ALZ-Bicep
ResourceModules
ALZ-Bicep | ResourceModules | |
---|---|---|
10 | 12 | |
703 | 719 | |
1.0% | 0.6% | |
8.6 | 9.5 | |
3 days ago | 28 days ago | |
Bicep | Bicep | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ALZ-Bicep
-
Simplify azure hub-spoke routing?
you can also use the default scripts from https://github.com/Azure/ALZ-Bicep
- Azure hub-and-spoke playground update
-
Looking for Terraform Assistance
Not sure what your requirements are for IAC but we started our eslz with bicep and using this https://github.com/Azure/ALZ-Bicep repo. We had some consultants help build and then train us to do the deployments. I was able to pick up bicep quickly. By the end of the engagement I was modifying our IAC as the need arises. I did try terraform but found it a bit cumbersome. I prefer how bicep is incremental vs terraform having a state file to manage. They both have their place and probably both are just as excellent in the right hands. But I personally got a lot farther on day one playing with bicep then I didi with terraform.
- Concrete hub-spoke example with resources/iAC?
-
Devops Pipeline + Bicep - Advice on how to structure
Also, take a look at the Azure Landing Zones bicep implementation (and follow the links to generic landing zones documentation, if you haven't gone through that yet) - again, probably not something for here and now, but something you might want to read when thinking about if there are more applicatons coming in, or need to scale more.
-
Migrating to Azure
1) Personally I would deploy the CAF blueprints (through the portal, or even better through CI/CD, I'm personally a fan of the Bicep templates. Then depending on what's already in the cloud (number wise, can you take a weekend of being offline while you fix it etc), you can opt to move the VMs out of the existing subscription/vnet, or recreate connectivity in a separate hub network. Ideally the AD VMs are moved to the identity subscription as well, so that's a 3rd sub.
-
Management group structure for enterprise environment?
The landing zone concept is a huge undertaking at Microsoft these days. There are many excellent resources to help get the core platform services and subscription stood up - https://github.com/Azure/ALZ-Bicep.
- Azure pipeline examples for deploying IAC to multi subscriptions using devops and Arm/BICEP?
-
Question on detection multiple path changes
- Deploy hub with adaptation of https://github.com/Azure/ALZ-Bicep - Deploy landing zone (ie. subscriptions into management group structure) implementation with a service principal scoped on management group. This step has a generic implementation with subscription-specific parameters. - Deploy workloads to the landing zone with service principal created by the previous step.
-
On-prem to Cloud migration: IaaS Azure Cloud Security thoughts
https://github.com/Azure/ALZ-Bicep https://github.com/Azure/Enterprise-Scale/blob/main/docs/ESLZ-Policies.md#eslz-policy-assignments-for-built-in-policy-definitions-and-policy-set-definitions https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/
ResourceModules
-
How do you design IaC modules and automations?
That is a great question, and not the least because it's the one I've been struggling with for the past few years. As for Azure and Bicep, we tried out a few things until we found out about the Common Azure Resource Modules Library (https://github.com/Azure/ResourceModules) and started experimenting on how to leverage that. Wheter you find such modules useful or not, I would suggest taking a look at the module design principles they have (https://github.com/Azure/ResourceModules/wiki/The%20context%20-%20CARML%20library), which I've found to be great.
- How does Microsoft update the README.md of a specific module in GitHub?
- In GitHub, how does Microsoft automatically update the README.md of a respective module?
- How does Microsoft update their README.md
-
How are you splitting out your IaC pipelines?
In general resource group is lifecycle and deployment boundary. So your Bicep or ARM templates should deploy resource groups with all resources included. To make it easier you can use resource modules from https://github.com/Azure/ResourceModules.
- Anyone using ACR Repository for Bicep Modules with ADO?
-
Devops Pipeline + Bicep - Advice on how to structure
For modularized Bicep, I'd suggest you to take a look at Common Azure Resource Modules Library - probably not much of an use right now if you have implemented everything, but could be of use if you feel like refactoring something. I wouldn't suggest it as an example on how to do custom bicep implementation, but one can certainly take some inspiration from there, if not directly using the modules.
-
ARM / Bicep template development just by hand?
What I found is that using the Resource Modules (https://github.com/Azure/ResourceModules) repo is the best approach. It simplifies the authoring quite a lot in my opinion. And every module on the repo is bicep. But since the modules are created by Microsoft/the community, not every resource or service has a ready module. I have been using it for the last 6-8 months, and find it covers 90% of my scenarios. And each module is quite well documented, but in some cases you have to study the module to figure out the required inputs.
-
How to structure code repositories
We don't have a team in place to update and maintain modules so that's where my thought about CARML comes into the picture. Unsure how this is maintained though and how to update the modules, and i think it makes it more complex and hard to understand for people unfamiliar with IaC.
- Bicep templates
What are some alternatives?
Enterprise-Scale - The Azure Landing Zones (Enterprise-Scale) architecture provides prescriptive guidance coupled with Azure best practices, and it follows design principles across the critical design areas for organizations to define their Azure architecture
opnazure - This template allows you to deploy an OPNsense Firewall Azure VM using the opnsense-bootsrtap installation method
avdaccelerator - AVD Accelerator deployment automation to simplify the setup of AVD (Azure Virtual Desktop) based on best practices
msdocs-django-postgresql-sample-app - A sample Django app using PostgreSQL for the Azure App Service Web App + Database tutorial. Designed for use with the Azure Developer CLI (azd).
data-management-zone - Template to deploy the Data Management Zone of Cloud Scale Analytics (former Enterprise-Scale Analytics). The Data Management Zone provides data governance and management capabilities for the data platform of an organization.
PSDocs - Generate documentation from Infrastructure as Code (IaC).
Nerdbank.GitVersioning - Stamp your assemblies, packages and more with a unique version generated from a single, simple version.json file and include git commit IDs for non-official builds.
PSBicep - This is the repo for the Bicep PowerShell Module.
hub-and-spoke-playground - A collection of BICEP/ARM templates that deploys on Azure a hub & spoke net topology aligned with Microsoft Enterprise scale landing zone ref architecture to use as playground for test and study. As bonus many scenarios with step-by-step solutions for studying and learning are also available
bicep-registry-modules - Bicep registry modules