managing a separate server. You also need to configure a public IP on the virtual machine, which is not recommended. A managed service such as Azure Bastion takes into consideration all those costs and offers better security.
Azure provides a wide range of PaaS resources. Here are some examples of when you might consider PaaS options:
| Task | Use |
|---|---|
| Host a web server | Azure App Service instead of setting up IIS servers. |
| Indexing and querying heterogenous data | Azure Cognitive Search instead of ElasticSearch. |
| Host a database server | Azure offers many SQL and no-SQL options such as Azure SQL Database and Azure Cosmos DB. |
| Secure access to virtual machine | Azure Bastion instead of virtual machines as jump boxes. |
| Network security | Azure Firewall instead of virtual network appliances. |
For more information, see Use platform as a service (PaaS) options.
Use platform as a service (PaaS) options
When possible, use platform as a service (PaaS) rather than infrastructure as a service (IaaS)
IaaS is like having a box of parts. You can build anything, but you have to assemble it yourself. PaaS options are easier to configure and administer. You don't need to provision VMs, set up VNets, manage patches and updates, and all of the other overhead associated with running software on a VM.
For example, suppose your application needs a message queue. You could set up your own messaging service on a VM, using something like RabbitMQ. But Azure Service Bus already provides reliable messaging as service, and it's simpler to set up. Just create a Service Bus namespace (which can be done as part of a deployment script) and then call Service Bus using the client SDK.
Of course, your application may have specific requirements that make an IaaS approach more suitable. However, even if your application is based on IaaS, look for places where it may be natural to incorporate PaaS options. These include cache, queues, and data storage.
| Instead of running... | Consider using... |
|---|---|
| Active Directory | Azure Active Directory |
| Elasticsearch | Azure Search |
| Hadoop | HDInsight |
| IIS | App Service |
| MongoDB | Cosmos DB |
| Redis | Azure Cache for Redis |
| SQL Server | Azure SQL Database |
| File share | Azure NetApp Files |
Please note that this is not meant to be an exhaustive list, but a subset of equivalent options.