Terraform Module for Cloud Adoption Framework Enterprise-scale

The Terraform Module for Cloud Adoption Framework Enterprise-scale provides an opinionated approach for deploying and managing the core platform capabilities of Cloud Adoption Framework enterprise-scale landing zone architecture using Terraform, with a focus on the central resource hierarchy:

Depending on selected options, this module can deploy different groups of resources as needed.

This is currently split logically into the following capabilities:

• Core Resources
• Management Resources
• Connectivity Resources
• Identity Resources

Please click on each of the above links for more details.

Critical design areas

The module provides a consistent approach for deploying and managing resources relating to the following Enterprise-scale critical design areas:

• Management Group and Subscription organisation
  • Create the Management Group resource hierarchy
  • Assign Subscriptions to Management Groups
  • Create custom Policy Assignments, Policy Definitions and Policy Set Definitions (Initiatives)
• Identity and access management
  • Create custom Role Assignments and Role Definitions
• Management and monitoring
  • Create a central Log Analytics workspace and Automation Account
  • Link Log Analytics workspace to the Automation Account
  • Deploy recommended Log Analytics Solutions
  • Enable Azure Defender
• Network topology and connectivity
  • Create a centralised hub for hybrid connectivity
  • Secure network using Azure Firewall
  • Centrally managed DNS zones

Next steps

Check out the User Guide, or go straight to our Examples.