The customer is a global leading automobile manufacturer. The automotive giant wanted to implement a governance principle for all of their infrastructure components. They aimed at making each component self-governing while maintaining cost management and security of their existing Azure platform.
The Need Infrastructure Management and Automation
The customer partnered with Blazeclan to help them implement automation and a governing principle for all components of their Azure infrastructure. While doing so, they wanted their existing Azure platform to be secure along with cost management. The automotive giant had close to 50 subscriptions under one directory, which resulted in management overhead in terms of user provisioning, streamlining deployments, and RBAC policies.
In their existing Azure infrastructure, the customer was using manual deployments, which resulted in high turnaround time and inconsistency across multiple environments. The customer was looking for a solution to build a single panel that serves as the source of truth for patch compliance across the VMS fleet.
Blazeclan’s Azure Cloud Migration Solution for the Customer’s Infrastructure
Blazeclan studied the customer’s existing Azure infrastructure and understood their requirements. A solution comprising of Azure Management Groups with right RBAC definitions was proposed.
The Solution Approach
- The management groups were created for streamlining the structure of the customer’s Azure account as well as the user provisioning across all subscriptions.
- In order to launch new resources in Azure, Terraform deployments were made, which enabled infrastructure-as-a-code and ensured reduced deployment time. Also, all developments were standardized for maintaining compliance with industry guidelines.
- In order to realize auditing patch compliance across all subscriptions, Azure Update Management was implemented. The missing updates or patches were listed across the complete stack of virtual machines.
Benefits Gained by Customer
- Better Governance and Organized Accounts: The solution enabled the customer to utilize Azure Management Groups along with custom role-based access control RBAC and Azure policies to ensure that all resources created had a level of automated governance and tagging built applied to it.
- Reduced Deployment Timeline: The implementation of Infrastructure As Code (Terraform) along with Azure DevOps reduced the final deployment timeline while maintaining a versioned control over the infrastructure code.
- Maintaining Standard or Repeatable Infrastructure: Maintaining the infrastructure code in Azure Repos ensured that the end user always have a consistent and compliant version of the infrastructure code, which could be used for spinning up similar resources as required.
- Patch Compliance Visibility Across VM fleet: The solution offered the customer with Azure Update Management, which enabled automated patch compliance as well as deployment across the VM fleet.
Tech Stack
Azure RBAC | Azure Management Group | Azure DevOps |
Azure Policy | Azure Update Management | Azure Automation Account |
Terraform |