Lab 0. Deploying the workshop infrastructure - neilhamshaw/azure-security-workshop GitHub Wiki

0. Deploy the base architecture (time to complete: 10 to 15 min)

The resources to build the architecture shown above can be deployed via a script, known as an Azure Resource Manager (ARM) Template. These are JSON (JavaScript Object Notation) formatted files which describe Azure infrastructure as configuration code, allowing for consistent and repeatable deployments.

Please refer to https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-overview#template-deployment for more further reading.

0.2 Deploy the template into the resource group

The template for the initial deployment is the security-workshop-template.json file located in the file resources of the workshop repository (in Github, click the Code tab near the top of the window and the templates are stored in the templates folder). Using the command line interface, the template can be deployed directly from the repository thanks to the ability to use remote files via the --template-uri parameter. The command initiates a resource group deployment in the specified Azure region.

Please note: the link to the file on the repository (as the value for the template-uri parameter) links to the 'raw' version of the template, which is a pure text version of the file without any GitHub formatting.

Parameters:

  • --resource-group: the name of the resource group created above

  • --name: The name for this deployment. The example shown below is set to Lab-Deployment

  • --template-uri: This is the location for the ARM Template used to build the lab environment

  • --no-wait: Returns control back to the command line immediately instead of waiting for the deployment process to finish.

  • --parameters: Template parameters (not to be confused with command line parameters) can be passed into an ARM Template to provide dynamic values, removing the need to hard-code settings and allow templates to be used in several scenarios (for example Dev/Test/Production may all have different settings). These parameters can be provided in several ways:

    • If deploying a template using the Azure Portal, parameters for that template will appear as fields on a form for completion on screen.
    • Parameter files can be pre-configured and passed to the calling command line. These files must be in JSON format.
    • Parameters can be passed in-line to the calling command using the --parameters option. The value passed must be text configured in JSON format.

This example uses the command line method with the following values set for the deployment: - location: Parameter for the region these resources will be deployed in to (westeurope) - webEnvironment: A value used by the web application to determine internal environment settings - apiPortNumber: Sets the TCP/IP port number for the API Service on the API server. The web application will send API requests to this port

Multi-line command...

az group deployment create --resource-group <resource-group-name> \
--name Lab-Deployment \
--template-uri https://raw.githubusercontent.com/neilhamshaw/azure-security-workshop/master/templates/security-workshop-template.json \
--parameters '{ "location": { "value": "westeurope" }, "webEnvironment": { "value": "Production.A" }, "apiPortNumber":{ "value": 49230 } }' \
--no-wait

Single line example...

az group deployment create --resource-group <resource-group-name> --name Lab-Deployment --template-uri https://raw.githubusercontent.com/neilhamshaw/azure-security-workshop/master/templates/security-workshop-template.json  --parameters '{ "location": { "value": "westeurope" }, "webEnvironment": { "value": "Production.A" }, "apiPortNumber":{ "value": 49230 } }' --no-wait

The deployment typically takes around 15 minutes to complete.

0.3 Checking the progress of a deployment

Deployment progress can be checked from the Azure Portal using the following steps...

  • Click on Resource groups on the favourites bar

    RGMenuOption

  • Click the resource group created previously to bring up the properties pane for the resource group. Note that this also displays all resources within the resource group and once the deployment has completed, will be fully populated with the initial lab resources (similar to the following image)...

    RGResources

  • Under the Settings heading, click Deployments.

    RGDeployments

    This screen highlights the deployments running (or which have been previously deployed) against the resource group, and clicking the Lab-Deployment entry (click on the name itself) will show further information about the deployment, such as the resources created and the current status of each element.

    RGDeploymentDetails

Next Lab ...

The next lab is Lab 2 - Protecting the network perimeter.

Once deployed, proceed to the workshop labs.

<< Back to Home Page

⚠️ **GitHub.com Fallback** ⚠️