/azure-landing-zones

Azure landing zones configuration and deployment for the Molyneux.IO Azure Platform. Deployed using Bicep and Azure DevOps pipelines.

Primary LanguageBicepGNU General Public License v3.0GPL-3.0

Azure Landing Zones

Build Status

Documentation

Overview

This repository contains the resource configuration and associated Azure DevOps pipelines for the MX tenant azure landing zones.

It is largely based off of the Azure/ALZ-Bicep Azure Landing Zones Bicep repo.

Solution

Currently Bicep is being used to:

  • Create the Azure Landing Zone management groups
    • Excluding the corp and online under the Landing Zones as it is not required for the workloads I have on there.
  • Setup the custom policy and role definitions
  • Create a central logging and monitoring capability
  • Perform subscription placement for all of the subscriptions in the tenant
  • Perform some basic policy assignments to the management groups

Azure Pipelines

The one-pipeline is within the .azure-pipelines folder and output is visible on the frasermolyneux/Personal-Public Azure DevOps project. The pipeline will:

  • Execute Bicep linting
  • Perform preflight and what-if checks
  • Deploy the Bicep to Azure

Contributing

Please read the contributing guidance; this is a learning and development project.

Security

Please read the security guidance; I am always open to security feedback through email or opening an issue.