I have been working with AWS for quite some time and recently started working on Azure for one of the projects. I started from Azure VNET and noticed many differences when it comes to virtual private cloud. I am having hard time finding the answers of these two questions:
Why there's no option to create a subnet on Azure to a specific availability zone? Lets suppose I want my frontend web server to be deployed on 3 different subnets across three different AZs to get high availability, is there a way I can acheive that on Azure?
How different is Azure NSG (Network Security Group) with AWS SG (Security Group)? As far as I have read, an Azure NSG is equivalent to AWS NACL, if so, do we have any equivalent service to get the AWS SGs feature on Azure? Also, can I bind multiple NSG to one VM?
Thanks!
As far as I have read, an Azure NSG is equivalent to AWS NACL
Azure NSG combines both AWS SG and NACL functionality. They are statefull and can be applied at both subnet and NIC levels.
Why there's no option to create a subnet on Azure to a specific availability zone?
Azure subnets by default span all availability zones. This is one of the key differences on how AWS Subnet and Azure Subnet work.