-
Notifications
You must be signed in to change notification settings - Fork 39
[User Guide] Quick Start Phase 2 Local
You can choose to bootstrap with bicep
or terraform
skip to the relevant section below to do that.
Although you can just run Deploy-Accelerator
and fill out the prompted inputs, we recommend creating an inputs file. This will make it easier to run the accelerator more than once in order to refine your preferred configuration. In the following docs, we'll show that approach, but if you want to be prompted for inputs, just go ahead and run Deploy-Accelerator
now.
-
Create a new folder on your local drive called
accelerator
. -
Inside the accelerator create two folders called
config
andoutput
. You'll store you input file inside config and the output folder will be the place that the accelerator stores files while it works. -
Inside the
config
folder create a new file calledinputs.yaml
. You can usejson
if you prefer, but our examples here areyaml
.# Windows New-Item -ItemType "file" c:\accelerator\config\inputs.yaml -Force New-Item -ItemType "directory" c:\accelerator\output # Linux/Mac New-Item -ItemType "file" /accelerator/config/inputs.yaml -Force New-Item -ItemType "directory" /accelerator/output
📂accelerator ┣ 📂config ┃ ┗ 📜inputs.yaml ┗ 📂output
-
Open your
inputs.yaml
file in Visual Studio Code (or your preferred editor) and copy the content from inputs-local-bicep-complete.yaml into that file. -
Check through the file and update each input as required. It is mandatory to update items with placeholders surrounded by angle brackets
<>
:NOTE: The following inputs can also be supplied via environment variables. This may be useful for sensitive values you don't wish to persist to a file. The
Env Var Prefix
denotes the prefix the environment variable should have. The environment variable is formatting is<PREFIX>_<variable_name>
, e.g.env:ALZ_iac_type = "bicep"
orenv:TF_VAR_target_directory = "./accelerator/target"
.Input Env Var Prefix Placeholder Description iac_type
ALZ
bicep
This is the choice of bicep
orterraform
. Keep this asbicep
for this example.bootstrap_module_name
ALZ
alz_local
This is the choice of Version Control System. Keep this as alz_local
for this example.starter_module_name
ALZ
complete
This is the choice of Starter Modules, which is the baseline configuration you want for your Azure landing zone. Keep this as complete
for this example.bootstrap_location
TF_VAR
<region>
Replace <region>
with the Azure region where you would like to deploy the bootstrap resources in Azure. This field expects thename
of the region, such asuksouth
. You can find a full list of names by runningaz account list-locations -o table
.starter_locations
TF_VAR
[<region-1>,<region-2>]
Replace <region-1>
and<region-2>
with the Azure regions where you would like to deploy the starter module resources in Azure. This field expects thename
of the regions in and array, such as["uksouth", "ukwest"]
. You can find a full list of names by runningaz account list-locations -o table
.root_parent_management_group_id
TF_VAR
""
This is the id of the management group that will be the parent of the management group structure created by the accelerator. If you are using the Tenant Root Group
management group, you leave this as an empty string""
or supply the tenant id.subscription_id_management
TF_VAR
<management-subscription-id>
Replace <management-subscription-id>
with the id of the management subscription you created in the previous phase.subscription_id_identity
TF_VAR
<identity-subscription-id>
Replace <identity-subscription-id>
with the id of the identity subscription you created in the previous phase.subscription_id_connectivity
TF_VAR
<connectivity-subscription-id>
Replace <connectivity-subscription-id>
with the id of the connectivity subscription you created in the previous phase.target_directory
TF_VAR
""
This is the directory where the ALZ module code will be created. This defaults a directory called local-output
in the root of the accelerator output directory if not supplied.create_bootstrap_resources_in_azure
TF_VAR
true
This determines whether the bootstrap will create the bootstrap resources in Azure. This defaults to true
.bootstrap_subscription_id
TF_VAR
""
Enter the id of the subscription in which you would like to deploy the bootstrap resources in Azure. If left blank, the subscription you are connected to via az login
will be used. In most cases this is the management subscription, but you can specifiy a separate subscription if you prefer.service_name
TF_VAR
alz
This is used to build up the names of your Azure and Azure DevOps resources, for example rg-<service_name>-mgmt-uksouth-001
. We recommend usingalz
for this.environment_name
TF_VAR
mgmt
This is used to build up the names of your Azure and Azure DevOps resources, for example rg-alz-<environment_name>-uksouth-001
. We recommend usingmgmt
for this.postfix_number
TF_VAR
1
This is used to build up the names of your Azure and Azure DevOps resources, for example rg-alz-mgmt-uksouth-<postfix_number>
. We recommend using1
for this.grant_permissions_to_current_user
TF_VAR
true
This determines whether the bootstrap will grant the current user permissions to the management group structure created by the accelerator. This defaults to true
so that the starter module can be immediately deployed from the local file system. Set this tofalse
if you itend to wire up CI/CD with your own provider. -
Now head over to your chosen starter module documentation to get the specific inputs for that module. Come back here when you are done.
-
In your PowerShell Core (pwsh) terminal run the module:
# Windows (adjust the paths to match your setup) Deploy-Accelerator -inputs "c:\accelerator\config\inputs.yaml" -output "c:\accelerator\output" # Linux/Mac (adjust the paths to match your setup) Deploy-Accelerator -inputs "/accelerator/config/inputs.yaml" -output "/accelerator/output"
-
You will see a Terraform
init
andapply
happen. -
There will be a pause after the
plan
phase you allow you to validate what is going to be deployed. -
If you are happy with the plan, then type
yes
and hit enter. -
The Terraform will
apply
and your environment will be bootstrapped. -
You will find the output in the
/accelerator/output/local-output
folder if you didn't specifiy a different location fortarget_directory
.
-
Create a new folder on you local drive called
accelerator
. -
Inside the accelerator create two folders called
config
andoutput
. You'll store you input file inside config and the output folder will be the place that the accelerator stores files while it works. -
Inside the
config
folder create a new file calledinputs.yaml
. You can usejson
if you prefer, but our examples here areyaml
.# Windows New-Item -ItemType "file" c:\accelerator\config\inputs.yaml -Force New-Item -ItemType "directory" c:\accelerator\output # Linux/Mac New-Item -ItemType "file" /accelerator/config/inputs.yaml -Force New-Item -ItemType "directory" /accelerator/output
📂accelerator ┣ 📂config ┃ ┗ 📜inputs.yaml ┗ 📂output
-
Open your
inputs.yaml
file in Visual Studio Code (or your preferred editor) and copy the content from the relevant input file for your chosen starter module:- Complete Multi Region - inputs-local-terraform-complete-multi-region.yaml
- Financial Services Industry Landing Zone - inputs-local-terraform-financial-services-landing-zone.yaml
- Sovereign Landing Zone - inputs-local-terraform-sovereign-landing-zone.yaml
- Basic - inputs-local-terraform-basic.yaml
- Hub Networking - inputs-local-terraform-hubnetworking.yaml
- Complete - inputs-local-terraform-complete.yaml
-
Check through the file and update each input as required. It is mandatory to update items with placeholders surrounded by angle brackets
<>
:NOTE: The following inputs can also be supplied via environment variables. This may be useful for sensitive values you don't wish to persist to a file. The
Env Var Prefix
denotes the prefix the environment variable should have. The environment variable is formatting is<PREFIX>_<variable_name>
, e.g.env:ALZ_iac_type = "terraform"
orenv:TF_VAR_target_directory = "./accelerator/target"
.Input Env Var Prefix Placeholder Description iac_type
ALZ
terraform
This is the choice of bicep
orterraform
. Keep this asterraform
for this example.bootstrap_module_name
ALZ
alz_local
This is the choice of Version Control System. Keep this as alz_local
for this example.starter_module_name
ALZ
complete_multi_region
This is the choice of Starter Modules, which is the baseline configuration you want for your Azure landing zone. Choose complete_multi_region
,complete
,hubnetworking
orbasic
for this example.bootstrap_location
TF_VAR
<region>
Replace <region>
with the Azure region where you would like to deploy the bootstrap resources in Azure. This field expects thename
of the region, such asuksouth
. You can find a full list of names by runningaz account list-locations -o table
.starter_locations
TF_VAR
[<region-1>,<region-2>]
Replace <region-1>
and<region-2>
with the Azure regions where you would like to deploy the starter module resources in Azure. This field expects thename
of the regions in and array, such as["uksouth", "ukwest"]
. You can find a full list of names by runningaz account list-locations -o table
.root_parent_management_group_id
TF_VAR
""
This is the id of the management group that will be the parent of the management group structure created by the accelerator. If you are using the Tenant Root Group
management group, you leave this as an empty string""
or supply the tenant id.subscription_id_management
TF_VAR
<management-subscription-id>
Replace <management-subscription-id>
with the id of the management subscription you created in the previous phase.subscription_id_identity
TF_VAR
<identity-subscription-id>
Replace <identity-subscription-id>
with the id of the identity subscription you created in the previous phase.subscription_id_connectivity
TF_VAR
<connectivity-subscription-id>
Replace <connectivity-subscription-id>
with the id of the connectivity subscription you created in the previous phase.target_directory
TF_VAR
""
This is the directory where the ALZ module code will be created. This defaults a directory called local-output
in the root of the accelerator output directory if not supplied.create_bootstrap_resources_in_azure
TF_VAR
true
This determines whether the bootstrap will create the bootstrap resources in Azure. This defaults to true
.bootstrap_subscription_id
TF_VAR
""
Enter the id of the subscription in which you would like to deploy the bootstrap resources in Azure. If left blank, the subscription you are connected to via az login
will be used. In most cases this is the management subscription, but you can specifiy a separate subscription if you prefer.service_name
TF_VAR
alz
This is used to build up the names of your Azure and Azure DevOps resources, for example rg-<service_name>-mgmt-uksouth-001
. We recommend usingalz
for this.environment_name
TF_VAR
mgmt
This is used to build up the names of your Azure and Azure DevOps resources, for example rg-alz-<environment_name>-uksouth-001
. We recommend usingmgmt
for this.postfix_number
TF_VAR
1
This is used to build up the names of your Azure and Azure DevOps resources, for example rg-alz-mgmt-uksouth-<postfix_number>
. We recommend using1
for this.grant_permissions_to_current_user
TF_VAR
true
This determines whether the bootstrap will grant the current user permissions to the management group structure and stroage account created by the accelerator. This defaults to true
so that the starter module can be immediately deployed from the local file system. Set this tofalse
if you itend to wire up CI/CD with your own provider.architecture_definition_name
TF_VAR
N/A This is the name of the architecture definition to use when applying the ALZ archetypes via the architecture definition template. This is only relevant to some starter modules, such as the sovereign_landing_zone
starter module. This defaults tonull
. -
Now head over to your chosen starter module documentation to get the specific inputs for that module. Come back here when you are done.
- Terraform Complete Multi Region Starter Module: Management groups, policies, Multi Region hub networking with fully custom configuration.
- Terraform Financial Services Industry Landing Zone Starter Module: Management groups, policies, hub networking for the Financial Services Industry Landing Zone.
- Terraform Sovereign Landing Zone Starter Module: Management groups, policies, hub networking for the Sovereign Landing Zone.
- Terraform Basic Starter Module: Management groups and policies.
- Terraform Hub Networking Starter Module: Management groups, policies and hub networking.
- Terraform Complete Starter Module: Management groups, policies, hub networking with fully custom configuration.
-
In your PowerShell Core (pwsh) terminal run the module:
NOTE: The following examples include 2 input files. This is the recommended approach for the
complete_multi_region
starter module. However, all inputs can be combined into a single file if desired and other starter modules only require a single input file.# Windows (adjust the paths to match your setup) Deploy-Accelerator -inputs "c:\accelerator\config\inputs.yaml", "c:\accelerator\config\networking.yaml" -output "c:\accelerator\output"
# Linux/Mac (adjust the paths to match your setup) Deploy-Accelerator -inputs "/accelerator/config/inputs.yaml", "/accelerator/config/networking.yaml" -output "/accelerator/output"
-
You will see a Terraform
init
andapply
happen. -
There will be a pause after the
plan
phase you allow you to validate what is going to be deployed. -
If you are happy with the plan, then type
yes
and hit enter. -
The Terraform will
apply
and your environment will be bootstrapped. -
You will find the output in the
/accelerator/output/local-output
folder if you didn't specifiy a different location fortarget_directory
.
Now head to Phase 3.
This wiki is being actively developed
If you discover any documentation bugs or would like to request new content, please raise them as an issue or feel free to contribute to the wiki via a pull request. The wiki docs are located in the repository in the docs/wiki/
folder.
- Home
-
User guide
- Getting started
- Quick Start
- Starter Modules
- Input Files
- Azure DevOps Bicep Complete
- Azure DevOps Terraform Complete Multi Region
- Azure DevOps Terraform Financial Services Industry Landing Zone
- Azure DevOps Terraform Sovereign Landing Zone
- Azure DevOps Terraform Basic
- Azure DevOps Terraform Hub Networking
- Azure DevOps Terraform Complete
- GitHub Bicep Complete
- GitHub Terraform Complete Multi Region
- GitHub Terraform Financial Services Industry Landing Zone
- GitHub Terraform Sovereign Landing Zone
- GitHub Terraform Basic
- GitHub Terraform Hub Networking
- GitHub Terraform Complete
- Local Bicep Complete
- Local Terraform Complete Multi Region
- Local Terraform Financial Services Industry Landing Zone
- Local Terraform Sovereign Landing Zone
- Local Terraform Basic
- Local Terraform Hub Networking
- Local Terraform Complete
- Frequently Asked Questions
- Upgrade Guide
- Advanced Scenarios
- Troubleshooting
- Contributing