Need some advice on proper Azure Network Architecture.
These are the components we will be using in Azure
Azure VPN gatway
Azure VMs for TEST Webservers
Azure VMs for PROD Webservers
Azure Managed Instance of SQL
Azure Managed My SQL
Azure Load balancer
The starting address space will be AZPRIVATE-VNET 10.0.0.0/8
My initial design looks like this. Im looking for feed back and guidance on properly segmenting the subnets according to cloud best practices.
And any other notes i didnt cover here.
AZPRIVATENET-GW 10.0.1.0/24 (Firewall and VPN subnet)
AZPRIVATENET-TESTVMS 10.0.2.0/24 (TEST web servers)
AZPRIVATENET-PRODVMS 10.0.3.0/24 (PROD web servers)
AZPRIVATENET-UTILITY 10.0.4.0/24 ( this will include Managed SQL, AD DC, Load balancer...)
Vnet peering will be setup between them
In addition, TEST and PROD VM web servers will have PUBLIC IPs (im assuming natted, not a second NIC?)
A setup guide for any of above would be very appreciated.