Resume in Azure #01: Planning and Resource Requirements
I have taken on the A Cloud Guru challenge where I've got till the end of May to deploy a static website in Azure. The challenge is a great chance for me to build on the knowledge I have about Azure and apply other skill sets in planning and management. I felt treating this like a project would be fun, so I started with creating a plan for me to adhere to.
These blog posts are a part of a series of my notes and experience during this challenge. I will have a final and detailed blog post which will be used as part of my submission for the challenge.
First I reviewed the challenge page to fully understand the requirements, the advised steps and the expected final outcome of the challenge. I took this and put the details into a Trello board where I've created cards, collated resources and examples provided on the site, and checklists for me to make sure I meet all requirements.
I included in my Trello board the planning steps I am taking and where I think I might write a blog post on my progress.
At each step I will update the Trello card with further checklist items that needs to be included as part of the work that is being carried out. The board contains all the information I need to now start looking at what tools and resources I need to use.
Resources and Tools
The above image contains resources and tools I've identified initially to use as part of this challenge. I would imagine this will change during each stage I work through as part of the challenge as I will notice missing resources, alternatives or a need to increase the tooling I want to use.
At this early stage, I know I want to add additional resources than what the challenge has detailed. These resources are to apply some sort of security to my environment and cost management so I know how much I want to spend. I have listed the above resources and what the intention I have in their use for this project.
VS (Visual Studio) Code - I will use this to write the code for both web app and IaC (Infrastructure as Code). I will be able to commit changes to the repository from this tool also.
Terraform - My intention is to use Terraform to configure all the infrastructure components. The tool has many features that will become useful to maintain my Azure resources.
AZ CLI - This tool will be used to interact with the resources I create in Azure. I will use this to confirm resource creation and check the status of them.
Git Repo - I will have one repository which will contain both app code and IaC. I will organise a folder structure so there is a split between the two.
GitHub Actions - This will be my CI/CD (Continuous Integration / Deployment) tool. I will use this to monitor repository changes to then automate the deployment of changes to the environment and app. I will also create a separate Action to run Static Code Analyses to detect any vulnerabilities or code violation.
Hosted Agent - When deploying code, software is required to build or deploy. GitHub provides Hosted Agents so a clean VM is made available for you to install software, do what you need on it and destroyed immediately afterwards.
Note: I should be able to build all Azure resources using Terraform
Resource Group - I will initially need to create a resource group (I will need to activate a subscription first).
Storage Account - This will contain two Blobs, one for the web code and the other will contain the Terraform state file (I might have to consider separation for security purposes but will address when I get to creation)
Cosmos DB - I will use this type of database for the visitor counter (needed as part of the challenge).
Function App - This will also be used as part of the visitor counter.
Key Vault - I am intending to use this for all my secret/sensitive information I need to access as part of GitHub Actions. Currently in preview but intend to initially use it as part of this project.
Content Delivery Network (CDN) - This will be used to map my custom domain and enable HTTPS for the URL.
Security Center - I will look at enabling additional Security Center features after reviewing costs to increase the security of some of the resources (such as Storage Account)
Cost Management - As part of cost management, I will use this to analyse the resources I deploy, create budgets and forecasts, and configure alerts so I am contacted actively if cost rises.
I have an initial plan and understanding of resources and tools I need to use, now I can proceed to step 1 of the challenge where I'll be deploying the repository in GitHub.