Landing Zones

Before migrating or deploying any resources into the cloud, it is important to understand and setup a good foundation. Building a solid foundation then allows you to deploy your applications securely one by one using best practice. Most clouds offer a managed service to deploy sets of infrastructure or templates into their cloud environment.

Microsoft Azure use the Microsoft Cloud Adoption Framework (CFA) to define their methodology and a framework in which to deploy your cloud resources. CFA describes 2 ways to enter the Microsoft Azure cloud, described below.

Start Small and Expand

CFA outlines the use of a tool called Azure Blueprints, which can be used to deploy simple foundation landing zones for customers who do not require complex setup. A combination of Azure Policies and resources will be deployed into an existing subscription. There are many Azure Blueprint examples, including some industry or compliance specific examples, but the 2 main examples are initial landing zones listed in CFA are:

• CAF Foundation: A simple set of policies and resources to act as a central hub/management for future app migrations.
• CAF Migration: An extension of the CAF Foundation, building a virtual network ready for the migration of your virtual machines.

Start with Enterprise Scale

Enterprise Scale is an alternative starting place for customers with more complex requirements or customers who need to integrate on-premise resources into the Azure network. This architecture is the strategic design path and target technical state for a customer Azure environment. Enterprise scale is modular and not all parts of the architecture are required at the initial outset. There are also a few different variations of the enterprise scale landing zone, aimed at different purposes:

• Enterprise-Scale Foundation: The suggested foundation for enterprise-scale adoption.
• Enterprise-scale Hub & Spoke: Add a hub and spoke network module to the enterprise-scale foundation.
• Enterprise-Scale Virtual WAN: Add a Virtual WAN network module to the enterprise-scale foundation.
• Enterprise-scale for small companies: Add a hub and spoke network architecture for small organizations.
• Enterprise-Scale for Azure Government: Reference implementation that can be deployed to Azure Government and includes all options in a converged portal experience.

Enterprise scale deployments can be created and deployed using the Azure Landing Zone Accelerator tool.

Examples showing the Start Small option have been included, but where possible, start with Enterprise Scale and avoid the previous Start Small and Expand option.