From 1a36e9eaa287c6e3aa0927c4594a86aebd48b26f Mon Sep 17 00:00:00 2001 From: nidhibhammar <59045594+nidhibhammar@users.noreply.github.com> Date: Wed, 24 Apr 2024 16:22:38 +0530 Subject: [PATCH 1/2] BigAnimal - Azure policies Added activation resource and access requirements as per [DOC-437](https://enterprisedb.atlassian.net/browse/DOCS-437) --- .../01_understanding_qotas_in_azure.mdx | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/product_docs/docs/biganimal/release/getting_started/preparing_cloud_account/01_preparing_azure/01_understanding_qotas_in_azure.mdx b/product_docs/docs/biganimal/release/getting_started/preparing_cloud_account/01_preparing_azure/01_understanding_qotas_in_azure.mdx index d6dbf6a3d59..086fe471fcb 100644 --- a/product_docs/docs/biganimal/release/getting_started/preparing_cloud_account/01_preparing_azure/01_understanding_qotas_in_azure.mdx +++ b/product_docs/docs/biganimal/release/getting_started/preparing_cloud_account/01_preparing_azure/01_understanding_qotas_in_azure.mdx @@ -27,6 +27,27 @@ To prevent failures while creating your clusters, ensure that each of the follow | Microsoft.OperationsManagement | Monitors workloads and provides container insight | | Microsoft.Portal | Provides a dashboard to monitor the running status of the clusters (using aggregated logs and metrics) | +## Regional activation resources and access requirements + +The table provides BigAnimal's regional activation resources and access requirements. + +| Resource type | Activated region | Network access | Description | +|--------------------------------------|------------------|----------------|----------------------------------------------------------------------| +| Virtual network | Yes | N/A | | +| Storage account for backup | yes | Public | | +| KeyVault for backup, AKS | Yes | Public | | +| Storage account for logs and metrics | Yes | Private | Public is required for faraway replication and cross region restore. | +| KeyVault for logs and metrics | Yes | Private | | +| Managed Identify | Yes | N/A | | +| NSG | Yes | N/A | | +| Private endpoint | Yes | N/A | | +| AKS | Yes | N/A | | +| Application insights | Yes | N/A | Not in use for custom monitoring | +| Log analytics workspaces | Yes | N/A | Not in use for custom monitoring | + +!!!note +A Storage account for TFstate is created on the first activated region per BigAnimal project. It is in private network access and the private DNS zone gets created. +!!! ## Public IP addresses limits Every BigAnimal cluster with public network access is assigned a single public IP address, and this IP address counts against the quota for both basic and standard IP address types in a region. BigAnimal can't create more clusters if the IP address limit is reached. From 3741f96b0089b8d26fa80e717772795ad4159488 Mon Sep 17 00:00:00 2001 From: nidhibhammar <59045594+nidhibhammar@users.noreply.github.com> Date: Thu, 25 Apr 2024 13:38:46 +0530 Subject: [PATCH 2/2] updates made as per the review comments --- .../01_understanding_qotas_in_azure.mdx | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/product_docs/docs/biganimal/release/getting_started/preparing_cloud_account/01_preparing_azure/01_understanding_qotas_in_azure.mdx b/product_docs/docs/biganimal/release/getting_started/preparing_cloud_account/01_preparing_azure/01_understanding_qotas_in_azure.mdx index 086fe471fcb..0d87d040ac1 100644 --- a/product_docs/docs/biganimal/release/getting_started/preparing_cloud_account/01_preparing_azure/01_understanding_qotas_in_azure.mdx +++ b/product_docs/docs/biganimal/release/getting_started/preparing_cloud_account/01_preparing_azure/01_understanding_qotas_in_azure.mdx @@ -34,10 +34,10 @@ The table provides BigAnimal's regional activation resources and access requirem | Resource type | Activated region | Network access | Description | |--------------------------------------|------------------|----------------|----------------------------------------------------------------------| | Virtual network | Yes | N/A | | -| Storage account for backup | yes | Public | | -| KeyVault for backup, AKS | Yes | Public | | -| Storage account for logs and metrics | Yes | Private | Public is required for faraway replication and cross region restore. | -| KeyVault for logs and metrics | Yes | Private | | +| Storage account for backup | yes | Public | Public is required for faraway replication and cross region restore. | +| KeyVault for backup | Yes | Public | | +| Storage account for logs and metrics | Yes | Private | | +| KeyVault for AKS, logs, and metrics | Yes | Private | | | Managed Identify | Yes | N/A | | | NSG | Yes | N/A | | | Private endpoint | Yes | N/A | | @@ -46,7 +46,7 @@ The table provides BigAnimal's regional activation resources and access requirem | Log analytics workspaces | Yes | N/A | Not in use for custom monitoring | !!!note -A Storage account for TFstate is created on the first activated region per BigAnimal project. It is in private network access and the private DNS zone gets created. +A Storage account for TFstate is created on the first activated region per BigAnimal project. It is in private network access. Private DNS zone are required for private storage account and private key vaults. !!! ## Public IP addresses limits