This template repository contains all templates to deploy the Data Management Landing Zone of the Cloud-scale Analytics architecture. The Data Management Landing Zone is the central management instance to govern all data assets across all Data Landing Zones and possible even beyond that.
By navigating through the deployment steps, you will deploy the following setup in a subscription:
Note: Before deploying the resources, we recommend to check registration status of the required resource providers in your subscription. For more information, see Resource providers for Azure services.
The deployment and code artifacts include the following services:
- Virtual Network
- Network Security Groups
- Route Tables
- Azure Firewall (optional)
- Firewall Policy (optional)
- Private DNS Zones (optional)
- Container Registry
- Purview
- Key Vault
- Storage Account
- Synapse Private Link Hub
- PowerBI
To help you more quickly understand the structure of the repository, here is an overview of what the respective folders contain:
| File/folder | Description |
|---|---|
.ado/workflows |
Folder for ADO workflows. The dataManagementZoneDeployment.yml workflow shows the steps for an end-to-end deployment of the architecture. |
.github/workflows |
Folder for GitHub workflows. The dataManagementZoneDeployment.yml workflow shows the steps for an end-to-end deployment of the architecture. |
code |
Sample password generation script that will be run in the deployment workflow for resources that require a password during the deployment. |
docs |
Resources for this README. |
infra |
Folder containing all the Bicep and ARM templates for each of the resources that will be deployed. |
CODE_OF_CONDUCT.md |
Microsoft Open Source Code of Conduct. |
LICENSE |
The license for the sample. |
README.md |
This README file. |
SECURITY.md |
Microsoft Security README. |
For now, we are recommending to select one of the regions mentioned below. The list of regions is limited for now due to the fact that not all services and features are available in all regions. This is mostly related to the fact that we are recommending to leverage at least the zone-redundant storage replication option for all your central Data Lakes in the Data Landing Zones. Since zone-redundant storage is not available in all regions, we are limiting the regions in the Deploy to Azure experience. If you are planning to deploy the Data Management Landing Zone and Data Landing Zone to a region that is not listed below, then please change the setting in the corresponding bicep files in this repository. Deployment has been tested in the following regions:
- (Africa) South Africa North (*)
- (Asia Pacific) Australia East
- (Asia Pacific) Central India
- (Asia Pacific) Japan East (*)
- (Asia Pacific) Southeast Asia
- (Asia Pacific) South India (*)
- (Canada) Canada Central
- (Europe) France Central
- (Europe) Germany West Central (*)
- (Europe) North Europe
- (Europe) UK South
- (Europe) West Europe
- (South America) Brazil South
- (US) Central US (*)
- (US) East US
- (US) East US 2
- (US) South Central US
- (US) West Central US
- (US) West US 2
(*) When the regions currently not supporting Microsoft Purview gets selected, the Microsoft Purview deployment gets performed on the default region (Europe) North Europe. Please open a pull request if you want to deploy the artifacts into a region that is not listed above.
Before we start with the deployment, please make sure that you have the following available:
- An Azure subscription. If you don't have an Azure subscription, create your Azure free account today.
- User Access Administrator or Owner access to the subscription to be able to create a service principal and role assignments for it.
- For the deployment, please choose one of the Supported Regions.
Now you have two options for the deployment of the Data Management Landing Zone:
- Deploy to Azure Button
- GitHub Actions or Azure DevOps Pipelines
To use the Deploy to Azure Button, please click on the button below:
| Reference implementation | Description | Deploy to Azure |
|---|---|---|
| Cloud-Scale Analytics Scenario | Deploys a Data Management Landing Zone and one or multiple Data Landing Zone all at once. Provides less options than the the individual Data Management Landing Zone and Data Landing Zone deployment options. Helps you to quickly get started and make yourself familiar with the reference design. For more advanced scenarios, please deploy the artifacts individually. | |
| Data Management Landing Zone | Deploys a single Data Management Landing Zone to a subscription. |
Alternatively, click on Next to follow the steps required to successfully deploy the Data Management Landing Zone through GitHub Actions or Azure DevOps.