Observations on ARM (Bicep) Templates

- Azure Deployment Framework docs sections

• Go: README (GithHub Home)
• Go Home Documentation Home
• This Page Deploy your First App
• Go Next Deploy your Second App

---

Getting Started

Azure Resource Group Deployment - Multi-Region/Multi-Tier Hub/Spoke Environments

Setup Steps:

1. Fork the Repo
2. Clone the Repo
   1. set-location -Path D:\Repos
   2. gh repo clone <yourProjectForkName>/AzureDeploymentFramework ADF
3. Review the Tools/Setup Tools Setup
4. Open the cloned repo in VSCode Insiders
   1. code-insiders .\ADF\ADF.code-workspace
   2. Accept the install of the Extensions
   3. Ctrl+ J to open the console in vscode
   4. I also recommend having a second window Open in the (Windows or other) Terminal
5. Now you can create your own App Tenant directory.
   1. Choose your AppName e.g. DEF
   2. Just copy one of the existing, such as AOA.
      1. mkdir .\ADF\tenants\DEF
      2. Copy-Item -Path .\ADF\tenants\AOA\* -Destination .\ADF\tenants\DEF\ -Recurse
      3. We validate the tenant names in 3 places, so add your new tenant name
         1. Edit this file ADF\release-az\Start-AzDeploy.ps1

            1. Add the new tenant/app Name e.g. ‘DEF’ to the validateset

               

         2. Edit this file ADF\release-az\azSet.psm1

            1. Add the new tenant/app Name e.g. ‘DEF’ to the validateset

               

         3. Edit this file ADF\release-az\AzDeploy.ps1

            1. Add the new tenant/app Name e.g. ‘DEF’ to the validateset

               

      4. Update the ‘AppName’ in .\ADF\tenants\DEF\Global-Global.json to match DEF
      5. Update the ‘OrgName’ in .\ADF\tenants\DEF\Global-Global.json to match your Team name NYC
   3. You can Choose your Primary and Secondary Azure Deployment Regions
      1. E.g. ACU1 or AEU2, ensure you choose partner regions in Azure
      2. Your deployment can be HA across these regions or simply used for DR
   4. Choose what Enviro you want to deploy to in each Region
      1. S1 for a Sandbox 1 Environment
      2. D4 for a Developent 4 Environment
      3. U6 for a UAT 6 Environment
      4. P7 for a Production 8 Environment
   5. Based on the Previous 2 steps you can delete any files or update the names to match your requirements
   6. You need 1 Global-Prefix.json file Per Region that you want to deploy into
      1. Update the Network ranges in these files so they are unique per region that you choose
   7. There are some ADO Pipeline files you can come back to these.
   8. There is an azure-Deploy.ps1 that has some of the deployment steps to actually deploy out each Enviro.
      1. you can rename the parameters in that file to match your chosen tenant name E.g. ADF
      2. Plus you can rename the Enviro to the Deployment partition that you wish to deploy E.g. G1
         1. Deployment Partitions Deployment Partitions
6. Now you should be ready to deploy.
7. Ensure you are logged into Azure and are set to the correct Subscription and Context
8. There are some more Pre-Req. steps, however you may not need these straight away
   1. Getting Started Pre-reqs
      1. Create storage account for artifacts e.g. vm DSC Extension files
      2. Create keyvault for secrets and certs
      3. Create a self signed web cert, if needed for Virtual Machines or VMSS etc.
      4. Export out role definitions that are custom to your Subscription/Tenant
      5. Create service principals for ADO deployments + connectors
      6. Create service principals for GitHub deployments + secrets
      7. Sync keyvault secrets and certs from the primary region to a secondary region

Deploy Steps:

# I recommend to put this in your own Powershell profile, so it's loaded by default
New-Variable -Name Repos -Value 'D:/Repos' -Scope Global -Force
$null = New-PSDrive -Name AZ -PSProvider FileSystem -Root $Repos -EA 0
Set-Location -Path AZ:
Import-Module oh-my-posh
Set-PoshPrompt -Theme $PoshPromptPath
Import-Module posh-git
Import-Module Terminal-Icons
Import-Module Az.Accounts
Import-Module -Name $Repos/ADF/ADF/release-az/azSet.psm1 -Scope Global -Force

Now in the Terminal you can setup Scope that you want to deploy

• Tenant (The app name)
• Enviro (Deployment Partition or deployment stamp, see Orchestration Templates below)

Execute the AzSet command to select your app tenant and Enviro

azset -App DEF -Enviro G0

The AzSet function also sets an Enviro Variable so you can track this setting in your prompt

Add this to track on prompt (oh-my-posh env variable)

• $env:Enviro = "${App} ${Enviro}"

• This can be viewed here: Install-Tools.ps1

  

Once this setup has been complete you can look at the docs for the following for deploying:

• Orchestration Templates
• Base Templates