Day 3 Challenge
Automate the Azure Barista's Azure Landing Zones deployment with either Bicep or Terraform.
Today’s hacking is about getting hands on with some of the automation artifacts provided to help you deploy Azure Landing Zones quickly and consistently.
It does not matter which tooling is used to implement Azure Landing Zone. It is far more important that the end result matches the architecture, adheres to the five principles and covers the eight critical design areas than how you get there, and most organisations will already have their own preferred automation tools.
Today hacking give you the choice of paths to explore:
- Official Bicep modules
- Official Terraform module
Day 3 Challenge
The primary objective is to build out the architecture using the Infrastructure as Code (IaC) and (optionally) CI/CD tool of your choice.
Use a different management group tree for this exercise (use a different top level name, e.g AZBIaC)
- Implement the reference Azure Landing Zones architecture using the IaC tool of your choice
- Customise the existing management groups to meet the Azure Baristas requirements
- Add additional management groups and policy assignments (custom landing zones) to meet the Azure Baristas requirements
You do not have to do these challenges in order, pick whichever ones are most appealing!
- Implement a canary management group branch
- You can combine this with the primary objective if you want to retain the manually deployed system for comparison
- Implement a branch protection strategy to control changes to production
- Implement a subscription vending machine
- You can mock up the subscription creation rather than using the real APIs
Official ARM resources
Official Bicep resources
⚠️ The Bicep resources are currently in preview.
Official Terraform module
Additional Terraform resources
- Subscription vending machine - community CI/CD pipeline
- aztfmod - complete and opinionated CAF solution, not 100% aligned to Azure Landing Zones
Help us improve
Azure Citadel is a community site built on GitHub, please contribute and send a pull requestMake a change