CAF Landing Zones Implementation
Cloud Migration & Modernization
Motivation
Using Azure can be as simple as clicking a button. Scaling Azure to an enterprise and leveraging the potential in a secure and compliant way is another story. It is vital to establish a foundation tailored to your organization‘s needs and provide standardised workspaces (landing zones) with maximum autonomy within defined guardrails to your development teams.
What we bring
PRODYNA comes with over 20 years of experience in enterprise software development and operations for many of the world‘s largest enterprises. In addition, we have a deep under- standing and practical experience implementing the Azure Cloud Adoption Framework (CAF). All this results in a Landing Zones architecture that will kickstart your Azure journey.
We understand the needs of your development teams and what it takes to implement a solid and maintainable landing zone structure with enterprise-grade security, compliance, and governance. We will further provide you access to our source code and proven landing zone implementation using state-of-the-art Infrastructure as Code (IaC) with Terraform.
In the course of an intensive Hackathon week involving all your stakeholders, we will fork the blueprint and tailored to your organization‘s unique requirements. At the end, you will have a rock-solid and scalable Azure foundation with all basic and many enhanced features in place:
- Global permission and policy management
- Azure Virtual WAN or multi-region Hub / Spoke network architecture with Azure Firewall
- VPN & ExpressRoute for On-Premises connectivity
- Full Private-Link support for all enabled services including on-premises DNS integration to access Azure managed services via a private network
- Central platform logging and auditing
- Developer self-service private DNS
- Preconfigured landing zones for maximum developer velocity
What you need
To make the best use of this offer and permit a fast and efficient start, you will need:
- An existing Azure contract e.g. Cloud Service Provider (CSP) via PRODYNA, Enterprise Agreement (EA) and any other CSP.
- Availability of your experts (e.g. future Azure team, network, DNS, IAM, etc.).
What you get
Here is a 5-day intensive plan:
01 Kickoff
- Review of the current state of the customers Azure journey
- Stakeholder management
- Introduction and handover of the PRODYNA landing zone blueprint
- Setup of the basic infrastructure as code process using Terraform
Deliverables
Ready to go Git repo and working IaC process for deploying to Azure.
02 Governance
- Definition and implementation of Azure management group structure
- Mapping and rollout of basic Azure Policies on different levels of the management group structure
Deliverables
Basic Azure governance structure implemented with Terraform
03 Management& Connectivity
- Setup central management structures for collecting platform- wide information (audit events, logs, etc.) to enable event-based, scheduled and manual platform automation and dash-boarding
- Review and refine connectivity requirements (e.g. network topology, on-premises connection, DNS, etc.)
Deliverables
- Central management resources
- Target connectivity architecture
04 Connectivity
Implement first region network Hub or Virtual WAN with:
- Azure Firewall in basic rule set
- VPN / ExpressRoute Gateway
- DNS forwarder
- Private-Link DNS zones
Deliverables
- Fully functional regional connectivity hub
- Reusable Terraform modules to roll out additional regions in minutes
05 First Landing Zone
Setup and connect first landing zone:
- Spoke network connected to hub
- Central auditing
- Ingress/Egress traffic filtering via Firewall
- Custom private DNS domain resolvable within Azure and from on-premises networks
- Preconfigured services secured with Private-End points (e.g. Key Vault, Storage Account)
- Pre-provisioned Server-Principals for automation and monitoring
Deliverables
- Ready to go landing zone
- Reusable Terraform modules to roll out new landing zones in minutes
Quick facts
Duration: 5 days intensive hackathon
Benefits
- Reduced risk: We have put years of experience & iterative improvements into the Terraform Blueprint by testing it in many projects. Your company benefits from this experience.
- Rapid start: Terraform Blueprint most likely represents more than 80% of your needs. All you need to do is customize the Blueprint to your company‘s needs.
- Get it right the first time: PRODYNA has implemented cloud architectures and landing zones for many enterprise customers. We know the pros and cons of the approaches and can put your organization on the right path within a week.
Contact us
for more information.
David Wainwright
Contact us
for more information.
Lukas Wolter
