Skip to main content
HashnodeBarry Tech

Command Palette

Search for a command to run...

Understanding Microsoft Azure: The Core Components You Must Know

Published
9 min read
Understanding Microsoft Azure: The Core Components You Must Know
B
Baribor Forghe

Introduction

In this article, I’m going to walk you through the core architectural components of Microsoft Azure — in a way that’s simple, clear, and easy to understand.

Maybe you’ve never even heard of Microsoft Azure, and you’re wondering, “What does it actually mean?”

Or maybe you’ve heard of it, but it still feels confusing.

Or perhaps you want to strengthen your cloud knowledge and understand how Azure really works behind the scenes.

No matter where you’re starting from, you’re in the right place.

By the end of this article, you’ll understand what Microsoft Azure is, why it matters, and how its core components work together to run real-world applications.

So let’s dive in.

What Is Microsoft Azure?

Microsoft Azure is a cloud computing platform created by Microsoft that allows individuals and organizations to build, deploy, and manage applications over the internet.

Instead of buying and maintaining physical servers, Azure lets you:

  • Rent computing power on demand

  • Store data securely

  • Run applications globally

  • Scale up or down whenever needed

You only pay for what you use.

Simply put, Azure turns infrastructure into a service, making it faster, cheaper, and easier to build modern applications.

How Microsoft Azure Is Structured

To really understand Microsoft Azure, it helps to think of it not as one big system, but as a set of building blocks that work together to create powerful cloud solutions.

Each block has a specific role, and together they make Azure reliable, scalable, and secure. These building blocks are known as Azure’s core architectural components.

Let’s explore them one by one.

1. Azure Global Infrastructure

At the foundation of Azure is its global physical infrastructure.

Microsoft owns and operates data centers worldwide. These data centers are grouped into regions.

Azure Regions

An Azure region is a geographical area (for example, East US, West Europe) that contains multiple data centers.

Regions matter because they:

  • Reduce the delay between users and applications

  • Help meet data and compliance requirements

  • Improve application performance

Availability Zones

Within many region are Availability Zones.

Each zone is a separate data center, equipped with its own power, cooling, and networking infrastructure.

This means that if one zone fails, another can continue to run your application.

In simple terms, Availability Zones help keep your applications online.

2. Subscriptions and Resource Groups

As you start creating resources in Azure, organization becomes important.

Azure Subscriptions

A subscription is an agreement with Microsoft that defines billing, access control, and usage limits. Think of it as a logical boundary that separates projects or environments such as development, testing, and production.

Let’s break down what each of these means:

1. Billing

A subscription determines who pays for what in Azure.

All Azure resources you create—virtual machines, storage, databases, networking—are billed at the subscription level.

Why this matters:

You can separate costs for different teams or projects

Organizations often use one subscription per department or client

It makes cost tracking, budgeting, and chargeback much easier

For example, a company might have separate subscriptions for Finance, Engineering, and Marketing, each with its own bill.

2. Access Control

Subscriptions act as a security boundary for managing who can access Azure resources.

Using Azure Role-Based Access Control (RBAC), you can decide:

  • Who can view resources

  • Who can create or modify resources

  • Who has full administrative control

Why this matters:

  • Developers may get limited access

  • Administrators get full control

  • Sensitive environments like production can be locked down

Permissions assigned at the subscription level automatically apply to everything inside it unless overridden.

3. Usage Limits

Every subscription comes with quotas and limits that control how much of a resource you can use.

Examples include:

  • Number of virtual machines

  • Amount of storage

  • Network resources such as IP addresses

Why this matters:

  • Prevents accidental overuse of resources

  • Helps control costs

  • Ensures fair usage across customers

If needed, many limits can be increased by requesting a quota upgrade.

Why Subscriptions Matter

By acting as a boundary, subscriptions help you:

  • Organize workloads

  • Control costs

  • Enforce security

  • Separate environments like Dev, Test, and Prod

In short, subscriptions are one of the most important building blocks in Azure’s management hierarchy.

Resource Groups

A resource group is a logical container that holds related Azure resources such as:

  • Virtual machines

  • Databases

  • Storage accounts

  • Virtual networks

  • Load balancers

  • Web apps

Resource groups help you organize and manage resources that work together as a single unit.

Key Things to Know About Resource Groups

1. Shared Lifecycle

Resources in the same resource group usually share the same lifecycle.
This means they are often:

  • Created together

  • Managed together

  • Deleted together

If you delete the resource group, everything inside it will be permanently deleted. This makes cleanup fast and prevents leftover resources from generating unexpected costs.

2. Flexible Location

A resource group is created in a specific Azure region, but the resources inside it do not have to be in the same region.

For example:

  • The resource group might be in Western Europe

  • A virtual machine could be in East US

  • Storage could be in Northern Europe

The resource group’s location mainly stores metadata, not the actual resources.

3. Access Control at Scale

You can apply Role-Based Access Control (RBAC) at the resource group level.

This allows you to:

  • Grant access to a team for all resources at once

  • Restrict who can create, modify, or delete resources

  • Avoid managing permissions resource by resource

4. Tagging and Cost Management

Resource groups support tags, such as:

  • Environment: Production

  • Project: Website

  • Owner: DevTeam

Tags help with:

  • Cost tracking

  • Reporting

  • Governance

5. Simplified Management
Resource groups make it easier to:

  • Deploy resources using templates

  • Monitor performance

  • Apply policies

  • Troubleshoot issues

Instead of managing dozens of individual resources, you manage them as a single logical unit.

Key Points to Remember

  • A resource group is used for organization and management, not billing

  • Resource groups support RBAC for access control

  • You can apply tags at the resource group level

  • A resource group has a region, but resources inside it can be in different regions

  • Deleting a resource group deletes everything inside it

3. Azure Resource Manager (ARM)

Azure Resource Manager (ARM) is basically the brain of Azure. It makes sure all your resources—like virtual machines, storage, databases, and networks—are created, organized, and managed correctly. Think of it as the conductor of an orchestra, making sure every piece works together perfectly.

Why ARM Is Important

1. Centralized Management
Instead of handling each resource separately, ARM gives you a single place to manage everything. Whether you use the Azure Portal, CLI, PowerShell, or APIs, ARM makes it consistent and predictable.

2. Manage Resources in Groups
Resources are usually organized in resource groups. ARM lets you manage them as a single unit. You can deploy, monitor, or delete all resources in a group at once—saving tons of time and effort.

3. Automate With Templates
ARM uses templates (JSON files) to define your infrastructure. Think of it as a recipe: you write it once, and you can recreate the same environment anytime without mistakes. Perfect for automation and DevOps.

4. Control Access Easily
ARM works with Role-Based Access Control (RBAC). You decide who can do what, whether at the management group, subscription, resource group, or resource level. This keeps your cloud safe and organized.

5. Enforce Rules Automatically
With Azure Policy, ARM makes sure resources follow your rules. For example:

  • Only allow certain regions

  • Restrict VM sizes

  • Make sure all resources have proper tags

If something doesn’t comply, ARM blocks or flags it automatically.

6. Track Costs With Tags
ARM supports tags, like:

  • Project: Website

  • Environment: Production

  • Owner: DevTeam

Tags make it easy to track costs, ownership, and usage.

7. Handles Dependencies for You

ARM understands how resources depend on each other.

For example, a virtual machine (VM) can’t exist without a network and storage account. ARM automatically creates resources in the right order, so everything works correctly without you having to worry about it.

ARM is the backbone of Azure management—everything flows through it, ensuring consistency, security, and automation across your cloud resources.

4. Compute Services

Compute services are what allow your applications to actually run.

Azure provides different compute options depending on your needs:

  • Virtual Machines (VMs) – Full control over the operating system and environment

  • Azure App Service – Run web applications without managing servers

  • Containers and Azure Kubernetes Service (AKS) – For modern, scalable applications

  • Azure Functions – Run code only when an event occurs (serverless)

Each option gives you a different balance between control and simplicity.

5. Networking Components

Networking connects everything in Azure and allows services to communicate securely.

Some core networking components include:

  • Virtual Networks (VNets) – Private networks in Azure

  • Subnets – Smaller network segments within a VNet

  • Load Balancers – Distribute traffic across resources

  • VPN Gateway and ExpressRoute – Connect on-premises environments to Azure

Without networking, Azure resources cannot work together effectively.

6. Storage Services

Every application needs a place to store data, and Azure provides multiple storage options.

Key storage services include:

  • Blob Storage – For files, images, videos, and backups

  • Disk Storage – Used by virtual machines

  • File Storage – Shared file systems in the cloud

  • Queue and Table Storage – For messaging and structured data

Azure automatically replicates data to protect against failures, ensuring durability and availability.

7. Identity and Security

Security is built into Azure from the ground up.

Identity Management

Azure uses Microsoft Entra ID (formerly Azure Active Directory) to manage:

  • User identities

  • Authentication

  • Access to resources

Access Control and Protection

Other key security services include:

  • Role-Based Access Control (RBAC) – Controls who can do what

  • Azure Key Vault – Stores secrets, keys, and certificates securely

  • Defender for Cloud – Monitors security posture and threats

Every request in Azure is authenticated and authorized before access is granted.

8. Monitoring and Management

To keep systems running smoothly, Azure provides monitoring tools such as:

  • Azure Monitor – Tracks performance and metrics

  • Log Analytics – Centralized logging

  • Application Insights – Application performance monitoring

These tools help identify issues early and improve reliability.

Understanding Azure’s Management Hierarchy

After exploring all the core components of Azure, it’s helpful to see how Azure organizes resources at scale.

The hierarchy looks like this:

  1. Management Groups – The top-level container for organizing multiple subscriptions. Used mainly by large enterprises to apply governance, policies, and access controls consistently.

  2. Subscriptions – Billing and access boundaries. Each subscription is tied to a payment method and contains one or more resource groups.

  3. Resource Groups – Logical containers for related resources (VMs, storage, networks) that share a lifecycle.

  4. Resources – The individual services you create, like virtual machines, databases, web apps, or storage accounts.

Why this hierarchy matters:

  • It allows organizations to scale securely and efficiently

  • Policies and access rules can be applied at higher levels (management group or subscription) and automatically cascade down

  • Resources stay organized and manageable, no matter how large your Azure environment grows

Conclusion

By understanding both the architectural components and the management hierarchy, you gain a complete view of how Azure works. This knowledge not only makes Azure less intimidating but also equips you to build, manage, and optimize cloud solutions confidently, whether for personal projects, professional development, or enterprise-scale applications.

#azure-core-components#microsoft-azure#cloud-computing#cloud-infrastructure#azure-architecture#azure-storage#cloud-solutions#azure-networking#azure-resource-manager#azure

Comments

Join the discussion

No comments yet. Be the first to comment.

More from this blog

Barry Tech

5 posts