ALZ-Bicep
avdaccelerator
Our great sponsors
ALZ-Bicep | avdaccelerator | |
---|---|---|
10 | 2 | |
700 | 290 | |
2.4% | 4.5% | |
8.6 | 9.8 | |
9 days ago | 4 days ago | |
Bicep | Bicep | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ALZ-Bicep
-
Simplify azure hub-spoke routing?
you can also use the default scripts from https://github.com/Azure/ALZ-Bicep
- Azure hub-and-spoke playground update
-
Looking for Terraform Assistance
Not sure what your requirements are for IAC but we started our eslz with bicep and using this https://github.com/Azure/ALZ-Bicep repo. We had some consultants help build and then train us to do the deployments. I was able to pick up bicep quickly. By the end of the engagement I was modifying our IAC as the need arises. I did try terraform but found it a bit cumbersome. I prefer how bicep is incremental vs terraform having a state file to manage. They both have their place and probably both are just as excellent in the right hands. But I personally got a lot farther on day one playing with bicep then I didi with terraform.
- Concrete hub-spoke example with resources/iAC?
-
Devops Pipeline + Bicep - Advice on how to structure
Also, take a look at the Azure Landing Zones bicep implementation (and follow the links to generic landing zones documentation, if you haven't gone through that yet) - again, probably not something for here and now, but something you might want to read when thinking about if there are more applicatons coming in, or need to scale more.
-
Migrating to Azure
1) Personally I would deploy the CAF blueprints (through the portal, or even better through CI/CD, I'm personally a fan of the Bicep templates. Then depending on what's already in the cloud (number wise, can you take a weekend of being offline while you fix it etc), you can opt to move the VMs out of the existing subscription/vnet, or recreate connectivity in a separate hub network. Ideally the AD VMs are moved to the identity subscription as well, so that's a 3rd sub.
-
Management group structure for enterprise environment?
The landing zone concept is a huge undertaking at Microsoft these days. There are many excellent resources to help get the core platform services and subscription stood up - https://github.com/Azure/ALZ-Bicep.
- Azure pipeline examples for deploying IAC to multi subscriptions using devops and Arm/BICEP?
-
Question on detection multiple path changes
- Deploy hub with adaptation of https://github.com/Azure/ALZ-Bicep - Deploy landing zone (ie. subscriptions into management group structure) implementation with a service principal scoped on management group. This step has a generic implementation with subscription-specific parameters. - Deploy workloads to the landing zone with service principal created by the previous step.
-
On-prem to Cloud migration: IaaS Azure Cloud Security thoughts
https://github.com/Azure/ALZ-Bicep https://github.com/Azure/Enterprise-Scale/blob/main/docs/ESLZ-Policies.md#eslz-policy-assignments-for-built-in-policy-definitions-and-policy-set-definitions https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/
avdaccelerator
-
Bicep - Deploying Extension - The VM agent is not installed/unresponsive - VM not finished deploying
You could introduce a delay after deploying the VM. An example can be found here at row 91 https://github.com/Azure/avdaccelerator/blob/main/workload/bicep/avd-modules/avd-storage-azurefiles.bicep
-
best places to learn Terraform and Ansible outside of work
You can also learn by contributing to open source projects like this: https://github.com/Azure/avdaccelerator
What are some alternatives?
Enterprise-Scale - The Azure Landing Zones (Enterprise-Scale) architecture provides prescriptive guidance coupled with Azure best practices, and it follows design principles across the critical design areas for organizations to define their Azure architecture
ResourceModules - This repository includes a CI platform for and collection of mature and curated Bicep modules. The platform supports both ARM and Bicep and can be leveraged using GitHub actions as well as Azure DevOps pipelines.
opnazure - This template allows you to deploy an OPNsense Firewall Azure VM using the opnsense-bootsrtap installation method
hub-and-spoke-playground - A collection of BICEP/ARM templates that deploys on Azure a hub & spoke net topology aligned with Microsoft Enterprise scale landing zone ref architecture to use as playground for test and study. As bonus many scenarios with step-by-step solutions for studying and learning are also available
msdocs-django-postgresql-sample-app - A sample Django app using PostgreSQL for the Azure App Service Web App + Database tutorial. Designed for use with the Azure Developer CLI (azd).
data-management-zone - Template to deploy the Data Management Zone of Cloud Scale Analytics (former Enterprise-Scale Analytics). The Data Management Zone provides data governance and management capabilities for the data platform of an organization.
azure-tailscale-aci-deploy - ARM & Bicep Templates to deploy a Tailscale subnet router with ACI
Nerdbank.GitVersioning - Stamp your assemblies, packages and more with a unique version generated from a single, simple version.json file and include git commit IDs for non-official builds.
Azure-IAC-Bicep - An IAC Management for Azure using Bicep
CanadaPubSecALZ - This reference implementation is based on Cloud Adoption Framework for Azure and provides an opinionated implementation that enables ITSG-33 regulatory compliance by using NIST SP 800-53 Rev. 4 and Canada Federal PBMM Regulatory Compliance Policy Sets.