Enterprise-grade Azure Communication Services solution - Voice, Video, Chat, SMS, and Email capabilities aligned with Cloud Adoption Framework (CAF), Well-Architected Framework (WAF), and Azure Landing Zones.
Azure Communication Services (ACS) is a cloud-based communications platform that enables developers to add voice, video, chat, SMS, and email capabilities to applications. This reference architecture demonstrates an enterprise-ready deployment following Microsoft best practices.
Azure Communication Services provides:
| Capability | Description | Use Cases |
|---|---|---|
| Voice & PSTN | VoIP calling, PSTN connectivity, call recording | Contact centers, telemedicine, customer support |
| Video | 1:1 and group video calls, screen sharing | Virtual consultations, remote collaboration |
| Chat | Real-time messaging with threading | In-app messaging, customer engagement |
| SMS | Send and receive SMS messages | Notifications, 2FA, alerts |
| Transactional email delivery | Invoices, notifications, marketing | |
| Advanced Messaging | WhatsApp, Teams interop | Multi-channel communication |
π View as Mermaid Diagram (text-based)
%%{init: {'theme':'neutral'}}%%
graph TB
subgraph "Client Applications"
WEB[Web App<br/>React/Angular]
MOB[Mobile App<br/>iOS/Android]
BOT[Bot/Automation]
end
subgraph "Azure Landing Zone"
subgraph "Application Tier"
APPSVC[Azure App Service<br/>Flask API]
FUNC[Azure Functions<br/>Event Processing]
end
subgraph "Communication Services"
ACS[Azure Communication Services<br/>Voice/Video/Chat/SMS]
EVENTGRID[Event Grid<br/>System Topic]
end
subgraph "Security & Identity"
KV[Key Vault<br/>Secrets & Keys]
MI[Managed Identity]
end
subgraph "Data & Monitoring"
COSMOS[Cosmos DB<br/>Chat History]
BLOB[Storage Account<br/>Recordings]
LA[Log Analytics<br/>Workspace]
AI[Application Insights]
end
end
WEB --> APPSVC
MOB --> APPSVC
BOT --> FUNC
APPSVC --> ACS
FUNC --> ACS
ACS --> EVENTGRID
EVENTGRID --> FUNC
APPSVC --> KV
FUNC --> KV
APPSVC --> MI
FUNC --> MI
FUNC --> COSMOS
ACS --> BLOB
ACS --> LA
APPSVC --> AI
FUNC --> AI
π‘ Additional diagrams: See Landing Zone Integration and Data Flow. Regenerate with
python docs/diagrams/generate_diagram.py(requires Graphviz).
- Azure subscription with Contributor access
- Azure CLI 2.50+ with Bicep CLI
- PowerShell 7+ (cross-platform)
- Python 3.9+ (for sample applications)
- Git 2.30+
| Scope | Role | Purpose |
|---|---|---|
| Subscription | Contributor | Deploy resources |
| Entra ID | Application Administrator | Register applications |
| Communication Services | Owner | Manage ACS configuration |
The fastest way to get started is using the included Dev Container, which provides a fully configured development environment with all required tools pre-installed.
Prerequisites:
Steps:
# Clone the repository
git clone https://github.com/StormyDevil/azure-communication-services-reference.git
cd azure-communication-services-reference
# Open in VS Code
code .When VS Code opens, click "Reopen in Container" when prompted (or use Ctrl+Shift+P β "Dev Containers: Reopen in Container").
The container includes:
- β Python 3.11 with all dependencies
- β Azure CLI with Bicep
- β Azure Functions Core Tools v4
- β PowerShell 7
- β Azure Developer CLI (azd)
- β Pre-configured VS Code extensions
Once the container is running:
# Login to Azure
az login
# Deploy to Azure
pwsh ./scripts/deploy.ps1 -Environment dev -Location swedencentral# Clone the repository
git clone https://github.com/StormyDevil/azure-communication-services-reference.git
cd azure-communication-services-reference
# Deploy to Azure
pwsh ./scripts/deploy.ps1 -Environment dev -Location swedencentralPrerequisites:
- Azure CLI 2.50+ with Bicep CLI
- PowerShell 7+
- Python 3.9+ (for sample applications)
# 1. Login to Azure
az login
# 2. Set subscription
az account set --subscription "YOUR_SUBSCRIPTION_ID"
# 3. Set your preferred location
LOCATION="swedencentral" # Options: swedencentral, westeurope, eastus, westus2, etc.
# 4. Create resource group
az group create --name rg-acs-dev --location $LOCATION
# 5. Deploy infrastructure
az deployment group create \
--name acs-deployment \
--resource-group rg-acs-dev \
--template-file infra/bicep/main.bicep \
--parameters infra/bicep/parameters/dev.bicepparamazure-communication-services-reference/
βββ .devcontainer/ # Dev Container configuration
β βββ devcontainer.json # Container settings & extensions
β βββ post-create.sh # Setup script
βββ .env.example # Environment variables template
βββ .github/
β βββ chatmodes/ # GitHub Copilot chat modes
β βββ workflows/ # CI/CD pipelines
βββ docs/
β βββ cost-estimate.md # Cost estimation guide
β βββ diagrams/ # Architecture diagrams (Python)
β βββ waf-assessment/ # Well-Architected assessment
βββ infra/
β βββ bicep/
β βββ main.bicep # Main deployment template
β βββ main.json # Compiled ARM template
β βββ modules/ # Reusable Bicep modules
β β βββ acs-secrets.bicep
β β βββ app-service.bicep
β β βββ communication-services.bicep
β β βββ cosmos-db.bicep
β β βββ event-grid.bicep
β β βββ function-app.bicep
β β βββ key-vault.bicep
β β βββ monitoring.bicep
β β βββ storage.bicep
β βββ parameters/ # Environment parameters
β βββ dev.bicepparam
β βββ prod.bicepparam
βββ scripts/
β βββ deploy.ps1 # Deployment script
β βββ cleanup.ps1 # Cleanup script
β βββ configure-acs.ps1 # Post-deployment configuration
β βββ acs-config.json # ACS configuration file
β βββ acs-config.schema.json
βββ src/
β βββ python/
β βββ app.py # Flask REST API
β βββ acs_sdk_sample.py # ACS SDK examples
β βββ requirements.txt
β βββ functions/ # Azure Functions (event processing)
β βββ function_app.py
β βββ function.json
β βββ host.json
βββ README.md
βββ LICENSE
βββ CONTRIBUTING.md
βββ SECURITY.md
| CAF Pillar | Implementation |
|---|---|
| Strategy | Communication-as-a-Service for digital transformation |
| Plan | Phased rollout: Chat β Voice β Video β Advanced |
| Ready | Landing zone with security baseline |
| Adopt | ACS SDK integration patterns |
| Govern | Cost management, compliance policies |
| Manage | Monitoring, incident response |
See docs/waf-assessment/README.md for the complete assessment.
| Pillar | Score | Key Recommendations |
|---|---|---|
| Reliability | 85/100 | Multi-region, circuit breakers, retry policies |
| Security | 90/100 | Managed Identity, Key Vault, TLS 1.3 |
| Cost Optimization | 80/100 | Reserved capacity, auto-scaling |
| Operational Excellence | 85/100 | IaC, GitOps, monitoring |
| Performance Efficiency | 82/100 | CDN, connection pooling, caching |
This solution deploys into an Azure Landing Zone with:
- Connectivity Subscription: Hub network with ExpressRoute/VPN
- Identity Subscription: Entra ID integration
- Management Subscription: Monitoring, backup
- Landing Zone Subscription: ACS and application resources
| Variable | Description | Required |
|---|---|---|
ACS_CONNECTION_STRING |
ACS connection string | Yes |
ACS_ENDPOINT |
ACS endpoint URL | Yes |
AZURE_TENANT_ID |
Entra ID tenant ID | Yes |
AZURE_CLIENT_ID |
Application client ID | For SDK auth |
COSMOS_CONNECTION_STRING |
Cosmos DB connection | For chat history |
Edit the parameter files in infra/bicep/parameters/:
// parameters/dev.bicepparam
using '../main.bicep'
param environment = 'dev'
param projectName = 'acsref'
param enableSms = true
param enableVoice = true
param enableVideo = true
param enableChat = true
param enableEmail = false // Disabled by default
param enableAdvancedMessaging = false
param deployApplication = true // Set to false for infrastructure-onlyThe deployment includes Azure Monitor workbooks for:
- Call quality metrics (MOS scores, packet loss)
- Message delivery rates
- API latency and error rates
- Cost tracking by capability
Pre-configured alerts for:
| Metric | Threshold | Severity |
|---|---|---|
| Call failure rate | > 5% | High |
| Message delivery failure | > 2% | Medium |
| API response time | > 2s | Medium |
| Daily spend | > $100 | Low |
See docs/cost-estimate.md for detailed pricing.
| Capability | Unit | Price (approx) |
|---|---|---|
| Voice (PSTN) | per minute | $0.004 - $0.02 |
| Video | per participant/min | $0.004 |
| Chat | per message | $0.0008 |
| SMS (outbound) | per message | $0.0075 |
| per 1000 emails | $0.25 |
Estimated monthly cost for medium enterprise: $500 - $2,000
- Users: Entra ID with MFA
- Applications: Managed Identity (preferred) or Service Principal
- SDK Access: ACS tokens with configurable expiry
- Private endpoints for ACS (preview)
- Network security groups
- Azure Firewall integration
- DDoS protection
- Encryption at rest (AES-256)
- Encryption in transit (TLS 1.3)
- Call recording encryption
- GDPR compliance controls
# Install dependencies
pip install -r tests/requirements.txt
# Run tests
pytest tests/integration/ -vpytest tests/e2e/ -v --acs-endpoint $ACS_ENDPOINTSee CONTRIBUTING.md for guidelines.
- Fork the repository
- Create a feature branch
- Make your changes
- Submit a pull request
- Azure Communication Services Documentation
- ACS SDK Reference
- Cloud Adoption Framework
- Well-Architected Framework
- Azure Landing Zones
This project is licensed under the MIT License - see LICENSE for details.
- Azure Agentic InfraOps by Jonathan Vella - This project was created using the Azure Agentic InfraOps methodology
- GitHub Copilot - AI pair programmer that assisted in developing this reference architecture
- Azure Communication Services team
- Azure Well-Architected team
- Community contributors