Skip to main content Link Menu Expand (external link) Document Search Copy Copied
Table of contents
  1. Goals
  2. Sources
    1. General
    2. Architectures
    3. Custom Management services
  3. Concepts
  4. Resources naming convention

Goals

This repository has 3 mainly goals :

  • Deploy AKS cluster and postgresql to host the Dynamic Inventory Application
  • Configure an Azure recipient to deploy resources from the Dynamic Inventory
  • Provide a set of guide lines, automation scripts to configure Azure resources.

Used tools in this repository are :

Sources

General

Architectures

Custom Management services

Concepts

Start the Azure’s journey by following Microsoft architecture recommendations with the usage of hub/spoke patterns and by segregating permissions granted to automation services accounts:

  • Create Root user of Azure subscription : This account is responsible to create the resources groups for expected deployments, provision automation accounts, grant them on their respective resource and manage the Hub virtual networks

  • Bootstrap Azure subscription : Deploy the inventory application to manage Azure inventory which is the brain of automation scripts.

  • Standard Automation users : These accounts are used to deploy their resources inside their resources groups.

Resources naming convention

Majority of resources have their name which starts with the first letter of resource name’s words. the “-“ is used to split terms in the naming if it is allowed by the Azure’s APIs.

Some exceptions exist:

  • Internal decision for short resource’name or because they are part of terms generaly used.
  • Azure API rule
Resource kind prefix Specific naming rule
Resource group rg- N/A
Virtual network vnet- Yes, internal decision
Subnet net- Yes, internal decision
Azure Kubernetes services aks- N/A
Azure Container registry acr Yes. ….
Storage account sa Yes, Storage account name must be between 3 and 24 characters in length and use numbers and lower-case letters only Storage account must be unique
Disk disk- Yes, internal decision
User Managed Identity umi- N/A
Log analytics la- N/A
Vault vault- Yes, A vault’s name must be between 3-24 alphanumeric characters. The name must begin with a letter, end with a letter or digit, and not contain consecutive hyphens