Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/Azure/missionlz

Azure landing zone for SCCA-compliant organizations.
https://github.com/Azure/missionlz

Last synced: 2 months ago
JSON representation

Azure landing zone for SCCA-compliant organizations.

Host: GitHub
URL: https://github.com/Azure/missionlz
Owner: Azure
License: mit
Created: 2021-02-19T14:35:42.000Z (almost 4 years ago)
Default Branch: main
Last Pushed: 2024-05-26T03:30:19.000Z (8 months ago)
Last Synced: 2024-05-29T04:18:05.836Z (8 months ago)
Language: Bicep
Size: 44.3 MB
Stars: 213
Watchers: 27
Forks: 122
Open Issues: 72
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Codeowners: .github/CODEOWNERS
- Security: SECURITY.md
- Support: SUPPORT.md

Awesome Lists containing this project

awesome-azure-architecture - Mission LZ (Landing Zone)
alz-catalogue - GitHub repo
alz-catalogue - GitHub repo

README

        # Mission Landing Zone

[**Home**](./README.md) | [**Design**](./docs/design.md) | [**Add-Ons**](./src/bicep/add-ons/README.md) | [**Resources**](./docs/resources.md)

Mission Landing Zone is a highly opinionated infrastructure as code (IaC) template. IT oversight organizations can use the template to create a cloud management system to deploy Azure environments for their workloads and teams. The solution addresses a narrowly scoped, specific need for a [Secure Cloud Computing Architecture (SCCA)](docs/scca.md) compliant hub and spoke infrastructure.

- Designed for US Government mission customers

- Implements controls following Microsoft's [SACA](https://aka.ms/saca) and [zero trust](https://learn.microsoft.com/security/zero-trust/) guidance

- Deployable in Azure Commercial, Azure Government, Azure Government Secret, and Azure Government Top Secret clouds

- A simple solution with low configuration and narrow scope

- Written as [Bicep](./src/bicep/) templates

Mission Landing Zone is the right solution when:

- A simple, secure, and scalable hub and spoke infrastructure is needed.

- A central IT team is administering cloud resources on behalf of other teams and workloads.

- There is a need to implement SCCA with zero trust.

- Hosting any workload requiring a secure environment, for example: data warehousing, AI/ML, and containerized applications.

Design goals include:

- A simple, minimal set of code that is easy to configure

- Good defaults that allow experimentation and testing in a single subscription

- Deployment via command line or with a user interface

Our intent is to enable IT Admins to use this software to:

- Test and evaluate the landing zone using a single Azure subscription

- Develop a known good configuration that can be used for production with multiple Azure subscriptions

- Customize the deployment configuration to suit specific needs

- Deploy multiple customer workloads in production.

## Deployment Options

Mission Landing Zone can be deployed from the Azure Portal, or with Azure command line tools. Choose the desired option below for detailed deployment documentation.

| Method | Supported Clouds |

| :----- | :--------------- |

| [Azure Portal](./docs/deployment-guides/portal.md) | Azure Commercial, Azure Government |

| [Template Spec](./docs/deployment-guides/template-spec.md) | Azure Commercial, Azure Government, Azure Government Secret, & Azure Government Top Secret |

| [Command Line Tools](./docs/deployment-guides/command-line-tools.md)  | Azure Commercial, Azure Government, Azure Government Secret, & Azure Government Top Secret |

> [!NOTE]  

> Be sure to check out our **[add-ons](./src/bicep/add-ons/README.md)** to accelerate workload deployments.