ADR-0001: Cost-Optimized Architecture
Status: Proposed | Date: 2026-01-27
Context
Section titled “Context”A Microsoft partner with 1,000+ SMB customers requires a repeatable, single-subscription Azure environment for on-premises workload migrations. Key forces:
- Scale: Identical infrastructure across all customer subscriptions
- Cost sensitivity: $500/month hard cap per subscription
- Operational efficiency: No per-customer customization
- EU compliance: GDPR data residency (swedencentral region)
Explicit trade-offs accepted: No SLA/resilience requirements, single-zone deployment, rebuild-from-IaC DR strategy.
Decision
Section titled “Decision”Implement a hub-spoke network architecture with cost-optimized SKUs, prioritizing the Cost Optimization pillar of the Azure Well-Architected Framework.
Core Architecture Decisions
Section titled “Core Architecture Decisions”| Component | Decision | Rationale |
|---|---|---|
| Network Topology | Hub-spoke with reserved subnets | Future expansion without redesign |
| Region | swedencentral | EU GDPR compliance, cost-effective |
| Bastion | Developer SKU (free) | Single-connection sufficient for SMB |
| NAT Gateway | Standard (zonal) | Deterministic outbound; ~$32/month |
| VPN Gateway | VpnGw1AZ (~$140/mo) | Zone-redundant; BGP support |
| Azure Firewall | Optional Basic tier | Deploy only when inspection required |
| Zone Redundancy | Disabled | Explicit cost trade-off |
| Governance | Azure Policies (MG + sub scope) | Automated compliance |
WAF Pillar Alignment
Section titled “WAF Pillar Alignment”| Pillar | Score | Trade-off |
|---|---|---|
| Security | 8/10 | Policy-enforced, no public IPs, Bastion-only access |
| Reliability | 4/10 | Intentionally low — single-zone, rebuild-from-IaC DR |
| Performance | 6/10 | B/D/E VM series restriction |
| Cost Optimization | 9/10 | Primary pillar — free tiers, caps, budget alerts |
| Operational Excellence | 7/10 | IaC, Log Analytics, policy-driven automation |
Consequences
Section titled “Consequences”Positive: Meets $500/month budget, repeatable across 1,000+ customers, secure by default via policy enforcement.
Negative: No automatic failover (4/10 Reliability), limited VM SKU choices, single-region deployment.
Redesign trigger: SLA requirement > 99.9% forces zone-redundant SKUs and changes the cost profile.