Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

docs: add sovereign landing zone #219

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 7 commits into from
Oct 16, 2024
Merged

docs: add sovereign landing zone #219

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
cca0ec4
docs: add microsoft cloud for sovereignty (#217)
VeronicaSea Oct 16, 2024
9f1ff33
Updates for SLZ
jaredfholgate Oct 16, 2024
270dd23
Add missing and fix comments in config examples
jaredfholgate Oct 16, 2024
8bbde76
Fix typos
jaredfholgate Oct 16, 2024
1e61d71
Remove erroneous link
jaredfholgate Oct 16, 2024
7da42b8
Update the default value of create_bootstrap_resources_in_azure to fa…
VeronicaSea Oct 16, 2024
23bca2e
Fixes per the PR feedback
jaredfholgate Oct 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions 7 docs/wiki/[User-Guide]-Quick-Start-Phase-2-Azure-DevOps.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -110,9 +110,11 @@ Although you can just run `Deploy-Accelerator` and fill out the prompted inputs,

1. Open your `inputs.yaml` file in Visual Studio Code (or your preferred editor) and copy the content from the relevant input file for your chosen starter module:
1. Complete Multi Region - [inputs-azure-devops-terraform-complete-multi-region.yaml][example_powershell_inputs_azure_devops_terraform_complete_multi_region]
1. Sovereign Landing Zone - [inputs-azure-devops-terraform-sovereign-landing-zone.yaml][example_powershell_inputs_azure_devops_terraform_sovereign_landing_zone]
1. Basic - [inputs-azure-devops-terraform-basic.yaml][example_powershell_inputs_azure_devops_terraform_basic]
1. Hub Networking - [inputs-azure-devops-terraform-hubnetworking.yaml][example_powershell_inputs_azure_devops_terraform_hubnetworking]
1. Complete - [inputs-azure-devops-terraform-complete.yaml][example_powershell_inputs_azure_devops_terraform_complete]

1. Check through the file and update each input as required. It is mandatory to update items with placeholders surrounded by angle brackets `<>`:

>NOTE: The following inputs can also be supplied via environment variables. This may be useful for sensitive values you don't wish to persist to a file. The `Env Var Prefix` denotes the prefix the environment variable should have. The environment variable is formatting is `<PREFIX>_<variable_name>`, e.g. `env:ALZ_iac_type = "terraform"` or `env:TF_VAR_azure_devops_personal_access_token = "*****..."`.
Expand Down Expand Up @@ -144,12 +146,15 @@ Although you can just run `Deploy-Accelerator` and fill out the prompted inputs,
| `allow_storage_access_from_my_ip` | `TF_VAR` | `false` | This controls whether to allow access to the storage account from your IP address. This is only needed for trouble shooting. This only applies if you have `use_private_networking` set to `true`. This defaults to `false`. |
| `apply_approvers` | `TF_VAR` | `<email-address>` | This is a list of service principal names (SPN) of people you wish to be in the group that approves apply of the Azure landing zone module. This is an array of strings like `["abc@xyz.com", "def@xyz.com", "ghi@xyz.com"]`. You may need to check what the SPN is prior to filling this out as it can vary based on identity provider. Use empty array `[]` to disable approvals. Note if supplying via the user interface, use a comma separated string like `abc@xyz.com,def@xyz.com,ghi@xyz.com`. |
| `create_branch_policies` | `TF_VAR` | `true` | This controls whether to create branch policies for the repository. This defaults to `true`. |
| `architecture_definition_name` | `TF_VAR` | N/A | This is the name of the architecture definition to use when applying the ALZ archetypes via the architecture definition template. This is only relevant to some starter modules, such as the `sovereign_landing_zone` starter module. This defaults to `null`. |

1. Now head over to your chosen starter module documentation to get the specific inputs for that module. Come back here when you are done.
- [Terraform Complete Multi Region Starter Module][wiki_starter_module_terraform_complete_multi_region]: Management groups, policies, Multi Region hub networking with fully custom configuration.
- [Terraform Sovereign Landing Zone Starter Module][wiki_starter_module_terraform_sovereign_landing_zone]: Management groups, policies, hub networking for the Sovereign Landing Zone.
- [Terraform Basic Starter Module][wiki_starter_module_terraform_basic]: Management groups and policies.
- [Terraform Hub Networking Starter Module][wiki_starter_module_terraform_hubnetworking]: Management groups, policies and hub networking.
- [Terraform Complete Starter Module][wiki_starter_module_terraform_complete]: Management groups, policies, hub networking with fully custom configuration.

1. In your PowerShell Core (pwsh) terminal run the module:

>NOTE: The following examples include 2 input files. This is the recommended approach for the `complete_multi_region` starter module. However, all inputs can be combined into a single file if desired and other starter modules only require a single input file.
Expand Down Expand Up @@ -183,9 +188,11 @@ Now head to [Phase 3][wiki_quick_start_phase_3].
[wiki_starter_module_terraform_hubnetworking]: %5BUser-Guide%5D-Starter-Module-Terraform-HubNetworking "Wiki - Start Modules - Terraform Hub Networking"
[wiki_starter_module_terraform_complete]: %5BUser-Guide%5D-Starter-Module-Terraform-Complete "Wiki - Starter Modules - Terraform Complete"
[wiki_starter_module_terraform_complete_multi_region]: %5BUser-Guide%5D-Starter-Module-Terraform-Complete-Multi-Region "Wiki - Starter Modules - Terraform Complete Multi Region"
[wiki_starter_module_terraform_sovereign_landing_zone]: %5BUser-Guide%5D-Starter-Module-Terraform-Sovereign-Landing-Zone "Wiki - Starter Modules - Terraform Sovereign Landing Zone"
[wiki_quick_start_phase_3]: %5BUser-Guide%5D-Quick-Start-Phase-3 "Wiki - Quick Start - Phase 3"
[example_powershell_inputs_azure_devops_bicep_complete]: examples/powershell-inputs/inputs-azure-devops-bicep-complete.yaml "Example - PowerShell Inputs - Azure DevOps - Bicep - Complete"
[example_powershell_inputs_azure_devops_terraform_basic]: examples/powershell-inputs/inputs-azure-devops-terraform-basic.yaml "Example - PowerShell Inputs - Azure DevOps - Terraform - Basic"
[example_powershell_inputs_azure_devops_terraform_hubnetworking]: examples/powershell-inputs/inputs-azure-devops-terraform-hubnetworking.yaml "Example - PowerShell Inputs - Azure DevOps - Terraform - Hub Networking"
[example_powershell_inputs_azure_devops_terraform_complete]: examples/powershell-inputs/inputs-azure-devops-terraform-complete.yaml "Example - PowerShell Inputs - Azure DevOps - Terraform - Complete"
[example_powershell_inputs_azure_devops_terraform_complete_multi_region]: examples/powershell-inputs/inputs-azure-devops-terraform-complete-multi-region.yaml "Example - PowerShell Inputs - Azure DevOps - Terraform - Complete Multi Region"
[example_powershell_inputs_azure_devops_terraform_sovereign_landing_zone]: examples/powershell-inputs/inputs-azure-devops-terraform-sovereign-landing-zone.yaml "Example - PowerShell Inputs - Azure DevOps - Terraform - Sovereign Landing Zone"
6 changes: 6 additions & 0 deletions 6 docs/wiki/[User-Guide]-Quick-Start-Phase-2-GitHub.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,7 @@ Although you can just run `Deploy-Accelerator` and fill out the prompted inputs,

1. Open your `inputs.yaml` file in Visual Studio Code (or your preferred editor) and copy the content from the relevant input file for your chosen starter module:
1. Complete Multi Region - [inputs-github-terraform-complete-multi-region.yaml][example_powershell_inputs_github_terraform_complete_multi_region]
1. Sovereign Landing Zone - [inputs-github-terraform-sovereign-landing-zone.yaml][example_powershell_inputs_github_terraform_sovereign_landing_zone]
1. Basic - [inputs-github-terraform-basic.yaml][example_powershell_inputs_github_terraform_basic]
1. Hub Networking - [inputs-github-terraform-hubnetworking.yaml][example_powershell_inputs_github_terraform_hubnetworking]
1. Complete - [inputs-github-terraform-complete.yaml][example_powershell_inputs_github_terraform_complete]
Expand Down Expand Up @@ -131,12 +132,15 @@ Although you can just run `Deploy-Accelerator` and fill out the prompted inputs,
| `allow_storage_access_from_my_ip` | `TF_VAR` | `false` | This controls whether to allow access to the storage account from your IP address. This is only needed for trouble shooting. This only applies if you have `use_private_networking` set to `true`. This defaults to `false`. |
| `apply_approvers` | `TF_VAR` | `<email-address>` | This is a list of service principal names (SPN) of people you wish to be in the group that approves apply of the Azure landing zone module. This is an array of strings like `["abc@xyz.com", "def@xyz.com", "ghi@xyz.com"]`. You may need to check what the SPN is prior to filling this out as it can vary based on identity provider. Use empty array `[]` to disable approvals. Note if supplying via the user interface, use a comma separated string like `abc@xyz.com,def@xyz.com,ghi@xyz.com`. |
| `create_branch_policies` | `TF_VAR` | `true` | This controls whether to create branch policies for the repository. This defaults to `true`. |
| `architecture_definition_name` | `TF_VAR` | N/A | This is the name of the architecture definition to use when applying the ALZ archetypes via the architecture definition template. This is only relevant to some starter modules, such as the `sovereign_landing_zone` starter module. This defaults to `null`. |

1. Now head over to your chosen starter module documentation to get the specific inputs for that module. Come back here when you are done.
- [Terraform Complete Multi Region Starter Module][wiki_starter_module_terraform_complete_multi_region]: Management groups, policies, Multi Region hub networking with fully custom configuration.
- [Terraform Sovereign Landing Zone Starter Module][wiki_starter_module_terraform_sovereign_landing_zone]: Management groups, policies, hub networking for the Sovereign Landing Zone.
- [Terraform Basic Starter Module][wiki_starter_module_terraform_basic]: Management groups and policies.
- [Terraform Hub Networking Starter Module][wiki_starter_module_terraform_hubnetworking]: Management groups, policies and hub networking.
- [Terraform Complete Starter Module][wiki_starter_module_terraform_complete]: Management groups, policies, hub networking with fully custom configuration.

1. In your PowerShell Core (pwsh) terminal run the module:

>NOTE: The following examples include 2 input files. This is the recommended approach for the `complete_multi_region` starter module. However, all inputs can be combined into a single file if desired and other starter modules only require a single input file.
Expand Down Expand Up @@ -170,9 +174,11 @@ Now head to [Phase 3][wiki_quick_start_phase_3].
[wiki_starter_module_terraform_hubnetworking]: %5BUser-Guide%5D-Starter-Module-Terraform-HubNetworking "Wiki - Start Modules - Terraform Hub Networking"
[wiki_starter_module_terraform_complete]: %5BUser-Guide%5D-Starter-Module-Terraform-Complete "Wiki - Starter Modules - Terraform Complete"
[wiki_starter_module_terraform_complete_multi_region]: %5BUser-Guide%5D-Starter-Module-Terraform-Complete-Multi-Region "Wiki - Starter Modules - Terraform Complete Multi Region"
[wiki_starter_module_terraform_sovereign_landing_zone]: %5BUser-Guide%5D-Starter-Module-Terraform-Sovereign-Landing-Zone "Wiki - Starter Modules - Terraform Sovereign Landing Zone"
[wiki_quick_start_phase_3]: %5BUser-Guide%5D-Quick-Start-Phase-3 "Wiki - Quick Start - Phase 3"
[example_powershell_inputs_github_bicep_complete]: examples/powershell-inputs/inputs-github-bicep-complete.yaml "Example - PowerShell Inputs - GitHub - Bicep - Complete"
[example_powershell_inputs_github_terraform_basic]: examples/powershell-inputs/inputs-github-terraform-basic.yaml "Example - PowerShell Inputs - GitHub - Terraform - Basic"
[example_powershell_inputs_github_terraform_hubnetworking]: examples/powershell-inputs/inputs-github-terraform-hubnetworking.yaml "Example - PowerShell Inputs - GitHub - Terraform - Hub Networking"
[example_powershell_inputs_github_terraform_complete]: examples/powershell-inputs/inputs-github-terraform-complete.yaml "Example - PowerShell Inputs - GitHub - Terraform - Complete"
[example_powershell_inputs_github_terraform_complete_multi_region]: examples/powershell-inputs/inputs-github-terraform-complete-multi-region.yaml "Example - PowerShell Inputs - GitHub - Terraform - Complete Multi Region"
[example_powershell_inputs_github_terraform_sovereign_landing_zone]: examples/powershell-inputs/inputs-github-terraform-sovereign-landing-zone.yaml "Example - PowerShell Inputs - GitHub - Terraform - Sovereign Landing Zone"
7 changes: 7 additions & 0 deletions 7 docs/wiki/[User-Guide]-Quick-Start-Phase-2-Local.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,9 +95,11 @@ Although you can just run `Deploy-Accelerator` and fill out the prompted inputs,

1. Open your `inputs.yaml` file in Visual Studio Code (or your preferred editor) and copy the content from the relevant input file for your chosen starter module:
1. Complete Multi Region - [inputs-local-terraform-complete-multi-region.yaml][example_powershell_inputs_local_terraform_complete_multi_region]
1. Sovereign Landing Zone - [inputs-local-terraform-sovereign-landing-zone.yaml][example_powershell_inputs_local_terraform_sovereign_landing_zone]
1. Basic - [inputs-local-terraform-basic.yaml][example_powershell_inputs_local_terraform_basic]
1. Hub Networking - [inputs-local-terraform-hubnetworking.yaml][example_powershell_inputs_local_terraform_hubnetworking]
1. Complete - [inputs-local-terraform-complete.yaml][example_powershell_inputs_local_terraform_complete]

1. Check through the file and update each input as required. It is mandatory to update items with placeholders surrounded by angle brackets `<>`:

>NOTE: The following inputs can also be supplied via environment variables. This may be useful for sensitive values you don't wish to persist to a file. The `Env Var Prefix` denotes the prefix the environment variable should have. The environment variable is formatting is `<PREFIX>_<variable_name>`, e.g. `env:ALZ_iac_type = "terraform"` or `env:TF_VAR_target_directory = "./accelerator/target"`.
Expand All @@ -120,12 +122,15 @@ Although you can just run `Deploy-Accelerator` and fill out the prompted inputs,
| `environment_name` | `TF_VAR` | `mgmt` | This is used to build up the names of your Azure and Azure DevOps resources, for example `rg-alz-<environment_name>-uksouth-001`. We recommend using `mgmt` for this. |
| `postfix_number` | `TF_VAR` | `1` | This is used to build up the names of your Azure and Azure DevOps resources, for example `rg-alz-mgmt-uksouth-<postfix_number>`. We recommend using `1` for this. |
| `grant_permissions_to_current_user` | `TF_VAR` | `true` | This determines whether the bootstrap will grant the current user permissions to the management group structure and stroage account created by the accelerator. This defaults to `true` so that the starter module can be immediately deployed from the local file system. Set this to `false` if you itend to wire up CI/CD with your own provider. |
| `architecture_definition_name` | `TF_VAR` | N/A | This is the name of the architecture definition to use when applying the ALZ archetypes via the architecture definition template. This is only relevant to some starter modules, such as the `sovereign_landing_zone` starter module. This defaults to `null`. |

1. Now head over to your chosen starter module documentation to get the specific inputs for that module. Come back here when you are done.
- [Terraform Complete Multi Region Starter Module][wiki_starter_module_terraform_complete_multi_region]: Management groups, policies, Multi Region hub networking with fully custom configuration.
- [Terraform Sovereign Landing Zone Starter Module][wiki_starter_module_terraform_sovereign_landing_zone]: Management groups, policies, hub networking for the Sovereign Landing Zone.
- [Terraform Basic Starter Module][wiki_starter_module_terraform_basic]: Management groups and policies.
- [Terraform Hub Networking Starter Module][wiki_starter_module_terraform_hubnetworking]: Management groups, policies and hub networking.
- [Terraform Complete Starter Module][wiki_starter_module_terraform_complete]: Management groups, policies, hub networking with fully custom configuration.

1. In your PowerShell Core (pwsh) terminal run the module:

>NOTE: The following examples include 2 input files. This is the recommended approach for the `complete_multi_region` starter module. However, all inputs can be combined into a single file if desired and other starter modules only require a single input file.
Expand Down Expand Up @@ -160,9 +165,11 @@ Now head to [Phase 3][wiki_quick_start_phase_3].
[wiki_starter_module_terraform_hubnetworking]: %5BUser-Guide%5D-Starter-Module-Terraform-HubNetworking "Wiki - Start Modules - Terraform Hub Networking"
[wiki_starter_module_terraform_complete]: %5BUser-Guide%5D-Starter-Module-Terraform-Complete "Wiki - Starter Modules - Terraform Complete"
[wiki_starter_module_terraform_complete_multi_region]: %5BUser-Guide%5D-Starter-Module-Terraform-Complete-Multi-Region "Wiki - Starter Modules - Terraform Complete Multi Region"
[wiki_starter_module_terraform_sovereign_landing_zone]: %5BUser-Guide%5D-Starter-Module-Terraform-Sovereign-Landing-Zone "Wiki - Starter Modules - Terraform Sovereign Landing Zone"
[wiki_quick_start_phase_3]: %5BUser-Guide%5D-Quick-Start-Phase-3 "Wiki - Quick Start - Phase 3"
[example_powershell_inputs_local_bicep_complete]: examples/powershell-inputs/inputs-local-bicep-complete.yaml "Example - PowerShell Inputs - Local - Bicep - Complete"
[example_powershell_inputs_local_terraform_basic]: examples/powershell-inputs/inputs-local-terraform-basic.yaml "Example - PowerShell Inputs - Local - Terraform - Basic"
[example_powershell_inputs_local_terraform_hubnetworking]: examples/powershell-inputs/inputs-local-terraform-hubnetworking.yaml "Example - PowerShell Inputs - Local - Terraform - Hub Networking"
[example_powershell_inputs_local_terraform_complete]: examples/powershell-inputs/inputs-local-terraform-complete.yaml "Example - PowerShell Inputs - Local - Terraform - Complete"
[example_powershell_inputs_local_terraform_complete_multi_region]: examples/powershell-inputs/inputs-local-terraform-complete-multi-region.yaml "Example - PowerShell Inputs - Local - Terraform - Complete Multi Region"
[example_powershell_inputs_local_terraform_sovereign_landing_zone]: examples/powershell-inputs/inputs-local-terraform-sovereign-landing-zone.yaml "Example - PowerShell Inputs - Local - Terraform - Sovereign Landing Zone"
Loading
Loading
Morty Proxy This is a proxified and sanitized view of the page, visit original site.