Building Modern Application on Azure

Recently, I attended a two days hands-on workshop on Application Modernization by Microsoft. Great part of this workshop was to brainstorm among team, find loop holes/problems in current architecture, find alternative to those architectural issue and take a legacy application design pattern into modern application. Key outcome of the session was to analyze application component which are currently deploy in traditional client-server model or legacy architecture, can be easily replace with ready-to-use service in azure and modern design. In fact, session was being followed by a very extensive exercise, which actually took 1 week to finish (due to busy schedule, have to work off-business hours).

Following are list of component that were utilized and these benefits, which can be leveraged across any architecture that work in extension of Azure;

 Interesting part of entire transformation was that we did not even a single Virtual Machine, SQL Server, at the same time ensure maintaining their redundancy, patching, backing up :-)

• Azure AD: This worked as back-bone during lab. Not only solving authentication problem but also bigger problem like RBAC and even acting and bridge between Application Authentication to external user by easy to integrate option like 'App Registrations'. Which in return give secrets which can be coded into application code than setting up connectivity between application-authentication platform-sub-netting etc.-etc. And it does it for all platform which I planned to use i.e. Web/API/Mobile/Desktop
• Web App: Why should we deploy server than build all stuff on own then manage it, when I get environment ready to use. Web App were ready to use near instantly, best part was I did not even have to build in Azure as I just code in VS Studio and publish code (after testing locally that it is good to go, thanks to Azure SDK for VS Studio) in target resource group, web App. App Services plan was automatically picked which I had define for resource group. Web App has gone even beyond now just being another compute service, it has a lot of stuff like direct CI/CD integration, easy option to do Blue-Green deployment pattern via deployment slots, built-in capabilities of debugging, a lot of integration with other service (no need to get inside environment and build those integration manually) like networking, MySQL in app, backing up, debugging, easily extend it to mobile platform via Easy table and API or defining API definitions/CORS, And yes, On the fly code modification via Browser App Service Editor (you have situation, don’t need to go to computer with VS Studio or Code installed, make those right from environment).
• Logic App: An automated workflow which was automatically getting triggered by an event. Best part it, it is SaaS based solution which minimal coding skills required. Ideally for any asynchronous request integration architecture where messaging follows 'fire and forget' design pattern.
• API App: Both mobile app and website depends up on web services hosted in an API App (part of same app services plan). In addition to the API App, a light-weight, serverless API is provided by Azure Functions Proxies to provide access to documents stored in Blob Storage.
• API Management: Since modern application design pattern rely heavily on API based communication. Obviously, API also required to be managed. Most of cloud vendor are offering their own API management solution, so do Azure. Azure API Management is being used to create an API Store. Communication goes through API management, which can be leverage if Application required to extend to external audience by enforcing policy controls like authentication/throughput/method etc.
• Azure SQL DB: Database is the backbone of solution landscape, at the same time, it is one major headache. In this case, I have use Azure SQL DB. Entire manageability goes away in single shot. To restrict access to application, I place my DB string in Azure Key Vault and code DNS inside Application Code.
• Azure Key Vault: Sensitive configuration data, like connection strings, were stored in Key Vault and accessed from the API App or Web App on demand. No need to
• Azure Function: Sounds similar to Logic Apps but totally different technical architecture and fit for different purpose. Basically, it was triggering Code against Event. Ideally fit for synchronous request integration design pattern where one need to deploy complex custom logic and there is need to test logic on local device prior pushing it on Azure. Modern application which following de-coupling based architecture pattern, best fit for using solution like Azure Functions/Logic App. Architect must decide choice of solution based upon complexity and time to deliver and cost fact.
• Azure Blob Storage: No further introduction required. If you have get into Azure, Blob Storage is one of the first service we use it. What is getting exciting it is that lot of new enhancement (like hosting static website), integration (communication via Service Endpoints), functionality (like tiering structure). If I compare with S3, I think it is almost level playing field now.
• Flow: Microsoft has developed vast portfolio of event based solution. Flow is another some sort of similar in line while it simplifies things a lot and bring process automation & self-serve much near to end user. In nutshell day to day life, Flow can be build deliver by people like me (end user) and Logic App can be develop and build on the request of me by IT. Ideal fit for trigger flow from SharePoint list items etc.
• PowerApps: Since Mobile is long development life-cycle and require additional investment, therefore we decided for quick and easy to on-board solution. PowerApps bring easiness and mobility experience for customer. Using PowerApps platform, we were able to make it up and running in quick minutes and perform CRUD operation to database for assigned table.
• Azure Search: Indexing is generally complex and resource crunch task. Complex technologies backed by heavy infrastructure limits. When we are thinking of building modern architecture, we want to have even decoupled solution design for search indexing and this is where Azure Search, search as a service, come into play. Best part is that it gets out of box integration at API level with Azure AD, Blob Storage and offering many exciting features. SDKs availability allow make it part of solution code itself. On Costing side, we were able to limit frequency of Indexing basis upon business case.
• Redis Cache: There were two requirement while designing architecture and find out solution such as storing session states as well as frequent DB queries. Redis is renowned cache solution and Azure Cache offered it as service model utilizing Redis technologies.
• Key Vault: At last, code still require some communication and connection with various thing like DB, Function, Keys, Internal as well as external system. In that case, how to store-retrieve secrets and make it par to code such that only genuine authenticated request pass through and retrieve details than hard-coding inside code. Like many cloud provider, Azure Key Vault provide

 Final workload placement under single resource group during testing.

Ultimately utilize above all components, a lenient a legacy architecture was being redefined into modern architecture. Best part was that it utilized decoupled architecture leveraging most of out-of-box service offering provided by Azure. Personal favorite has been Flow, Logic App and PowerApp because they are the one which are very closer to end-user and can bring significant and instant ROI to overall application modernization journey.

 Some of the thought which I captured during testing and pen it down.

 Sample Insurance PDF Invoice getting developed invoked in return of Azure Function.

Policy Holder Portal Running on Azure Web App leverage same App Service plan shared among WebApp, API App, Function App.

Tracking Activity for Key Access inside Key Vault.

Leveraging VSCode which allow me to push code directly from IDE to Azure Web App.

Note: This is just an effort to learn and share knowledge. Don’t consider it official. Any content owner or items shown are dummy name and details.