Simplify Your Cloud Adoption Journey with the Azure Cloud Adoption Template
The Azure Cloud Adoption Framework is a comprehensive set of resources to help organizations successfully adopt and maximize the value of Azure cloud services. The framework includes four levels of adoption, each with its own set of resources and tools to help you achieve your cloud goals.
|Resource Group, Key Vault
|Basic resources for managing and securing Azure resources.
|Networking, Compute, Storage, Monitoring and Management, Identity and Access Management
|Essential services for creating and managing Azure resources.
|Data Services, Developer Tools, Integration
|Advanced services for storing, processing, and integrating data in Azure.
|Security, Governance, Cost Management
|Advanced services for securing and optimizing Azure resources.
|Business Continuity, Application Modernization, Innovation
|Services for maximizing the value of Azure through innovation and modernization.
Following is the detailed list of resources with levels you will get with this demo
|Multiple resource groups are created to isolate the services.
|A storage account for remote tfstate management is provided for each level of the framework. Additional storage accounts are created for diagnostic logs.
|The launchpad Key Vault hosts all secrets required by the rover to access the remote states, the Key Vault policies are created allowing the logged-in user to see secrets created and stored.
|To secure the communication between the services a dedicated virtual network is deployed with a gateway subnet, bastion service, jumpbox and azure devops release agents. Service endpoints is enabled but not configured.
|Azure AD Applications
|An Azure AD application is created. This account is mainly use to bootstrap the services during the initialization. It is also considered as a breakglass account for the launchpad landing zones
The foundations landing zone allows you to manage the core components of an environment:
|Groups that allow you to manage your Azure resources in a hierarchical manner.
|Rules that enforce compliance and governance standards in Azure.
|Auditing and Accounting
|Tools for tracking and documenting resource usage and activity in Azure.
|Deployment or connection to existing ones
|Methods for deploying and connecting to existing Azure resources.
This scenario deploys the networking hub across multiple regions
The networking landing zone allows you to deploy most networking topologies on Microsoft Azure. The same landing zone used with different parameters should allow you to deploy most network configurations.
|Hub and spoke
|A network architecture where multiple resources are connected to a central hub.
|A service that allows you to connect multiple Azure resources across different regions.
|Application DMZ scenario
|A network configuration where an application is placed in a demilitarized zone (DMZ) for security purposes.
|Custom network topology
|A customized network architecture based on virtual networks or virtual WAN.
|Library of network security groups
|A collection of network security groups that define rules for inbound and outbound traffic.
The Shared services landing zone allows you to management components on Microsoft Azure, typically:
|Tools for monitoring the health and performance of Azure resources.
|Azure Site Recovery
|A service that enables you to recover from outages and disasters by replicating and failing over to Azure resources.
|A service that provides backup and recovery options for Azure resources.
|A service that enables you to automate Azure resource management tasks using runbooks and PowerShell.
|A service that deploys a single Azure Kubernetes Service cluster in a virtual network, with one node pool.
|App Service Environment
|A fully isolated and dedicated environment for hosting Azure App Service apps.
We offer the Azure Cloud Adoption Framework (CAF) template either in your own Azure environment or in a test environment provided by us. Our team is available to support you in whichever option you choose.
This template is initially deployed in a test environment, giving you the opportunity to evaluate its capabilities and test different configurations before deciding to migrate it to a production environment. This allows you to ensure that the server meets the specific needs of your organization.
If you have any additional requirements for the proof of concept or would like to further customize the template, please don’t hesitate to contact us. Our team is always available to assist you in getting the most out of your template. Thank you for considering our services, we look forward to working with you!