Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This article helps you accelerate Azure App Service deployments using architectural guidance and reference implementations. The landing zone accelerator provides infrastructure as code templates that prepare a scalable and secure environment for your app workloads, adhering to Cloud Adoption Framework best practices.
Use a modular approach for flexible implementation
The Azure App Service landing zone accelerator offers a flexible foundation that works for both new implementations and existing App Service deployments. The modular architecture allows you to customize components based on your specific requirements. You need to evaluate your application needs and organizational constraints to create an effective landing zone. Here's how:
Determine your deployment type requirements. Choose between multitenant App Service for cost-effectiveness or App Service Environment for complete isolation. The accelerator supports both deployment types with specific guidance for each scenario where needed.
Customize the infrastructure templates. Adapt the provided infrastructure-as-code templates to match your organization's naming conventions, integrate with existing resources, and configure App Service Environment v3 modes based on your requirements.
Implement a platform foundation
A platform provides the shared services that support your App Service environment. These services handle network connectivity, security controls, identity management, and governance requirements. If you already have a foundation, you can build on it. If you don't have a platform foundation, start with the Azure landing zone guidance to create your cloud foundation.
Use the assets provided by the accelerator
The landing zone accelerator provides resources to support your App Service implementation:
Tailor the modular architecture components. Customize environment variables to match your specific workload requirements without rebuilding the entire solution.
Follow design guidelines. Access expert guidance on key design areas that affect your implementation. The documentation clearly indicates which sections apply to multitenant App Service or App Service Environments.
Deploy a reference implementation. Deploy a production-ready environment with infrastructure-as-code templates that create all necessary Azure resources.
Apply design guidelines for each key area
Address these design areas when implementing your landing zone:
- Identity and access management: Configure authentication, authorization, and secure resource access.
- Network topology and connectivity: Design network segmentation, connectivity, and security controls.
- Governance: Establish policies, cost management, and compliance controls.
- Security: Implement application protection, secret management, and compliance requirements.
- Management: Set up monitoring, diagnostics, and operational processes.
- Platform automation and DevOps: Implement CI/CD pipelines and infrastructure automation.
Deploy the reference implementation
Get started with the Azure App Service landing zone accelerator reference implementation on GitHub. The repository contains infrastructure-as-code templates and detailed deployment instructions.