Enterprise-Scale
Enterprise-Scale copied to clipboard
Azure
The Azure Landing Zones (Enterprise-Scale) architecture provides prescriptive guidance coupled with Azure best practices, and it follows design principles across the critical design areas for organiza...
My organization is in the process of designing our ESLZ, and we are having trouble deciding what is the "right" way of dividing things to address Data Sovereignty, IAM, and...
## Overview/Summary This PR makes a fundamental change to the how we manage and test custom policies implemented as part of Azure landing zones. ## This PR fixes/adds/changes/removes 1. Adds...
### Community Note - Please vote on this issue by adding a 👍 [reaction](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/) to the original issue to help the community and maintainers prioritize this request - Please do...
The docs at https://github.com/Azure/Enterprise-Scale/blob/main/docs/Deploy/es-schema.md say that Tenant Root Scope is needed for subscription placement. I am using the ALZ-Bicep repository, but assuming they are doing the same thing I am...
Current issue: The Update management solution are not part of each Azure region, meaning that your deployment for log analytics and the automation account with update management will need to...
Hi, We're planning to test drive ESLZ. Can someone please let me know roughly what's the minimum cost of ESLZ per month? If I deploy this today and do zero...
Describe the bug ALZ deployments currently create and link a 'privatelink.monitor.azure.com' Private DNS Zone to the hub VNET. Because of how Azure Monitor implements Private Endpoints (via an AMPLS), this...
I am exploring the templates you provide. What is the naming convention you apply? I found the following guidance as part of the cloud adoption framework documentation: https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-naming Which suggests...
Describe the bug First time using this project, so bear with me if I have overlooked something… After deploying the project with the recommended deployment flow, it appears that the...
The built-in policy Deploy Diagnostic Settings for Recovery Services Vault to Log Analytics workspace for resource specific categories only checks the logcategories: "CoreAzureBackup", "AddonAzureBackupJobs", "AddonAzureBackupAlerts", "AddonAzureBackupPolicy", "AddonAzureBackupStorage", "AddonAzureBackupProtectedInstance" However a...
