af0f7b7094
|
||
|---|---|---|
| .github | ||
| docs | ||
| src/bicep | ||
| .gitignore | ||
| .licenserc.json | ||
| CODE_OF_CONDUCT.md | ||
| LICENSE | ||
| README.md | ||
| SECURITY.md | ||
| SUPPORT.md | ||
| bicepconfig.json | ||
README.md
Azure NoOps Accelerator
"NoOps is not about the elimination of ops; it is about the elimination of manual handoffs and low-value, rote administration." - Forrester
Azure NoOps Accelerator is a flexible foundation that enables US Department of Defense and other Public Sector customers to quickly develop and maintain opinionated, policy-driven, and self-service encalves in their Azure environments.
Delivered as a collection of infrastructure as code (IaC) module templates written in Bicep, the NoOps Accelerator is intended to empower organizations on their journey to a continuous deployment model for their cloud infrastructure.
Quickstart
You can use the NoOps Accelerator to deploy SCCA-compliant landing zones based on Microsoft's SACA implementation guidance and Mission Landing Zone architecture.
Deploy a SCCA-compliant Landing Zone (SCCA Hub with 3 Spokes) using the Azure CLI
These steps walk through how to use NoOps to deploy a hub and spoke architecture. At the conclusion, you will have five resources groups mapped to the following:
- Hub: SCCA-compliant networking hub (1 vnet, 1 resource group)
- Tier 0 (T0): Identity & Authorization (1 vnet, 1 resource group)
- Tier 1 (T1): Infrastrcture Operations, and Logging (1 vnet, 2 resource groups)
- Tier 2 (T2): DevSecOps & Shared Services (1 vnet, 1 resource group)
Steps:
-
Clone the repository down and change directory to the
lz-platform-scca-hub-3spokedirectorygit clone https://github.com/Azure/NoOpsAccelerator.git cd NoOpsAccelerator/src/bicep/platforms/lz-platform-scca-hub-3spoke -
Deploy the landing zone with the
az deployment sub createcommand. For a quickstart, we suggest a test deployment into the current AZ CLI subscription using these parameters:--name: (optional) The deployment name, which is visible in the Azure Portal under Subscription/Deployments.--location: (required) The Azure region to store the deployment metadata.--template-file: The file path to thedeploy.biceptemplate.--parameters: The file path to theparameters/deploy.parameters.jsonfile, preceeded by@. Individual parameters can be overwritten using<parameter>=<value>format as well.--subscription: The GUID for the subscription to deploy into. Multiple subscriptions may be configured (i.e., to have separate subscriptions for each 'tier' in the MLZ architecture) in theparameters/deploy.parameters.json
Here is an example that deploys into a single subscription in the EastUS region of Azure Commercial:
az login az deployment sub create --name deploy-scca-hub-with-3-spokes --location EastUS --template-file deploy.bicep --parameters @parameters/deploy.parameters.json --subscription xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx -
After a successful deployment, see the enclaves folder for examples of complete, outcome-driven solutions built using the NoOps Accelerator. Also, be sure to take a look through our workloads and overlays folders to get a sense of the available pieces you can put together with the platform you just deployed to solve your mission challenges.
-
Don't forget to clean-up your environment by removing all of the resource groups created by the deployment when you are done with this Quickstart.
Don't have Azure CLI? Here's how to get started with Azure Cloud Shell in your browser: https://docs.microsoft.com/en-us/azure/cloud-shell/overview
Goals and Non-Goals of the NoOps Project
- be amazing
Getting Started
NoOps is amaze. Definitions of NoOps primitives. @matross-ghes
Architecture
a few useful pictures here.
Telemetry
Microsoft can identify the deployments of the Azure Resource Manager and Bicep templates with the deployed Azure resources. Microsoft can correlate these resources used to support the deployments. Microsoft collects this information to provide the best experiences with their products and to operate their business. The telemetry is collected through customer usage attribution. The data is collected and governed by Microsoft's privacy policies, located at https://www.microsoft.com/trustcenter.
If you don't wish to send usage data to Microsoft, you can set the customerUsageAttribution.enabled setting to false in global/telemetry.json.
Project Bicep collects telemetry in some scenarios as part of improving the product.
Product Roadmap
Contributing
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
Feedback, Support, and How to Contact Us
Please see the Support and Feedback Guide. To report a security issue please see our security guidance.
Trademarks
This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.
Special Thanks and Liner Notes
This project is greatly influenced by and owes a debt of graititude to the following: