Azure Blueprints - Highlights

Paraphrased notes from the Microsoft documentation -

Azure Blueprints allow you to implement governance as code.

Azure Blueprints is a service that lets you define a repeatable set of Azure resources to implement your organization standards, patterns, and requirements

You'll use Azure Blueprints in a declarative way to build and deploy new environments with a set of built-in components.

You should think about Azure Blueprints as a package that you'll use to deploy and deliver governance as code. You can integrate it with your continuous integration and continuous deployment pipelines.

Blueprints are JSON files, and are composed of the following artifacts:

  1. Role assignments
  2. Policy assignments
  3. Azure Resource Manager templates
  4. Resource groups


These artifacts are embedded into the package, which can then be composed, versioned, and assigned to a management group containing multiple subscriptions, or assigned directly to a single subscription.

Once assigned, the package will start the deployment of roles, policies, templates, or resource groups against the management group or the subscription chosen.

Each blueprint can consist of zero or more ARM template artifacts. This support means that previous efforts to develop and maintain a library of ARM templates are reusable in Azure Blueprints.

A policy is a default allow and explicit deny system focused on resource properties during deployment and for already existing resources. 

It supports cloud governance by validating that resources within a subscription adhere to requirements and standards. Blueprints supports using parameters with policies and initiatives.

Blueprints can upgrade several subscriptions at once that are governed by the same blueprint.

Microsoft provides Azure Blueprints samples that are production quality and ready to deploy to assist you in meeting your various compliance needs.

Aside from the ability to start from scratch with your own blueprint, you can customize the samples provided by Microsoft.

Region E in the figure shows  sample blueprints representing scenarios where the compliance requirements are high and the architectural complexities are high.

The Azure Blueprint is backed by the globally distributed Azure Cosmos DB, which means that the blueprint objects are replicated to multiple Azure regions with low latency, high availability, and consistent access to your objects. 

Related -

An Overview of Azure Blueprints - Azure Friday, Feb 8, 2019

Intro to Azure blueprints, 14 min, 6 Units

Comments

Post a Comment