Azure Landing Zones as a Service

Transcript

1. Azure Usergroup Meetup, February 5th 2025 Banking Circle introduction

2. WHO ARE WE? Banking Circle 2

3. Banking Circle 3

4. WHO ARE WE? As Platform Engineers, we support teams (>200

   people in Engineering) that build: • Client-facing APIs • Core Banking Systems • Internal reporting tools • Data • Integrations with other companies and clearing schemes • … In Azure, using different languages, architectures, development processes, etc Banking Circle 4

5. COMMUNITY Banking Circle 5

6. AZURE FOUNDATION Banking Circle 6

7. Azure Usergroup Meetup, February 5th 2025 Azure Landing Zones as

   a Service

8. 2021 “I need an environment” Banking Circle 8

9. 2021 … Banking Circle 9

10. 2021 Banking Circle 10

11. Banking Circle 11 1. Create AM Functions 2. Create AM

    App Service / function 3. DevOps → Create New Stage → Create New App Service Connection → Create Release Pipeline for AM App Service / function → App Service - Add Application and Config Settings → App Function - Add Application and Config Settings 4. Add all Secrets in new KeyVault 5. Config Setup → Table in DB 6. DevOps UI → Create New Build Pipeline for UI → Create New Release Stage for UI → Create New Libraries for env Specific param 7. Deploy Backend 8. Deploy UI 9. Create a Cname for New App GW env 10.Create a Cname for Authorization 11.App GW → Create new Backend pools → Create new Listeners → Create new Rules

12. 12 Infrastructure as Code Banking Circle 12

13. INFRASTRUCTURE AS CODE – FOR EVERYBODY Banking Circle 13

14. PIPELINE TEMPLATES Banking Circle 14

15. TERRAFORM MODULES Banking Circle 15

16. Banking Circle 16

17. “You build it, you run it” Banking Circle 17

18. Banking Circle 18

19. 19 The process Banking Circle 19

20. I JUST NEED AN ENVIRONMENT TO DEPLOY MY APP… 1.

    Create Resource Group (we have a pipeline) 2. Create Entra Id groups and RBAC assignments (we have a pipeline) 3. Create Service Principal (we have a pipeline) 4. Build your terraform project (we have modules and examples) 5. Build your terraform pipeline (we have templates and examples) 6. Run the pipeline to apply terraform Banking Circle 20

21. PROBLEMS • Day 1 operations are hard, day 2 are

    even harder • Lots of time spent in support • From the same “blocks”, each team builds their own thing • Good luck supporting that… Banking Circle 21

22. 22 We need to do something Banking Circle 22

23. LANDING ZONES • “An environment that follows key design principles

    across eight design areas. These design principles accommodate all application portfolios and enable application migration, modernization, and innovation at scale“ Banking Circle 23 • Azure billing and Microsoft Entra tenant • Identity and access management • Network topology and connectivity • Resource organization • Security • Management • Governance • Platform automation and DevOps

24. Banking Circle 24

25. Banking Circle 25

26. Banking Circle 26

27. WHAT’S IN AN ENVIRONMENT? • Resource group(s) • Keyvault •

    Storage account • App Configuration Store • App Insights • Log Analytics • Policies • Integration with Entra Id • Integration with Azure Devops Banking Circle 27 Landing Zone?

28. 28 Let’s create some Landing Zones Banking Circle 28

29. PLATFORM ENGINEERING “A digital platform is a foundation of self-service

    APIs, tools, services, knowledge and support which are arranged as a compelling internal product.” “Autonomous delivery teams can make use of the platform to deliver product features at a higher pace, with reduced co-ordination.” Evan Bottcher, What I Talk About When I Talk About Platforms, martinfowler.com, 05 March 2018 Banking Circle 29

30. PLATFORM FOUNDATIONS • Simple • Single • Self-service Banking Circle

    30

31. AZURE FOUNDATION • Simple • Single • Self-service Banking Circle

    31

32. Banking Circle 32

33. 33 How does it work? Banking Circle 33

34. Banking Circle 34

35. Banking Circle 35

36. Banking Circle 36

37. Banking Circle 37

38. YAMLDECODE(FILE(FILE)) Banking Circle 38

39. 39 Future work Banking Circle 39

40. CROSSPLANE “Open-source Kubernetes extension that transforms your Kubernetes cluster into

    a universal control plane.” Infrastructure as Code, using Kubernetes manifests Banking Circle

41. Banking Circle 41

42. Banking Circle 42

43. © Banking Circle, 2020 bankingcircle.com bankingcircle.com Thank you