Sovereign Landing Zone (SLZ) provides an environment offering guardrails through policies and policy sets, security-enforcement, and consistent baseline infrastructure for deploying workloads and applications. SLZ is based on Azure Landing Zones and extends it with guardrails and security controls specific to sovereignty requirements.
To help accelerate customers time-to-value while assisting them in meeting their compliance objectives, the Microsoft Cloud for Sovereignty includes ready-to-use workload templates that can be consistently deployed and operated in a repeatable manner. The workload templates are aligned with Sovereignty Policy Baseline, Cloud for Sovereignty policy portfolio, and Azure Landing Zone default policies.
We're introducing two templates, and a sample sovereign application for learning purposes and to validate the functionality of SLZ policy sets and their enforcement of the confidentiality of services within the Sovereign Landing Zone.
You can deploy all applications using the PowerShell and Bicep, and they are fully compatible with SLZ. To learn more about the advantages of using these templates, refer to the following links:
- Azure Lighthouse template
- Azure Confidential Virtual Machine AMD-SNP template
- Confidential sample application
To ensure your data is secure and your privacy controls are addressed, we recommend that you follow a set of best practices when deploying into Azure:
Protecting your data also requires that all aspects of your security and compliance program include your cloud infrastructure and data. The following guidance can help you to secure your deployment.
This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.
The Microsoft Cloud for Sovereignty Quickstarts 1) is not designed, intended, or made available as legal services, (2) is not intended to substitute for professional legal counsel or judgment, and (3) should not be used in place of consulting with a qualified professional legal professional for your specific needs. Microsoft makes no warranty that the Microsoft Cloud for Sovereignty Quickstarts is accurate, up-to-date, or complete. You are wholly responsible for ensuring your own compliance with all applicable laws and regulations.