Azure AdoptCloud thinking
Links: Azure/WAF_WellArchitectedFramework , https://youtu.be/T7neX1i6iF0
- Why are we doing this ? " 3 wishes for future it ?
- Get out of Capex into opex ?
- Security?
- Scalability?
- Innovation?
- Is there a compeling event ?
- Budget available?
- Determine upfront efforts
- Dream target stack ?
- Containers?
- PaaS DB's
- App service?
- Lift and shift then evolve
- Requirements?
- PCI - finance ?
- Org
- Educate skills
- Use opertunity to upskill
- How ?
- Encourage certification
- Sandboxes to play
- Time to play/learn
- Identify for cloud
- Entra(AD) tenant single identity source
- HR system?
- Provision and de-provision
- Dynamic groups
- Policy around identity, the first entry point.
- Regions?
- Where are customer's?
- Regularty requirements?
Governance
- Critical for cloud - self service
- Policies to enforce standards - before provisioning
- Define Standards
- Naming of resources
- Structure - subscription
- 1 X core Identity AD
- 1 X core network express route
- 1 X busines owners
- Cost management
- RG used for lifecycle grouping.
- Structure - subscription
- Naming of resources
- Reservations
- Monitoring
- Not just cloud
- App
- Support synthetic transactions
- Baseline
- Feed into
- Dashboards
- Alerts
- Goal, know about problems before users,
- Drive DR trigger
Networking connectivity
- On prem connectivity
Private connectivity (ExpressRoute)
VPN ExpressRoute inter-connectivity.
- Site-to-site VPN
Azure Virtual Wan - SD-Wan provider or VPN
- Hub and spoke?
- Remote user VPN connectivity (point-to-site).
- Application
- Micro segmentation
- Minimum possible to be functional
Operations
- Expectations
- AKS updates ? Nodes ?
- Test first ?
- Alerts owned ?
- AKS updates ? Nodes ?
- Security engrained
- Az_FW , Cloud front + Waf
== Team create reusable templates ==
- Patterns for app teams
- Make it easier
Encourage good process, git clone DevOps baked in
- Gives: Consistency, quality, easier support, less vulnerability and exposure
- Consumed by application teams
- provide support for easy consumption