![]() The management group policies ensure that the platform team still governs the application landing zone. The application team manages and supports the environment. ![]() The team applies controls and platform tools to the platform and application landing zones.Ī platform administration team delegates the entire application landing zone to an application team. Application landing zone management approachĪ central IT team fully operates the landing zone. You should use a (1) central team, (2) application team, or (3) shared team management approach, depending on your needs ( see table). There are three main approaches to managing application landing zones. It depicts representative resources and policies applied to the application landing zone. The conceptual architecture shows only the "Landing zone A2 subscription" in detail. In the conceptual architecture ( see figure 1), the "Landing zone A1 subscription" and "Landing zone A2 subscription" represent two different application landing zones. You pre-provision application landing zones through code and use management groups to assign policy controls to them. It depicts representative resources and policies applied to each platform landing zone.Īpplication landing zone: An application landing zone is a subscription for hosting an application. The conceptual architecture shows these three platform landing zones in detail. In the conceptual architecture ( see figure 1), the "Identity subscription", "Management subscription", and "Connectivity subscription" represent three different platform landing zones. One or more central teams manage the platform landing zones. Consolidating these shared services often improves operational efficiency. Platform landing zone: A platform landing zone is a subscription that provides shared services (identity, connectivity, management) to applications in application landing zones. ![]() It's worth explaining the function of both in more detail. application landing zonesĪn Azure landing zone consists of platform landing zones and application landing zones. You can see the resources in each subscription and the policies applied. The conceptual architecture shows five subscriptions in detail. The subscriptions under the "Landing zone" management group represent the application landing zones. The subscriptions under the "Platform" management group represent the platform landing zones. It organizes subscriptions (yellow boxes) by management group. Resource organization: The conceptual architecture shows a sample management group hierarchy. For more information on the design areas, see the Azure Landing Zone environment design areas. These design areas are Azure billing and Microsoft Entra tenant (A), identity and access management (B), resource organization (C), network topology and connectivity (E), security (F), management (D, G, H), governance (C, D), and platform automation and DevOps (I). Download a Visio file of this architecture.ĭesign areas: The conceptual architecture illustrates the relationships between its eight design areas. You should use this conceptual architecture as a starting point and tailor the architecture to meet your needs.įigure 1: Azure landing zone conceptual architecture. The Azure landing zone conceptual architecture ( see figure 1) represents an opinionated target architecture for your Azure landing zone. Modules make it easy to deploy and modify specific Azure landing zone architecture components as your requirements evolve. A repeatable infrastructure allows you to apply configurations and controls to every subscription consistently. Azure landing zone architectureĪn Azure landing zone architecture is scalable and modular to meet various deployment needs. Subscriptions for application resources are called application landing zones, and subscriptions for platform resources are called platform landing zones. ![]() An Azure landing zone uses subscriptions to isolate and scale application resources and platform resources. These design principles accommodate all application portfolios and enable application migration, modernization, and innovation at scale. An Azure landing zone is an environment that follows key design principles across eight design areas.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |