You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
# Pull Request
## Description
Docs updates for Sovereign Landing Zone
## License
By submitting this pull request, I confirm that my contribution is made
under the terms of the projects associated license.
---------
Co-authored-by: VeronicaSea <69697690+VeronicaSea@users.noreply.github.com>
Co-authored-by: Lucas McDaniel <lmcdaniel@microsoft.com>
Co-authored-by: Zhiyan Xu <zhiyxu@microsoft.com>
Copy file name to clipboardExpand all lines: docs/wiki/[User-Guide]-Quick-Start-Phase-2-Azure-DevOps.md
+7Lines changed: 7 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -110,9 +110,11 @@ Although you can just run `Deploy-Accelerator` and fill out the prompted inputs,
110
110
111
111
1. Open your `inputs.yaml` file in Visual Studio Code (or your preferred editor) and copy the content from the relevant input file for your chosen starter module:
112
112
1. Complete Multi Region - [inputs-azure-devops-terraform-complete-multi-region.yaml][example_powershell_inputs_azure_devops_terraform_complete_multi_region]
113
+
1. Sovereign Landing Zone - [inputs-azure-devops-terraform-sovereign-landing-zone.yaml][example_powershell_inputs_azure_devops_terraform_sovereign_landing_zone]
1. Check through the file and update each input as required. It is mandatory to update items with placeholders surrounded by angle brackets `<>`:
117
119
118
120
>NOTE: The following inputs can also be supplied via environment variables. This may be useful for sensitive values you don't wish to persist to a file. The `Env Var Prefix` denotes the prefix the environment variable should have. The environment variable is formatting is `<PREFIX>_<variable_name>`, e.g. `env:ALZ_iac_type = "terraform"` or `env:TF_VAR_azure_devops_personal_access_token = "*****..."`.
@@ -144,12 +146,15 @@ Although you can just run `Deploy-Accelerator` and fill out the prompted inputs,
144
146
| `allow_storage_access_from_my_ip` | `TF_VAR` | `false` | This controls whether to allow access to the storage account from your IP address. This is only needed for trouble shooting. This only applies if you have `use_private_networking` set to `true`. This defaults to `false`. |
145
147
| `apply_approvers` | `TF_VAR` | `<email-address>` | This is a list of service principal names (SPN) of people you wish to be in the group that approves apply of the Azure landing zone module. This is an array of strings like `["abc@xyz.com", "def@xyz.com", "ghi@xyz.com"]`. You may need to check what the SPN is prior to filling this out as it can vary based on identity provider. Use empty array `[]` to disable approvals. Note if supplying via the user interface, use a comma separated string like `abc@xyz.com,def@xyz.com,ghi@xyz.com`. |
146
148
| `create_branch_policies` | `TF_VAR` | `true` | This controls whether to create branch policies for the repository. This defaults to `true`. |
149
+
| `architecture_definition_name` | `TF_VAR` | N/A | This is the name of the architecture definition to use when applying the ALZ archetypes via the architecture definition template. This is only relevant to some starter modules, such as the `sovereign_landing_zone` starter module. This defaults to `null`. |
147
150
148
151
1. Now head over to your chosen starter module documentation to get the specific inputs for that module. Come back here when you are done.
149
152
- [Terraform Complete Multi Region Starter Module][wiki_starter_module_terraform_complete_multi_region]: Management groups, policies, Multi Region hub networking with fully custom configuration.
153
+
- [Terraform Sovereign Landing Zone Starter Module][wiki_starter_module_terraform_sovereign_landing_zone]: Management groups, policies, hub networking for the Sovereign Landing Zone.
150
154
- [Terraform Basic Starter Module][wiki_starter_module_terraform_basic]: Management groups and policies.
1. In your PowerShell Core (pwsh) terminal run the module:
154
159
155
160
>NOTE: The following examples include 2 input files. This is the recommended approach for the `complete_multi_region` starter module. However, all inputs can be combined into a single file if desired and other starter modules only require a single input file.
@@ -183,9 +188,11 @@ Now head to [Phase 3][wiki_quick_start_phase_3].
Copy file name to clipboardExpand all lines: docs/wiki/[User-Guide]-Quick-Start-Phase-2-GitHub.md
+6Lines changed: 6 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -100,6 +100,7 @@ Although you can just run `Deploy-Accelerator` and fill out the prompted inputs,
100
100
101
101
1. Open your `inputs.yaml` file in Visual Studio Code (or your preferred editor) and copy the content from the relevant input file for your chosen starter module:
102
102
1. Complete Multi Region - [inputs-github-terraform-complete-multi-region.yaml][example_powershell_inputs_github_terraform_complete_multi_region]
103
+
1. Sovereign Landing Zone - [inputs-github-terraform-sovereign-landing-zone.yaml][example_powershell_inputs_github_terraform_sovereign_landing_zone]
@@ -131,12 +132,15 @@ Although you can just run `Deploy-Accelerator` and fill out the prompted inputs,
131
132
| `allow_storage_access_from_my_ip` | `TF_VAR` | `false` | This controls whether to allow access to the storage account from your IP address. This is only needed for trouble shooting. This only applies if you have `use_private_networking` set to `true`. This defaults to `false`. |
132
133
| `apply_approvers` | `TF_VAR` | `<email-address>` | This is a list of service principal names (SPN) of people you wish to be in the group that approves apply of the Azure landing zone module. This is an array of strings like `["abc@xyz.com", "def@xyz.com", "ghi@xyz.com"]`. You may need to check what the SPN is prior to filling this out as it can vary based on identity provider. Use empty array `[]` to disable approvals. Note if supplying via the user interface, use a comma separated string like `abc@xyz.com,def@xyz.com,ghi@xyz.com`. |
133
134
| `create_branch_policies` | `TF_VAR` | `true` | This controls whether to create branch policies for the repository. This defaults to `true`. |
135
+
| `architecture_definition_name` | `TF_VAR` | N/A | This is the name of the architecture definition to use when applying the ALZ archetypes via the architecture definition template. This is only relevant to some starter modules, such as the `sovereign_landing_zone` starter module. This defaults to `null`. |
134
136
135
137
1. Now head over to your chosen starter module documentation to get the specific inputs for that module. Come back here when you are done.
136
138
- [Terraform Complete Multi Region Starter Module][wiki_starter_module_terraform_complete_multi_region]: Management groups, policies, Multi Region hub networking with fully custom configuration.
139
+
- [Terraform Sovereign Landing Zone Starter Module][wiki_starter_module_terraform_sovereign_landing_zone]: Management groups, policies, hub networking for the Sovereign Landing Zone.
137
140
- [Terraform Basic Starter Module][wiki_starter_module_terraform_basic]: Management groups and policies.
1. In your PowerShell Core (pwsh) terminal run the module:
141
145
142
146
>NOTE: The following examples include 2 input files. This is the recommended approach for the `complete_multi_region` starter module. However, all inputs can be combined into a single file if desired and other starter modules only require a single input file.
@@ -170,9 +174,11 @@ Now head to [Phase 3][wiki_quick_start_phase_3].
Copy file name to clipboardExpand all lines: docs/wiki/[User-Guide]-Quick-Start-Phase-2-Local.md
+7Lines changed: 7 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -95,9 +95,11 @@ Although you can just run `Deploy-Accelerator` and fill out the prompted inputs,
95
95
96
96
1. Open your `inputs.yaml` file in Visual Studio Code (or your preferred editor) and copy the content from the relevant input file for your chosen starter module:
97
97
1. Complete Multi Region - [inputs-local-terraform-complete-multi-region.yaml][example_powershell_inputs_local_terraform_complete_multi_region]
98
+
1. Sovereign Landing Zone - [inputs-local-terraform-sovereign-landing-zone.yaml][example_powershell_inputs_local_terraform_sovereign_landing_zone]
1. Check through the file and update each input as required. It is mandatory to update items with placeholders surrounded by angle brackets `<>`:
102
104
103
105
>NOTE: The following inputs can also be supplied via environment variables. This may be useful for sensitive values you don't wish to persist to a file. The `Env Var Prefix` denotes the prefix the environment variable should have. The environment variable is formatting is `<PREFIX>_<variable_name>`, e.g. `env:ALZ_iac_type = "terraform"` or `env:TF_VAR_target_directory = "./accelerator/target"`.
@@ -120,12 +122,15 @@ Although you can just run `Deploy-Accelerator` and fill out the prompted inputs,
120
122
| `environment_name` | `TF_VAR` | `mgmt` | This is used to build up the names of your Azure and Azure DevOps resources, for example `rg-alz-<environment_name>-uksouth-001`. We recommend using `mgmt` for this. |
121
123
| `postfix_number` | `TF_VAR` | `1` | This is used to build up the names of your Azure and Azure DevOps resources, for example `rg-alz-mgmt-uksouth-<postfix_number>`. We recommend using `1` for this. |
122
124
| `grant_permissions_to_current_user` | `TF_VAR` | `true` | This determines whether the bootstrap will grant the current user permissions to the management group structure and stroage account created by the accelerator. This defaults to `true` so that the starter module can be immediately deployed from the local file system. Set this to `false` if you itend to wire up CI/CD with your own provider. |
125
+
| `architecture_definition_name` | `TF_VAR` | N/A | This is the name of the architecture definition to use when applying the ALZ archetypes via the architecture definition template. This is only relevant to some starter modules, such as the `sovereign_landing_zone` starter module. This defaults to `null`. |
123
126
124
127
1. Now head over to your chosen starter module documentation to get the specific inputs for that module. Come back here when you are done.
125
128
- [Terraform Complete Multi Region Starter Module][wiki_starter_module_terraform_complete_multi_region]: Management groups, policies, Multi Region hub networking with fully custom configuration.
129
+
- [Terraform Sovereign Landing Zone Starter Module][wiki_starter_module_terraform_sovereign_landing_zone]: Management groups, policies, hub networking for the Sovereign Landing Zone.
126
130
- [Terraform Basic Starter Module][wiki_starter_module_terraform_basic]: Management groups and policies.
1. In your PowerShell Core (pwsh) terminal run the module:
130
135
131
136
>NOTE: The following examples include 2 input files. This is the recommended approach for the `complete_multi_region` starter module. However, all inputs can be combined into a single file if desired and other starter modules only require a single input file.
@@ -160,9 +165,11 @@ Now head to [Phase 3][wiki_quick_start_phase_3].
0 commit comments