Skip to main content

Capstone Project: Enterprise E-Commerce Platform

Apply everything you’ve learned by building a production-ready e-commerce platform. Azure Capstone Architecture

Project Overview

Build: A globally distributed, highly available e-commerce platform Requirements:
  • Support 10,000+ concurrent users
  • 99.99% availability SLA
  • Multi-region deployment
  • Complete CI/CD pipeline
  • Full observability
  • Cost-optimized
  • Security-hardened
  • Security-hardened
[!WARNING] Gotcha: Front Door Latency Front Door is global, but your backend is regional. If your Front Door sends a user from London to a backend in New York, speed of light latency applies. Always use a backend close to the user or enable caching.
[!TIP] Jargon Alert: Polyglot Persistence Using the “best tool for the job” multiple times in one app. In this project, we use:
  • SQL for strict transaction data (Orders)
  • Cosmos DB for flexible product catalogs (JSON)
  • Redis for fast temporary data (Shopping Carts)

Architecture

Services Used

Frontend

  • Azure Static Web Apps
  • React SPA
  • Azure Front Door (CDN)

Backend

  • Azure Kubernetes Service (AKS)
  • Microservices (Node.js/C#)
  • Azure API Management

Data

  • Azure SQL (orders, transactions)
  • Cosmos DB (product catalog)
  • Redis Cache (sessions, cart)
  • Blob Storage (images)

DevOps

  • GitHub Actions
  • Azure DevOps
  • Bicep (IaC)
  • ArgoCD (GitOps)

Security

  • Azure AD B2C (authentication)
  • Key Vault (secrets)
  • Private Endpoints
  • WAF + DDoS Protection

Monitoring

  • Application Insights
  • Log Analytics
  • Azure Monitor
  • Dashboards & Alerts

Microservices

1. Product Service

// ProductService/Controllers/ProductsController.cs
[ApiController]
[Route("api/[controller]")]
public class ProductsController : ControllerBase
{
    private readonly CosmosClient _cosmosClient;
    private readonly ILogger<ProductsController> _logger;

    [HttpGet]
    public async Task<IActionResult> GetProducts([FromQuery] string category)
    {
        var container = _cosmosClient.GetContainer("ecommerce", "products");
        var query = new QueryDefinition(
            "SELECT * FROM c WHERE c.category = @category")
            .WithParameter("@category", category);

        var products = new List<Product>();
        using var iterator = container.GetItemQueryIterator<Product>(query);
        while (iterator.HasMoreResults)
        {
            var response = await iterator.ReadNextAsync();
            products.AddRange(response);
        }

        return Ok(products);
    }
}

2. Order Service

// OrderService/Controllers/OrdersController.cs
[ApiController]
[Route("api/[controller]")]
public class OrdersController : ControllerBase
{
    private readonly ApplicationDbContext _context;

    [HttpPost]
    public async Task<IActionResult> CreateOrder([FromBody] CreateOrderRequest request)
    {
        using var transaction = await _context.Database.BeginTransactionAsync();

        try
        {
            var order = new Order
            {
                UserId = request.UserId,
                Total = request.Items.Sum(i => i.Price * i.Quantity),
                Status = OrderStatus.Pending,
                CreatedAt = DateTime.UtcNow
            };

            _context.Orders.Add(order);
            await _context.SaveChangesAsync();
            await transaction.CommitAsync();

            return CreatedAtAction(nameof(GetOrder), new { id = order.Id }, order);
        }
        catch (Exception ex)
        {
            await transaction.RollbackAsync();
            return StatusCode(500, "Internal server error");
        }
    }
}

Infrastructure as Code

Bicep Template

// main.bicep
param location string = 'eastus'
param environment string = 'prod'

// AKS Cluster
resource aksCluster 'Microsoft.ContainerService/managedClusters@2023-01-01' = {
  name: 'aks-${environment}'
  location: location
  identity: {
    type: 'SystemAssigned'
  }
  properties: {
    dnsPrefix: 'aks-${environment}'
    kubernetesVersion: '1.27.7'
    enableRBAC: true
    agentPoolProfiles: [
      {
        name: 'nodepool1'
        count: 3
        vmSize: 'Standard_D4s_v3'
        mode: 'System'
        availabilityZones: ['1', '2', '3']
        enableAutoScaling: true
        minCount: 3
        maxCount: 10
      }
    ]
  }
}

// Cosmos DB
resource cosmosAccount 'Microsoft.DocumentDB/databaseAccounts@2023-04-15' = {
  name: 'cosmos-${environment}-${uniqueString(resourceGroup().id)}'
  location: location
  properties: {
    databaseAccountOfferType: 'Standard'
    consistencyPolicy: {
      defaultConsistencyLevel: 'Session'
    }
    locations: [
      {
        locationName: location
        failoverPriority: 0
        isZoneRedundant: true
      }
    ]
    enableMultipleWriteLocations: true
  }
}

CI/CD Pipeline

GitHub Actions Workflow

# .github/workflows/deploy.yml
name: Deploy E-Commerce Platform

on:
  push:
    branches: [main]

jobs:
  infrastructure:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3

    - name: Azure Login
      uses: azure/login@v1
      with:
        creds: ${{ secrets.AZURE_CREDENTIALS }}

    - name: Deploy Infrastructure
      run: |
        az deployment group create \
          --resource-group rg-ecommerce-prod \
          --template-file infra/main.bicep

  build-and-push:
    runs-on: ubuntu-latest
    needs: infrastructure
    strategy:
      matrix:
        service: [product-service, order-service, cart-service]
    steps:
    - uses: actions/checkout@v3

    - name: Build and Push Docker Image
      run: |
        docker build -t myregistry.azurecr.io/${{ matrix.service }}:${{ github.sha }} \
          ./services/${{ matrix.service }}
        docker push myregistry.azurecr.io/${{ matrix.service }}:${{ github.sha }}

Project Deliverables

1

Infrastructure

Deploy all Azure resources using Bicep
2

Microservices

Implement 5 microservices with proper communication
3

Frontend

Build React SPA with shopping cart, product catalog, checkout
4

CI/CD

Setup automated deployment pipeline
5

Monitoring

Configure Application Insights, dashboards, alerts
6

Security

Implement authentication, RBAC, private endpoints
7

Testing

Load test (10K concurrent users), chaos engineering
8

Documentation

Architecture diagrams, runbooks, API documentation

Success Criteria

Performance

  • Page load < 2 seconds
  • API response < 100ms (p95)
  • Support 10K concurrent users

Availability

  • 99.99% uptime SLA
  • Automatic failover tested
  • Zero-downtime deployments

Security

  • No public endpoints (except Front Door)
  • All secrets in Key Vault
  • WAF enabled and tested

Cost

  • Stay under $3,000/month
  • Right-sized resources
  • Auto-scaling configured

Bonus Challenges

Deploy to blue environment, test, then switch traffic
Use Azure Chaos Studio to test resilience
Product recommendations using Azure ML
Deploy to 3 regions with multi-master Cosmos DB

Congratulations!

You’ve completed the Azure Cloud Engineering Master Course! You now have the skills to: ✅ Design enterprise-grade Azure architectures ✅ Implement high availability and disaster recovery ✅ Optimize costs and performance ✅ Secure cloud environments ✅ Build CI/CD pipelines ✅ Monitor and troubleshoot production systems Next Steps:
  • Take Azure certifications (AZ-104, AZ-305, AZ-500)
  • Build your own projects
  • Contribute to open source
  • Share your knowledge
Stay Connected:
  • Join our Discord community
  • Follow Azure updates
  • Attend Azure meetups
  • Keep learning!

Defending Your Architecture

In a senior interview, you will be asked to justify your design. Prepare for these questions:
Good Answer: “We chose AKS because our application consists of 5+ distinct microservices. AKS provides better service discovery, bin-packing density for cost savings, and a unified control plane. App Service would require managing 5 separate plans or slots, which becomes unwieldy.”Counter-point: “For a simpler 2-tier app, I would absolutely use App Service for less operational overhead.”
Good Answer: “Orders require ACID compliance and strict relational integrity (Foreign Keys), making SQL the best fit. Product Catalog is high-read, variable schema (different attributes for different types), and needs global low latency. Cosmos DB shines here.”
Good Answer: “We anticipate 100x more reads (browsing products) than writes (placing orders). CQRS allowed us to scale the Read replicas independently and use a denormalized schema for super-fast retrieval without complex JOINs.”
Good Answer: “Front Door health probes will detect the failure. It will route traffic to the West Europe region.
  • Stateless services scale up automatically.
  • SQL fails over via Auto-Failover Group.
  • Cosmos DB multi-master allows immediate writes.”
Good Answer: “Absolutely no secrets are in code or Bicep files. All secrets are in Key Vault. The AKS cluster accesses them via Workload Identity (Managed Identity federation). We don’t even manage service principal secrets.”

Key Takeaways

Portfolio Piece

This project is your resume. Push it to GitHub. Write a good README. Draw the architecture diagram.

Breadth & Depth

You touched Networking, Compute, Data, Security, and DevOps. You are now a full-stack Cloud Engineer.

Trade-offs

There is no perfect architecture. Understanding why you made a choice is more important than the choice itself.

Production Ready

Observability and Security make software “Production Ready”. Functionality is just the start.

Continuous Learning

The cloud changes fast. Keep building. Keep breaking. Keep learning.

Course Feedback

We’d love to hear your feedback! Share your experience and help us improve this course.

Provide Feedback

Share your thoughts on GitHub