Azure Data Platform Architecture Playbook (2026): SQL, Cosmos DB, Table Storage, Redis, and PostgreSQL

Scenario

Your product suite needs clear database standards for OLTP, globally distributed NoSQL, low-cost key-value tables, caching, and PostgreSQL workloads.

Scope

This article is updated for Azure platform guidance available as of May 18, 2026. It is intentionally implementation-focused, with practical CLI workflows, operational checks, and architecture reasoning you can use in production design reviews.

How to read this playbook

Use each section as a decision module. Start with workload shape, validate against security and operations constraints, deploy a proof-of-concept with Azure CLI, and finalize only after measurable verification. This avoids architecture decisions based on preference alone and gives your team a repeatable standard.

Cross-cutting decision framework

1. Define workload behavior: bursty, steady, stateful, event-driven, or latency-sensitive.
2. Define control requirements: platform-managed, partially managed, or full runtime control.
3. Define resilience and recovery targets: RTO, RPO, and acceptable blast radius.
4. Define governance boundaries: identity model, secrets handling, and policy enforcement.
5. Define operational ownership: who patches, monitors, scales, and responds during incidents.
6. Define cost model expectations: idle cost, burst cost, and growth path over 12 months.

Implementation baseline used in examples

• Region baseline: eastus for tutorial consistency
• Resource naming: short deterministic names for scriptability
• Security baseline: managed identities, least-privilege, and audit logs
• Validation baseline: deploy, load test, observe, rollback, and document

12) Azure SQL or Cosmos DB

Decision context

When teams compare Azure SQL and Cosmos DB, the failure mode is usually to optimize for only one metric such as raw latency or monthly cost. A durable Azure architecture needs to optimize for reliability model, operational maturity, security boundaries, release velocity, and failure containment. In production environments, this means you should decide early who owns runtime operations, what telemetry standard is mandatory, and how recovery targets are validated under incident pressure. For Database workloads, this design discipline matters more than headline feature lists.

When Azure SQL is the better anchor

Azure SQL is usually the better anchor when your workload shape closely maps to its native control model. The strongest outcomes happen when platform teams align release workflows, scaling signals, and security policy with how the service was designed. In practice, this gives you lower cognitive load during operations, more predictable incident response, and cleaner governance reviews. You also reduce hidden coupling because your architecture matches the managed abstractions Azure already optimizes.

When Cosmos DB is the better anchor

Cosmos DB becomes the better anchor when your primary risk is tied to constraints that Azure SQL does not solve elegantly. This can include specific protocol behavior, tenancy separation, deterministic deployment controls, or specialized tooling already used by your team. If your staff can operate Cosmos DB confidently and your change-management process is mature, choosing it can reduce long-term migration churn and prevent tactical workarounds from becoming permanent platform debt.

Practical tutorial

Use the following CLI flow to stand up a minimal proof-of-concept and test the assumptions before any platform-wide standard is declared.

az group create -n rg-data-playbook -l eastus
az sql server create -g rg-data-playbook -n sqlsrvplaybook2026 -l eastus -u sqladminuser -p StrongP@ssw0rd!
az sql db create -g rg-data-playbook -s sqlsrvplaybook2026 -n coredb --service-objective S0
az cosmosdb create -g rg-data-playbook -n cosmosplaybook2026 --locations regionName=eastus failoverPriority=0 isZoneRedundant=False

After deployment, run a focused validation loop:

1. Confirm security controls are attached and auditable.
2. Validate scaling behavior under synthetic workload.
3. Verify rollback steps are executable without portal-only actions.
4. Capture baseline cost and performance metrics for a two-week window.
5. Record operational friction points in a decision log.

Guardrails and anti-patterns

Common anti-patterns are building dual-service hybrids too early, skipping policy-as-code, and finalizing platform standards without realistic failure testing. Avoid making the decision in architecture diagrams only. Demand concrete evidence from load tests, deployment frequency analysis, and on-call playbooks. If two services look equivalent on paper, prefer the one your team can run safely at 2 AM during an incident.

Production recommendation

Treat this decision as an operating model decision, not only a feature decision. Document required capabilities, what you will not support, and the exception process. Then enforce the standard using templates, CI validation, and policy controls so project teams can move quickly without reopening the same design debate every sprint.

13) Cosmos DB or Azure Table Storage

Decision context

When teams compare Cosmos DB and Azure Table Storage, the failure mode is usually to optimize for only one metric such as raw latency or monthly cost. A durable Azure architecture needs to optimize for reliability model, operational maturity, security boundaries, release velocity, and failure containment. In production environments, this means you should decide early who owns runtime operations, what telemetry standard is mandatory, and how recovery targets are validated under incident pressure. For Database workloads, this design discipline matters more than headline feature lists.

When Cosmos DB is the better anchor

Cosmos DB is usually the better anchor when your workload shape closely maps to its native control model. The strongest outcomes happen when platform teams align release workflows, scaling signals, and security policy with how the service was designed. In practice, this gives you lower cognitive load during operations, more predictable incident response, and cleaner governance reviews. You also reduce hidden coupling because your architecture matches the managed abstractions Azure already optimizes.

When Azure Table Storage is the better anchor

Azure Table Storage becomes the better anchor when your primary risk is tied to constraints that Cosmos DB does not solve elegantly. This can include specific protocol behavior, tenancy separation, deterministic deployment controls, or specialized tooling already used by your team. If your staff can operate Azure Table Storage confidently and your change-management process is mature, choosing it can reduce long-term migration churn and prevent tactical workarounds from becoming permanent platform debt.

Practical tutorial

Use the following CLI flow to stand up a minimal proof-of-concept and test the assumptions before any platform-wide standard is declared.

az cosmosdb create -g rg-data-playbook -n cosmostableplaybook2026 --locations regionName=eastus failoverPriority=0 isZoneRedundant=False
az storage account create -n sttableplaybook2026 -g rg-data-playbook -l eastus --sku Standard_LRS --kind StorageV2
az storage table create --account-name sttableplaybook2026 -n telemetry

After deployment, run a focused validation loop:

1. Confirm security controls are attached and auditable.
2. Validate scaling behavior under synthetic workload.
3. Verify rollback steps are executable without portal-only actions.
4. Capture baseline cost and performance metrics for a two-week window.
5. Record operational friction points in a decision log.

Guardrails and anti-patterns

Common anti-patterns are building dual-service hybrids too early, skipping policy-as-code, and finalizing platform standards without realistic failure testing. Avoid making the decision in architecture diagrams only. Demand concrete evidence from load tests, deployment frequency analysis, and on-call playbooks. If two services look equivalent on paper, prefer the one your team can run safely at 2 AM during an incident.

Production recommendation

Treat this decision as an operating model decision, not only a feature decision. Document required capabilities, what you will not support, and the exception process. Then enforce the standard using templates, CI validation, and policy controls so project teams can move quickly without reopening the same design debate every sprint.

14) Cosmos DB or Azure Cache for Redis

Decision context

When teams compare Cosmos DB and Azure Cache for Redis, the failure mode is usually to optimize for only one metric such as raw latency or monthly cost. A durable Azure architecture needs to optimize for reliability model, operational maturity, security boundaries, release velocity, and failure containment. In production environments, this means you should decide early who owns runtime operations, what telemetry standard is mandatory, and how recovery targets are validated under incident pressure. For Database workloads, this design discipline matters more than headline feature lists.

When Cosmos DB is the better anchor

Cosmos DB is usually the better anchor when your workload shape closely maps to its native control model. The strongest outcomes happen when platform teams align release workflows, scaling signals, and security policy with how the service was designed. In practice, this gives you lower cognitive load during operations, more predictable incident response, and cleaner governance reviews. You also reduce hidden coupling because your architecture matches the managed abstractions Azure already optimizes.

When Azure Cache for Redis is the better anchor

Azure Cache for Redis becomes the better anchor when your primary risk is tied to constraints that Cosmos DB does not solve elegantly. This can include specific protocol behavior, tenancy separation, deterministic deployment controls, or specialized tooling already used by your team. If your staff can operate Azure Cache for Redis confidently and your change-management process is mature, choosing it can reduce long-term migration churn and prevent tactical workarounds from becoming permanent platform debt.

Practical tutorial

Use the following CLI flow to stand up a minimal proof-of-concept and test the assumptions before any platform-wide standard is declared.

az cosmosdb create -g rg-data-playbook -n cosmoscacheplaybook2026 --locations regionName=eastus failoverPriority=0 isZoneRedundant=False
az redis create -g rg-data-playbook -n redisplaybook2026 -l eastus --sku Standard --vm-size C1

After deployment, run a focused validation loop:

1. Confirm security controls are attached and auditable.
2. Validate scaling behavior under synthetic workload.
3. Verify rollback steps are executable without portal-only actions.
4. Capture baseline cost and performance metrics for a two-week window.
5. Record operational friction points in a decision log.

Guardrails and anti-patterns

Common anti-patterns are building dual-service hybrids too early, skipping policy-as-code, and finalizing platform standards without realistic failure testing. Avoid making the decision in architecture diagrams only. Demand concrete evidence from load tests, deployment frequency analysis, and on-call playbooks. If two services look equivalent on paper, prefer the one your team can run safely at 2 AM during an incident.

Production recommendation

Treat this decision as an operating model decision, not only a feature decision. Document required capabilities, what you will not support, and the exception process. Then enforce the standard using templates, CI validation, and policy controls so project teams can move quickly without reopening the same design debate every sprint.

15) Azure SQL or Azure Database for PostgreSQL

Decision context

When teams compare Azure SQL and Azure Database for PostgreSQL, the failure mode is usually to optimize for only one metric such as raw latency or monthly cost. A durable Azure architecture needs to optimize for reliability model, operational maturity, security boundaries, release velocity, and failure containment. In production environments, this means you should decide early who owns runtime operations, what telemetry standard is mandatory, and how recovery targets are validated under incident pressure. For Database workloads, this design discipline matters more than headline feature lists.

When Azure SQL is the better anchor

Azure SQL is usually the better anchor when your workload shape closely maps to its native control model. The strongest outcomes happen when platform teams align release workflows, scaling signals, and security policy with how the service was designed. In practice, this gives you lower cognitive load during operations, more predictable incident response, and cleaner governance reviews. You also reduce hidden coupling because your architecture matches the managed abstractions Azure already optimizes.

When Azure Database for PostgreSQL is the better anchor

Azure Database for PostgreSQL becomes the better anchor when your primary risk is tied to constraints that Azure SQL does not solve elegantly. This can include specific protocol behavior, tenancy separation, deterministic deployment controls, or specialized tooling already used by your team. If your staff can operate Azure Database for PostgreSQL confidently and your change-management process is mature, choosing it can reduce long-term migration churn and prevent tactical workarounds from becoming permanent platform debt.

Practical tutorial

Use the following CLI flow to stand up a minimal proof-of-concept and test the assumptions before any platform-wide standard is declared.

az sql server create -g rg-data-playbook -n sqlsrvpgplaybook2026 -l eastus -u sqladminuser -p StrongP@ssw0rd!
az sql db create -g rg-data-playbook -s sqlsrvpgplaybook2026 -n appdb --service-objective S0
az postgres flexible-server create -g rg-data-playbook -n pgplaybook2026 -l eastus --admin-user pgadmin --admin-password StrongP@ssw0rd! --tier Burstable --sku-name Standard_B1ms --storage-size 128

After deployment, run a focused validation loop:

1. Confirm security controls are attached and auditable.
2. Validate scaling behavior under synthetic workload.
3. Verify rollback steps are executable without portal-only actions.
4. Capture baseline cost and performance metrics for a two-week window.
5. Record operational friction points in a decision log.

Guardrails and anti-patterns

Common anti-patterns are building dual-service hybrids too early, skipping policy-as-code, and finalizing platform standards without realistic failure testing. Avoid making the decision in architecture diagrams only. Demand concrete evidence from load tests, deployment frequency analysis, and on-call playbooks. If two services look equivalent on paper, prefer the one your team can run safely at 2 AM during an incident.

Production recommendation

Treat this decision as an operating model decision, not only a feature decision. Document required capabilities, what you will not support, and the exception process. Then enforce the standard using templates, CI validation, and policy controls so project teams can move quickly without reopening the same design debate every sprint.

End-to-end validation flow

After completing the pair-level proofs, run a final integrated user journey in a non-production subscription. Validate provisioning speed, deployment rollback, observability completeness, incident simulation, and teardown hygiene. Architecture decisions are only complete when the full path from deployment to failure recovery has been tested and documented.

Security, operations, and cost checklist

• Enforce least privilege on all deployment identities.
• Capture audit evidence for every control-plane change.
• Enable standardized logging and alert routing before go-live.
• Define rollback scripts and test them monthly.
• Pin module and API versions in IaC to reduce drift.
• Track cost by environment and workload tags.
• Keep a service exception process with explicit owner sign-off.

References

• https://learn.microsoft.com/en-us/azure/azure-sql/
• https://learn.microsoft.com/en-us/cosmos-db/overview
• https://learn.microsoft.com/en-us/azure/storage/tables/table-storage-overview
• https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/cache-overview
• https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/service-overview
• https://learn.microsoft.com/en-us/azure/
• https://learn.microsoft.com/en-us/cli/azure/
• https://learn.microsoft.com/en-us/azure/architecture/

Additional architecture notes

In mature Azure programs, decision quality improves when platform standards are continuously validated against real incidents, quarterly capacity reviews, and dependency changes in upstream teams. Maintain a living architecture record with assumptions, measured outcomes, and remediation actions. This discipline keeps standards pragmatic, reduces rework, and improves delivery confidence.

Additional architecture notes

In mature Azure programs, decision quality improves when platform standards are continuously validated against real incidents, quarterly capacity reviews, and dependency changes in upstream teams. Maintain a living architecture record with assumptions, measured outcomes, and remediation actions. This discipline keeps standards pragmatic, reduces rework, and improves delivery confidence.

Additional architecture notes

In mature Azure programs, decision quality improves when platform standards are continuously validated against real incidents, quarterly capacity reviews, and dependency changes in upstream teams. Maintain a living architecture record with assumptions, measured outcomes, and remediation actions. This discipline keeps standards pragmatic, reduces rework, and improves delivery confidence.

Additional architecture notes

In mature Azure programs, decision quality improves when platform standards are continuously validated against real incidents, quarterly capacity reviews, and dependency changes in upstream teams. Maintain a living architecture record with assumptions, measured outcomes, and remediation actions. This discipline keeps standards pragmatic, reduces rework, and improves delivery confidence.

Additional architecture notes

In mature Azure programs, decision quality improves when platform standards are continuously validated against real incidents, quarterly capacity reviews, and dependency changes in upstream teams. Maintain a living architecture record with assumptions, measured outcomes, and remediation actions. This discipline keeps standards pragmatic, reduces rework, and improves delivery confidence.

Additional architecture notes

In mature Azure programs, decision quality improves when platform standards are continuously validated against real incidents, quarterly capacity reviews, and dependency changes in upstream teams. Maintain a living architecture record with assumptions, measured outcomes, and remediation actions. This discipline keeps standards pragmatic, reduces rework, and improves delivery confidence.