Skip to content

Environment Specific Infrastructure

Predefined resources

The following environment specific resources need to exist in the Azure subscription before the runtime environment (K8s) is created using the Terraform scripts. These are created manually so that when the runtime environment is destroyed the critical resources (holding data, configurations and policies) are not deleted.

  • ar-<env>-env (Resource Group): The environment specific Resource Group is the logical container for all resources required to run a specific runtime environment (Dev, UAT, Prod).

  • ar-<env>-public-ip (Public IP Address): The Public IP address that would be used for mapping any DNS entry specific to the environment.

  • ar-<env>-sql-server (Azure SQL Server): The SQL Server that would run the database(s) required for each service and/or environment.

  • avocarisk<env>storage (Storage Account): File Storage for the application.

  • ar-<env>-firewall-policy (Application Gateway WAF Policy): Firewall Policy that will be attached to the Application Gateway so that the access to individual endpoints / urls in each environment is controlled separately.

IaC Deployed Infrastructure Resources (environment specific)

The following environment specific resources are created using Infrastructure as Code (Terraform) based on the environment specific lifecycle (eg. Dev environments can be spinned-up every morning and shut down over night).

  • ar-<env>-cluster (Kubernetes Service): The actual Kubernetes cluster

  • ar-<env>-app-gw (Application Gateway): The entry-point into the cluster’s services, handling all the ingress mappings and exposing the different environment specific subdomains and paths

  • ar-<env>-virtual-network (Virtual Network): The Virtual Network is the private network that all resources specific to the environment would be created in, to ensure the proper isolation.

  • ar-<env>-application-insights (Application Insights): . . .

  • ar-<env>-logs-analytics-workspace (Log Analytics Workspace): . . .