Microsoft
MicrosoftHi Mauricio_Rojas,
Thank you for writing this nice explanation.
I have researched Microsoft's reference architecture, and based on the documentation, the Hub is intended for shared services such as VPN, Firewall, and Active Directory Domain Services. In contrast, Spokes are the appropriate place to host both production and non-production resources.
I assume the main concern you highlighted in your explanation is the potential cost associated with this solution. However, according to Microsoft’s documentation, when both non-production and production environments are required—and considering that APIM and Service Bus are part of the integration services—these services are better suited for deployment in the Spokes. For resources deployed within the same region, the VNET peering cost is approximately $30 per TB of data (though this varies by region).
I’ve also posted my argument as a question in the Community Hub for further discussion:
https://learn.microsoft.com/en-us/answers/questions/2073714/spoke-hub-model-integration-services
Could you kindly confirm if my line of thinking is correct?
Thanks,
Mohsen
