This Projects gives you a basic understanding of creating landing zone by writing CI/CD pipeline to ensure end-to-end automation.
Here, we can get familiar with writing terraform configuration files in HCL and deploying it throgh Azure DevOps CI/CD pipeline. In this section we have created below resources:
- Resource Group - 1
- Virtual Network - to secure our resources in cloud
- 3 Subnets - each subnet for vm and bastion
- Storage Account + Container - for storing tfstate file
- Virtual Machines - 2
- Azure Bastion - To access VMs in Vnet
- Key Vault - to store secret data
VS code Terraform git Azure DevOps Azure Portal
Configure self hosted agent or you should have Azure hosted agent Create Service Principal from Azure Portal
- Create secret and certificate
- And add contributor role to it. Create Service Connection from Azure DevOps
We have written CI/CD pipeline to deploy the resources and can be tested by accessing VMs through Bastion.
You are always welcome to contribute to this project by adding other security services azure gateway, firewall, etc.