Advanced - Govern, Enterprise Scale
In this workshop, you will learn how to design an enterprise scale Landing Zone in Azure. You get familiar with the design principles and the critical design areas.
At the end of this workshop, you will be able to leverage the existing enterprise scale architectures, able to build your own as well as understanding how to establish a policy driven governance.
- MS Learn Module Governance Methodology
- MS Learn Module Enterprise Scale
- MS Learn Module Well Architected Framework
- Access to an Azure tenant with full access and a subscription in this tenant with owner rights.
While progressing in the cloud journey of Contoso Land Surveying the central IT department wants to learn more about the concept of a platform landing zone in Azure. Contoso understood that the Microsoft Cloud Adoption Framework offers best practices around an enterprise scale landing zone.
For the success of the platform landing zone Contoso want to understand the decisions to be made and get recommendation for their implementation.
- Enterprise Agreement (EA) enrollment and Azure Active Directory tenants
- Identity and access management
- Management group and subscription organization
- Network topology and connectivity
- Management and monitoring
- Business continuity and disaster recovery
- Security governance and compliance
- Platform automation and DevOps
We go thru the framework and the five pillars of architectural excellence:
- Reliability
- Security
- Cost Optimization
- Operational Excellence
- Performance Efficiency
Challenge 1 - First implementation of enterprise scale to get a better understanding.
Challenge 2 - learn from the reference implementations
Challenge 3 - deploy policies and role assignments using CI/CD pipeline
See the code sample provided in the bicep-sample Folder in this repo. There is also a slidedeck provided.