Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Azure Strategy and Implementation Guide, Fourth Edition
Azure Strategy and Implementation Guide, Fourth Edition

Azure Strategy and Implementation Guide, Fourth Edition: The essential handbook to cloud transformation with Azure , Fourth Edition

Arrow left icon
Profile Icon Jack Lee Profile Icon Pokkunuri Profile Icon Leonardo Profile Icon Milgram Profile Icon David Rendón +1 more Show less
Arrow right icon
AU$14.99 AU$60.99
eBook May 2021 228 pages 4th Edition
eBook
AU$14.99 AU$60.99
Paperback
AU$75.99
Subscription
Free Trial
Renews at AU$24.99p/m
Arrow left icon
Profile Icon Jack Lee Profile Icon Pokkunuri Profile Icon Leonardo Profile Icon Milgram Profile Icon David Rendón +1 more Show less
Arrow right icon
AU$14.99 AU$60.99
eBook May 2021 228 pages 4th Edition
eBook
AU$14.99 AU$60.99
Paperback
AU$75.99
Subscription
Free Trial
Renews at AU$24.99p/m
eBook
AU$14.99 AU$60.99
Paperback
AU$75.99
Subscription
Free Trial
Renews at AU$24.99p/m

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Billing Address

Table of content icon View table of contents Preview book icon Preview Book

Azure Strategy and Implementation Guide, Fourth Edition

2. Automation and governance in Azure

In the last chapter, we saw how infrastructure in the cloud works from not only a native but also a hybrid perspective. We will now take a look at how we can build resources in Azure. You can now go to the Azure portal and create any Azure resource; however, this can be very cumbersome without automation. Automation in Azure is accomplished through Azure DevOps and Azure Resource Manager (ARM) templates. We are strictly sticking to out-of-the-box Microsoft solutions, but there are quite a few other deployment and development tools available that can help you accomplish automation tasks. Once you've deployed your resources, you need to ensure they're secure.

In this chapter, we are going to cover the following:

  • Azure DevOps and why it is important
  • ARM templates and the different ways they can be used
  • Fundamentals and best practices of deploying Azure Infrastructure as Code (IaC)
  • Benefits and best practices for identity and access control in Azure
  • Azure governance

Before we dive into how you can accomplish automation and what it means to have IaC, let's get an overview of Azure DevOps and ARM templates to build a foundation for this automation approach.

Azure DevOps

While this chapter isn't about Azure DevOps, it's a good idea to begin with a fundamental understanding of what it brings to the table. Azure DevOps is both a developer tool and a business tool, as it can be the source of truth for your code base and a backlog of items that code needs to accomplish. Let's look at some of the options that it brings to the table, from which you can pick and choose:

  • Azure Repos allows you to either create a Git repository or Team Foundation Version Control to store your development source control.
  • Azure Pipelines, one of the critical processes we will use in this chapter for the artifacts we create, provides build and release services for continuous integration and delivery (CI/CD) of your apps.
  • Azure Boards helps deliver a product backlog to plan and track work, code defects, and other issues that may arise during your software development.
  • Azure Test Plans allows you to test the code within your repository and enables you to perform manual and exploratory testing, along with continuous testing.
  • Azure Artifacts provides the elements needed for your code to be packaged and deployed, such as NuGet resources usually shared with your CI/CD pipelines.

As you can see, Azure DevOps is Microsoft's tool for deploying and managing applications within Azure as part of the release management process. To learn more about Azure DevOps, you can head over to the documentation at https://docs.microsoft.com/azure/devops/user-guide/what-is-azure-devops?view=azure-devops.

Note

Azure DevOps is available for free with a five-user license, so feel free to have a look and explore how deployment in Azure works. Head to https://azure.microsoft.com/services/devops/ to create your free account.

Now that we've discussed some of the toolings at a very high level, let's take a look at ARM templates.

ARM templates

ARM templates are how your infrastructure is represented as code. ARM templates help teams take a more agile approach to deploying infrastructure in the cloud; it is no longer necessary to click deploy within the Azure portal to create your infrastructure. An ARM template is a mixture of a JSON file representing the configuration of your infrastructure and a PowerShell script to execute that template and create the infrastructure.

The real benefit of using the ARM template system is that it allows you to have declarative syntax. That means you can deploy a virtual machine and create the networking infrastructure that goes around it. Templates end up providing a process that can be run repeatedly in a very consistent manner. They manage the desired state of the infrastructure, meaning a template becomes the source of truth for those infrastructure resources. If you make changes to your infrastructure, you should do that through the templates.

The template deployment process can't be accomplished without orchestrating how the template process needs to run and what order it needs to run in. It is also useful to break these files into smaller chunks and allow them to be linked together or reused in different fashions with other templates. This can help with understanding and controlling your infrastructure while making it repeatable and stable. ARM templates are used in CI/CD pipelines and code deployment to build a suite of applications within the organization.

The following JSON file shows you how ARM templates are structured:

{
  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {},
  "variables": {},
  "resources": [],
  "outputs": {}
}

As you can see, there are several important parts: parameters, variables, resources, and outputs. Let's discuss each of them briefly:

  • ARM template files should be parameterized, and there is a separate file for the parameters that maps to the parameters list in the JSON template file.
  • The variables portion is for variables used within this file. Variables are generally used for creating naming functions to help generate a naming convention that is already structured, and for building that structure to use input parameters to make the name.
  • The resources section is where all of the resources that you're trying to deploy with this ARM template are represented; these can range from virtual machines to websites.
  • Finally, the outputs section is anything you want to pass out of your ARM template to be used elsewhere, such as an SQL Server name, before running your SQL scripts.

Three files are created when you create an ARM template file within Visual Studio:

  • The first is the JSON file, which is the template that is represented in the preceding code.
  • The second is the JSON parameter input file, a file that can be changed with every deployment to match the environment you want to deploy.
  • The third is the PowerShell script used to execute the template. The PowerShell script accepts the resource group's inputs, the ARM template file, and the parameters file.

That was a quick overview of Azure DevOps and the files that are created when you create an ARM template. Let's see how Azure resources are deployed using these ARM templates.

Deploying Azure IaC

As we saw in the ARM templates section, we want to use ARM templates to deploy our infrastructure, as it fits in nicely with our CI/CD process. There are several ways to approach building out these templates.

One way is to create a monolithic template that contains all of the resources that you want to deploy. To make things a little more modular, you could use a nested template structure. Alternatively, you may want to take a more decoupled approach and create smaller templates that you can link together, making a highly usable and repeatable structure.

Let's take a look at each of these methods, starting with the monolithic view:

Monolithic view of an ARM template

Figure 2.1: Monolithic ARM template

As you can see in Figure 2.1, a monolithic ARM template deploys a UI front end with an API middle tier connected to the SQL database. In this process, we need to build out all of the dependencies within the JSON template. The SQL database is deployed before the API middle tier to use the connection string in the API application configuration. You would then deploy the UI layer with the API URL being used in the UI application configuration. The chaining of the deployment can work not only for deploying code but also helping with the configuration.

Alternatively, you could implement a nested template arrangement:

Nested ARM templates

Figure 2.2: Nested ARM templates

As you can see, this is similar to the structure in Figure 2.1. However, the templates within this structure are nested in separate file sections. This means that each template owns the resource within it that it's trying to deploy. This structure is similar to breaking out your C# code into manageable methods and actions. This follows the same deployment process as discussed in the monolithic scenario, but the files are nested.

The final structure is linked ARM templates:

The final structure—linked ARM templates

Figure 2.3: Linked ARM templates

As you can see, the templates are initially separate and decoupled from each other, and then we link them together in our release pipeline. Linked templates are similar to nested templates, except the files are external to the template and system, whereas the nested templates are included in the same scope as the parent template. This helps with reusability down the line, because the templates are separate files that can be linked to other deployment files.

We should note that with linked or nested templates, the deployment mode can only be set to Incremental. However, the main template can be deployed in Complete mode, so if the linked or nested templates target the same resource group, that combined deployment will be evaluated for a complete deployment; otherwise, it will deploy incrementally. To learn more about ARM deployment modes, visit https://docs.microsoft.com/azure/azure-resource-manager/templates/deployment-modes.

We've seen different ways of using these ARM templates to automate the deployment of infrastructure; now we turn to the benefits of doing so.

Left arrow icon Right arrow icon

Key benefits

  • Get to grips with the core Azure infrastructure technologies and solutions
  • Develop the ability to opt for cloud design and architecture that best fits your organization
  • Cover the entire spectrum of cloud migration from planning to implementation and best practices

Description

Microsoft Azure is a powerful cloud computing platform that offers a multitude of services and capabilities for organizations of any size moving to a cloud strategy. This fourth edition comes with the latest updates on cloud security fundamentals, hybrid cloud, cloud migration, Microsoft Azure Active Directory, and Windows Virtual Desktop. It encapsulates the entire spectrum of measures involved in Azure deployment that includes understanding Azure fundamentals, choosing a suitable cloud architecture, building on design principles, becoming familiar with Azure DevOps, and learning best practices for optimization and management. The book begins by introducing you to the Azure cloud platform and demonstrating the substantial scope of digital transformation and innovation that can be achieved with Azure's capabilities. The guide also acquaints you with practical insights into application modernization, Azure Infrastructure as a Service (IaaS) deployment, infrastructure management, key application architectures, best practices of Azure DevOps, and Azure automation. By the end of this book, you will have acquired the skills required to drive Azure operations from the planning and cloud migration stage to cost management and troubleshooting.

Who is this book for?

This book is designed to benefit Azure architects, cloud solution architects, Azure developers, Azure administrators, and anyone who wants to develop expertise in operating and administering the Azure cloud. Basic familiarity with operating systems and databases will help you grasp the concepts covered in this book.

What you will learn

  • Understand core Azure infrastructure technologies and solutions
  • Carry out detailed planning for migrating applications to the cloud with Azure
  • Deploy and run Azure infrastructure services
  • Define roles and responsibilities in DevOps
  • Get a firm grip on Azure security fundamentals
  • Carry out cost optimization in Azure

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : May 14, 2021
Length: 228 pages
Edition : 4th
Language : English
ISBN-13 : 9781801071642
Vendor :
Microsoft
Tools :

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Billing Address

Product Details

Publication date : May 14, 2021
Length: 228 pages
Edition : 4th
Language : English
ISBN-13 : 9781801071642
Vendor :
Microsoft
Tools :

Packt Subscriptions

See our plans and pricing
Modal Close icon
AU$24.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
AU$249.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just AU$5 each
Feature tick icon Exclusive print discounts
AU$349.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just AU$5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total AU$44.97 AU$184.97 AU$140.00 saved
Exam Ref AZ-304 Microsoft Azure Architect Design Certification and Beyond
AU$67.99
The Azure Cloud Native Architecture Mapbook
AU$86.99
Azure Strategy and Implementation Guide, Fourth Edition
AU$75.99
Total AU$44.97AU$184.97 AU$140.00 saved Stars icon
Banner background image

Table of Contents

9 Chapters
1. Introduction Chevron down icon Chevron up icon
2. Automation and governance in Azure Chevron down icon Chevron up icon
3. Modernizing with hybrid cloud and multicloud Chevron down icon Chevron up icon
4. Cloud migration: Planning, implementation, and best practices Chevron down icon Chevron up icon
5. Enabling secure, remote work with Microsoft Azure AD and WVD Chevron down icon Chevron up icon
6. Security fundamentals to help protect against cybercrime Chevron down icon Chevron up icon
7. Offers, support, resources, and tips to optimize cost in Azure Chevron down icon Chevron up icon
8. Conclusion Chevron down icon Chevron up icon
Index Chevron down icon Chevron up icon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

How do I buy and download an eBook? Chevron down icon Chevron up icon

Where there is an eBook version of a title available, you can buy it from the book details for that title. Add either the standalone eBook or the eBook and print book bundle to your shopping cart. Your eBook will show in your cart as a product on its own. After completing checkout and payment in the normal way, you will receive your receipt on the screen containing a link to a personalised PDF download file. This link will remain active for 30 days. You can download backup copies of the file by logging in to your account at any time.

If you already have Adobe reader installed, then clicking on the link will download and open the PDF file directly. If you don't, then save the PDF file on your machine and download the Reader to view it.

Please Note: Packt eBooks are non-returnable and non-refundable.

Packt eBook and Licensing When you buy an eBook from Packt Publishing, completing your purchase means you accept the terms of our licence agreement. Please read the full text of the agreement. In it we have tried to balance the need for the ebook to be usable for you the reader with our needs to protect the rights of us as Publishers and of our authors. In summary, the agreement says:

  • You may make copies of your eBook for your own use onto any machine
  • You may not pass copies of the eBook on to anyone else
How can I make a purchase on your website? Chevron down icon Chevron up icon

If you want to purchase a video course, eBook or Bundle (Print+eBook) please follow below steps:

  1. Register on our website using your email address and the password.
  2. Search for the title by name or ISBN using the search option.
  3. Select the title you want to purchase.
  4. Choose the format you wish to purchase the title in; if you order the Print Book, you get a free eBook copy of the same title. 
  5. Proceed with the checkout process (payment to be made using Credit Card, Debit Cart, or PayPal)
Where can I access support around an eBook? Chevron down icon Chevron up icon
  • If you experience a problem with using or installing Adobe Reader, the contact Adobe directly.
  • To view the errata for the book, see www.packtpub.com/support and view the pages for the title you have.
  • To view your account details or to download a new copy of the book go to www.packtpub.com/account
  • To contact us directly if a problem is not resolved, use www.packtpub.com/contact-us
What eBook formats do Packt support? Chevron down icon Chevron up icon

Our eBooks are currently available in a variety of formats such as PDF and ePubs. In the future, this may well change with trends and development in technology, but please note that our PDFs are not Adobe eBook Reader format, which has greater restrictions on security.

You will need to use Adobe Reader v9 or later in order to read Packt's PDF eBooks.

What are the benefits of eBooks? Chevron down icon Chevron up icon
  • You can get the information you need immediately
  • You can easily take them with you on a laptop
  • You can download them an unlimited number of times
  • You can print them out
  • They are copy-paste enabled
  • They are searchable
  • There is no password protection
  • They are lower price than print
  • They save resources and space
What is an eBook? Chevron down icon Chevron up icon

Packt eBooks are a complete electronic version of the print edition, available in PDF and ePub formats. Every piece of content down to the page numbering is the same. Because we save the costs of printing and shipping the book to you, we are able to offer eBooks at a lower cost than print editions.

When you have purchased an eBook, simply login to your account and click on the link in Your Download Area. We recommend you saving the file to your hard drive before opening it.

For optimal viewing of our eBooks, we recommend you download and install the free Adobe Reader version 9.