Cloud Adoption Framework, Scaffolding and Azure Virtual Datacenter

<Updated 11th July 2019>

Since we started to help customers of all sizes to deploy cloud technologies, we have developed many frameworks which all evolved in parallel over time. You may have heard about: Cloud Adoption Framework, Cloud Operations Model, Entreprise Cloud Strategy, Entreprise Scaffolding and maybe a couple more.

The CAF is dead, long live the CAF!

A couple of weeks ago, we published a new version of CAF – Cloud Adoption Framework for Azure, which consolidates all of our engineering and field best practices, as well as patterns that we’ve seen from big entreprises going to the cloud.

CAF has now five main sections which guide you throughout the whole circle:

cloud-adoption-framework-overview

  1. Plan
  2. Ready
  3. Migrate
  4. Manage
  5. Govern

This model is very realistic and field inspired, including some discussions around adoption with one or more cloud providers.

Governance

One of the most intimidating aspects of cloud adoption is the governance: how to manage new risks that are involved with cloud deployments and how to accompany that with entreprise processes and policies (and how does it remain current).

It is of course an iterative process that will evolve as you add new services into your environment: from dev/test to prod, and from legacy 3-tiers application to a brand new cloud-native application.

We distinguish 5 disciplines in governance:

  1. Cost management
  2. Security baseline
  3. Resource consistency
  4. Identity baseline
  5. Deployment Acceleration

But the difficulty is the first step: how do I get a minimal viable product (MVP) for my first cloud deployment?

incremental-governance-example

Actions: In order to avoid you the blank page syndrome, we have prepared you some actions:

  1. Determine your immediate objectives with cloud, and the readiness of your organization. Cloud Assessment Tool: https://aka.ms/CAF/gov/assess 
  2. Establish your governance MVP:
    1. Small to Medium Entreprises
    2. Large Entreprises

For all those journey we document a minimum viable product across the five disciplines, we explain the design decisions we took for you, the discussion points and alternative design considerations.

When we define governance, we also think about compliance to the rules, and automatic remediation methods for it: this is called Azure Policy.

Along the way, if you are going for ongoing compliance, why not going to continuous integration and continuous deployment for your infrastructure?

cicd

If you want to have a look at all of that in action, check at:

Azure Scaffolding

We used to talk a lot of  “scaffolding” as it is an excellent checklist, or set of mandatory technical implentation details for a good cloud deployment. It is being replaced by the “landing zone” construct (see next section).

Here is a refresher picture about what scaffolding includes:

scaffoldv2

Important readings on Azure Scaffolding:

Azure Landing Zones

Landing Zone is our new construct to describe a good deployment, its replacing the scaffolding idea but takes all of its good ideas.

landing-zone-considerations-2

It has the idea of primitives which includes all mandatory decisions:

  • Management Groups
  • Resource Groups
  • Naming Standards
  • Number of subscriptions

On the technical implementations of Governance it includes all of:

  • Policies
  • Cost
  • Monitoring
  • Identity

Moreover, it comes with all set of decision trees in order to help you when it comes to implementation with your customers/partners:

 

Azure Virtual Datacenter

Azure VDC is a set of concepts, implentation guidance and automation scripts that allows you to build a highly available and highly secure datacenter, based on Microsoft Azure services.

vdc_example

You can find all the materials here: https://docs.microsoft.com/en-gb/azure/architecture/vdc/ 

Check at the automation scripts and all the archetypes that allow you to deploy a VDC environment fast – based on Docker and Python : https://github.com/Azure/vdc

As last reference, as usual, our Azure Architecture Center

That’s it, now you will have a very well architected Azure deployment!

Arnaud 

Azure Governance in the real world

In this session, we review the fundamentals behind a well managed Azure environment: Azure Management Groups, Azure Policy and Blueprints.

Below is the registration link for the session: https://info.microsoft.com/AP-AzureINFRA-WBNR-FY19-01Jan-24-Azuregovernancemanagement-MCW0010995_01Registration-ForminBody.html 

Slides

Download the slides here

Demo 1: Architecture Center, Service Trust Portal

 

Demo 2: Azure Management Groups & Azure Policy

 

Demo 3: Create custom policies with Terraform

 

Demo 4: Azure Blueprints

 

More

Follow the new sessions coming up on the Azure APAC webinar series: 

https://www.microsoft.com/en-sg/apac/azurewebinar 

As usual, feel free to reach out if you have any question!

Arnaud

Optimize your Cloud With Azure Networking

Here are the materials from our online session dedicated to Azure networking new features! In it, we cover exciting new features like Azure Front Door, Azure Virtual WAN, and many more.

On-demand content

https://info.microsoft.com/AP-AzureINFRA-WBNR-FY19-11Nov-15-OptimizeyourCloudWithAzureNetworking-MCW0009873_02OnDemandRegistration-ForminBody.html 

Slides

Demo

Azure Front Door

Azure Firewall (previously demoed here)

 

Reference materials:

As usual, feel free to reach out if you have any question – @arnaudlheureux !

Azure Migrate Overview

Please find here the materials from our online session dedicated to datacenter migrations to Azure called: “The secrets behind a well-orchestrated migration to Azure”. In this session we discuss the migration to Azure with Azure Migrate and Azure Site Recovery.

You can replay the session on-demand:
https://info.microsoft.com/AP-AzureINFRA-WBNR-FY19-09Sep-18-ThesecretsbehindawellorchestratedmigrationtoAzure-MCW0008785_01Registration-ForminBody.html 

You can view the slides:

You can find the reference materials from this session:

See you soon!

Arnaud

Improve your application security and compliance with Azure

Please find below materials from our online session for 29th August 2018 10am Singapore time!

Microsoft Azure enables you to meet the compliance requirements for data confidentiality, while ensuring data integrity and availability at all times. Tune in to this webinar to find out more about the available security technologies for your application and learn more about the security tools to help you meet the data compliance and protection requirements for your organization.

On-demand content

Registration: https://info.microsoft.com/AP-AzureINFRA-WBNR-FY19-08Aug-29-securityandcompliancewithAzure-MCW0008428_01Registration-ForminBody.html 

Slides

Demos

Azure Privacy and Compliance

Azure Firewall

Azure Security Center

 

As usual, feel free to reach out if you have any question!

 

Arnaud