Back to Azure Resource templates index <–
Virtual Network with 7 subnets.
Template Locations
Infrastructure As Code Advisor (Beta)
WAF-compliance
The WAF-compliance advisor validates templates based on the Well Architected Framework practices. Every day a GitHub Action updates the templates compliance data and lists the recomendations.
Sustainbility Advisor
The sustainability advisor is based on the Sogeti Cloud Reference Architecture with sustainble practices. These sustainble practices cover application code, cloud infrastructures and data. The global Sogeti community is continously evolving the sustainble practices and every day new and tuned are added. For cloud infrastructures the sustainble practices are automatically validated and reported below.
note: when 100% it can be that there is no sustainble practices yet for this Cloud infrastructure.
Online documentation
Template reference
Service description
Requirements
- Resource group must been created with a valid name and location.
- Before deploying an Azure fail over group you need to have a primary sql server and sql database in place, and a secondary sql server in another region than the primary sql server.
Input values
- tagBillingIdentifier : BillingIdentifier tag.
-
subnet1Prefix string 10.0.0.0/24 IP for subnet -
subnet1Name string f-rdgw RDS Gateway frontend -
subnet2Prefix string 10.0.0.0/24 IP for subnet -
subnet2Name string b-rdbr RDS Broker backend -
subnet3Prefix string 10.0.0.0/24 IP for subnet -
subnet3Name string f-lqt Liquit frontend -
subnet4Prefix string 10.0.0.0/24 IP for subnet -
subnet4Name string b-adds ADDS backend -
subnet5Prefix string 10.0.0.0/24 IP for subnet -
subnet5Name string d-file Fileserver backend -
subnet6Prefix string 10.0.0.0/24 IP for subnet -
subnet6Name string b-rdsh RDS Session hosts backend -
subnet7Prefix string 10.0.0.0/24 IP for subnet -
subnetName string f-step Stepstone subnet -
gatewaySubnet string Gateway subnet
Output values
- stName :Name of the storage account
- stResourceId : ResourceId of the storage account
Additional information
We can implement multiple virtual networks within each Azure subscription and Azure region. Each virtual network is isolated from other virtual networks.
Security
- Baseline azSDK gives these actions to apply monitoring https://github.com/azsdk/azsdk-docs/blob/54cc4d9e83e803c0f3b56c5187b954d980233acd/02-Secure-Development/ControlCoverage/Feature/AlertList.md
azSDK gives the folowing security control to be evaluated https://github.com/azsdk/azsdk-docs/blob/ce825fdc45d99f4c590de0da4dc5a19f53b99105/02-Secure-Development/ControlCoverage/Feature/KeyVault.md
Compliance Advisor details
Resource Health Result
| Message | ResourceType | Severity |
|---|---|---|
| It is recommended to enable DDoS Protection, to provide enhanced DDoS mitigation features to defend against attacks that flood network and compute resources and to avoid unnecessary spike in usage and cost.Please Note - The DDoS Protection Plan is a high-cost service. Please keep this in mind while testing and learning | Microsoft.Network/virtualNetworks | 2 |
| Your current API Version i.e.2021-02-01 for the resource Microsoft.Network/virtualNetworks is outdatedconsider updating to new recent version available i.e. 2023-04-01 or 2023-02-01 | Microsoft.Network/virtualNetworks | 2 |
| To help other contributors understand the purpose of the resource, specify comments for each resource in the template | Microsoft.Network/virtualNetworks | 1 |
| It is recommended to parameterized your tag and make it as object type | Microsoft.Network/virtualNetworks | 1 |
Sustainable Advisor details
| Message | ResourceType | Severity |
|---|---|---|
| It is recommended to enable DDoS Protection, to provide enhanced DDoS mitigation features to defend against attacks that flood network and compute resources and to avoid unnecessary spike in usage and cost.Please Note - The DDoS Protection Plan is a high-cost service. Please keep this in mind while testing and learning | Microsoft.Network/virtualNetworks | 2 |