| Stage | Status |
|---|---|
| DevOps Secure Scanning | |
| Build | |
| Release to Production |
This repository contains the resource configuration and associated Azure DevOps pipelines for the MX tenant azure landing zones.
It is largely based off of the Azure/ALZ-Bicep Azure Landing Zones Bicep repo.
Currently Bicep is being used to:
- Create the Azure Landing Zone management groups
- Excluding the
corpandonlineunder theLanding Zonesas it is not required for the workloads I have on there.
- Excluding the
- Setup the custom policy and role definitions
- Create a central logging and monitoring capability
- Perform subscription placement for all of the subscriptions in the tenant
- Perform some basic policy assignments to the management groups
The one-pipeline is within the .azure-pipelines folder and output is visible on the frasermolyneux/Personal-Public Azure DevOps project. The pipeline will:
- Execute Bicep linting
- Perform preflight and what-if checks
- Deploy the Bicep to Azure
Please read the contributing guidance; this is a learning and development project.
Please read the security guidance; I am always open to security feedback through email or opening an issue.