The Azure Landing Zones (Enterprise-Scale) architecture provides prescriptive guidance coupled with Azure best practices, and it follows design principles across the critical design areas for organizations to define their Azure architecture (by Azure)

Enterprise-Scale Alternatives

Similar projects and alternatives to Enterprise-Scale

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better Enterprise-Scale alternative or higher similarity.

Enterprise-Scale discussion

Log in or Post with

Enterprise-Scale reviews and mentions

Posts with mentions or reviews of Enterprise-Scale. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-11-24.
  • Azure Policies
    1 project | /r/AZURE | 13 Jul 2023
  • App Gateway deploy diagnostic settings with Azure Policy
    1 project | /r/AZURE | 20 Apr 2023
    We are deploying all our App Gateways in the hub subscription (a hub and spoke architecture). Occasionally, App Gateways are created without the diagnostic settings enabled on them (I know, this can be automated with IaC, but there more to it on a org level, and not worth discussing here, but yes, this could be a solution). However, I’m planning to use the following policy definition provided by the Azure Enterprise Scale project https://github.com/Azure/Enterprise-Scale/blob/main/src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-ApplicationGateway.json I’ve imported it, tested, works. BUT, as of today all App Gateways are sitting in one resource group, meaning that when app/dev teams want to access the logs, they get to potentially view logs for others as well (different teams, countries etc.). Not sure how this could be a problem from a regulatory, compliance standpoint, but the IT team was thinking about splitting the App Gateways per individual resource groups scope to the countries (one rsg for country x, another for country y …) where people from subscription x would be granted access to only rsg x within the transit subscription. Each would then have a dedicated Log analytics workspace in that resource group (the central IT team would still have access to all logs, countries only scope with RBAC to the respective resource groups). I could then of course assign per resource group the above policy n-time to make sure that the parameters reflected in each policy assignment point to the correct Log Analytics workspace.
  • Recommended Azure Policies
    1 project | /r/AZURE | 13 Apr 2023
    Hey! You should check out all the policies that are included within the Azure landing zone, these are what’s recommended as part of a landing zone deployment: https://github.com/Azure/Enterprise-Scale/wiki/ALZ-Policies
  • Management group separation
    1 project | /r/AZURE | 25 Jan 2023
    And it is in separate MG in the reference Enterprise Scale but if you look at the policies assignments - https://github.com/Azure/Enterprise-Scale/wiki/ALZ-Policies - you will notice policies I mentioned are assigned at the intermediate root level, so sandbox MG inhertis them.
  • dis-allow users to add inbound port rules?
    1 project | /r/AZURE | 23 Jan 2023
    There is a Azure policy somewhere in https://github.com/Azure/Enterprise-Scale that can block creation of rules for specific ports, etc.
  • [Issue] No cost analysis when scoping to management group
    1 project | /r/AZURE | 13 Jan 2023
    If you plan to scale out more (and for many other reasons), you should consider the reference architecture for Azure Landing Zones fka Enterprise Scale Landing Zones. https://github.com/Azure/Enterprise-Scale
  • Management group structure for enterprise environment?
    2 projects | /r/AZURE | 24 Nov 2022
    There is also a terraform version if that is your preferred IaC - https://github.com/Azure/Enterprise-Scale
  • Azure Landing Zone / Enterprise Model Assistance
    1 project | /r/AZURE | 4 Oct 2022
    You can opt to deploy the ESLZ reference implementation for AdventureWorks and select the single option for platform. https://github.com/Azure/Enterprise-Scale/
  • Azure Policy to Audit Application Gateway SSL Policy?
    1 project | /r/AZURE | 3 Oct 2022
    { policyType: "Custom", mode: "Indexed", displayName: "Application Gateway should be deployed with proper sslPolicy", description: "This policy enables you to restrict that Application Gateways is always deployed with the proper sslPolicy", metadata: { version: "1.0.0", category: "Network", source: "https://github.com/Azure/Enterprise-Scale/" }, parameters: { effect: { type: "String", allowedValues: [ "Audit", "Deny", "Disabled" ], defaultValue: "Audit", metadata: { displayName: "Effect", description: "Enable or disable the execution of the policy" } } }, policyRule: { if: { allOf: [ { field: "type", equals: "Microsoft.Network/applicationGateways" }, { field: "Microsoft.Network/applicationGateways/sslPolicy.policyName", notequals: "20170401S" } ] }, then: { effect: "[parameters('effect')]" } } }
  • MSDN / no global owner rights
    1 project | /r/AZURE | 30 Sep 2022
    I have a MSDN subscription but do not have Owner rights to it. Is there a work around so I deploy an ARM template from the /Azure/Enterprise-Scale github repo.? https://github.com/Azure/Enterprise-Scale
  • A note from our sponsor - InfluxDB
    www.influxdata.com | 19 Jun 2024
    Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →


Basic Enterprise-Scale repo stats
5 days ago

Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.