Infra Blueprint·October 8, 2025·8 min read

A Hub-Spoke Azure Network in Terraform

Building a segmented Azure landing zone from reusable modules: a firewall and DNS hub, workload spokes, and private endpoints for every service.

CloudDevOpsPlatformterraformazurehub-spokeprivate-endpoint

View the repo on GitHub

The full write-up is still in progress. The summary above is the short version for now.

Referenced architecture

Azure Hub-Spoke Landing Zone

A Terraform hub-spoke topology for Azure: a firewall + private-DNS hub peered to four VNets, with every data and AI service reachable only through private endpoints.