Skip to content

Instantly share code, notes, and snippets.

@peteraritchie
Last active September 8, 2023 22:36
Show Gist options
  • Save peteraritchie/10b26be82494f78e7a719b9ced3f814a to your computer and use it in GitHub Desktop.
Save peteraritchie/10b26be82494f78e7a719b9ced3f814a to your computer and use it in GitHub Desktop.

Notables:

https://learn.microsoft.com/en-us/training/modules/manage-end-end-deployment-scenarios-using-bicep-azure-pipelines/3-configure-applications-virtual-machines#:~:text=when%20you%20use%20deployment%20jobs%2C%20pipeline%20artifacts%20are%20automatically%20downloaded%20by%20default.%20if%20you%20use%20regular%20jobs%2C%20use%20the%20downloadbuildartifacts%20task%20to%20download%20a%20pipeline%20artifact

Practices:

https://learn.microsoft.com/en-us/training/modules/structure-bicep-code-collaboration/3-improve-parameters-names#:~:text=it's%20better%20to%20use%20uniqueness%20suffixes%20rather%20than%20prefixes.%20

https://learn.microsoft.com/en-us/training/modules/build-first-bicep-deployment-pipeline-using-azure-pipelines/4-deploy-bicep-files-pipeline#:~:text=a%20good%20idea,one%20you%20expect.

https://learn.microsoft.com/en-us/training/modules/authenticate-azure-deployment-pipeline-service-principals/5-grant-service-principal-access-azure?pivots=powershell#:~:text=a%20role%20assignment%20has%20three%20key%20parts%3A%20who%20the%20role%20is%20assigned%20to%20(the%20assignee)%2C%20what%20they%20can%20do%20(the%20role)%2C%20and%20what%20resource%20or%20resources%20the%20role%20assignment%20applies%20to%20(the%20scope).

https://learn.microsoft.com/en-us/training/modules/authenticate-azure-deployment-pipeline-service-principals/5-grant-service-principal-access-azure?pivots=powershell#:~:text=Selecting%20the%20right,role%20assignment%20works.

https://learn.microsoft.com/en-us/training/modules/authenticate-azure-deployment-pipeline-service-principals/5-grant-service-principal-access-azure?pivots=powershell#:~:text=You%20should%20create,non-production%20environments. https://learn.microsoft.com/en-us/training/modules/manage-multiple-environments-using-bicep-azure-pipelines/2-understand-environments#:~:text=at%20minimum%2C%20you%20should%20create%20a%20separate%20resource%20group%20for%20each%20environment.%20in%20many%20situations%2C%20it's%20better%20to%20create%20separate%20azure%20subscriptions%20for%20each%20environment.

https://learn.microsoft.com/en-us/training/modules/manage-multiple-environments-using-bicep-azure-pipelines/2-understand-environments#:~:text=at%20minimum%2C%20you%20should%20create%20a%20separate%20resource%20group%20for%20each%20environment.%20in%20many%20situations%2C%20it's%20better%20to%20create%20separate%20azure%20subscriptions%20for%20each%20environment.

https://learn.microsoft.com/en-us/training/modules/manage-multiple-environments-using-bicep-azure-pipelines/2-understand-environments#:~:text=apply%20azure%20role%20assignments%20so%20that%20users%20and%20service%20principals%20can%20access%20only%20the%20environments%20that%20they%20need%20to%20access.%20

https://learn.microsoft.com/en-us/training/modules/manage-multiple-environments-using-bicep-azure-pipelines/6-handle-differences-between-environments-using-bicep-parameters#:~:text=avoid%20unnecessary%20parameters

https://learn.microsoft.com/en-us/training/modules/manage-multiple-environments-using-bicep-azure-pipelines/6-handle-differences-between-environments-using-bicep-parameters#:~:text=use%20variable%20groups%20for%20small%20sets%20of%20parameters

https://learn.microsoft.com/en-us/training/modules/manage-multiple-environments-using-bicep-azure-pipelines/6-handle-differences-between-environments-using-bicep-parameters#:~:text=use%20parameter%20files%20for%20large%20sets%20of%20parameters

https://learn.microsoft.com/en-us/training/modules/manage-multiple-environments-using-bicep-azure-pipelines/6-handle-differences-between-environments-using-bicep-parameters#:~:text=store%20secrets%20securely

https://learn.microsoft.com/en-us/training/modules/manage-end-end-deployment-scenarios-using-bicep-azure-pipelines/2-understand-end-end-deployments#:~:text=it's%20often%20better%20to%20create%20a%20single%20pipeline%20that%20deploys%20everything%20required%20for%20your%20solution%2C%20even%20if%20the%20components%20are%20managed%20by%20different%20people%20or%20different%20teams.

https://learn.microsoft.com/en-us/training/modules/manage-end-end-deployment-scenarios-using-bicep-azure-pipelines/2-understand-end-end-deployments#:~:text=it's%20good%20practice%20to%20have%20the%20bicep%20file%20decide%20on%20the%20names%20of%20your%20azure%20resources.

https://learn.microsoft.com/en-us/training/modules/manage-end-end-deployment-scenarios-using-bicep-azure-pipelines/2-understand-end-end-deployments#:~:text=it's%20good%20practice%20to%20have%20the%20bicep%20file%20decide%20on%20the%20names%20of%20your%20azure%20resources.%20it%20might%20use%20parameters%2C%20variables%2C%20or%20expressions%20to%20create%20the%20names%20for%20the%20storage%20account%20and%20blob%20container.

https://learn.microsoft.com/en-us/training/modules/manage-end-end-deployment-scenarios-using-bicep-azure-pipelines/6-configure-storage-databases#:~:text=it's%20a%20good%20practice%20to%20make%20sure%20your%20scripts%20and%20other%20pipeline%20steps%20are%20idempotent.

https://learn.microsoft.com/en-us/training/modules/publish-reusable-bicep-code-using-azure-pipelines/2-publish-bicep-code-deployment-pipeline#:~:text=if%20the%20template%20is%20going%20to%20be%20deployed%20as%20is%20throughout%20your%20organization%2C%20template%20specs%20are%20probably%20a%20good%20fit.%20but%20if%20you're%20likely%20to%20reuse%20this%20template%20within%20multiple%20parent%20templates%2C%20bicep%20modules%20might%20serve%20your%20needs%20better

https://learn.microsoft.com/en-us/training/modules/control-govern-azure-environment-deploying-infrastructure-code/3-secure-repositories-pipelines#:~:text=the%20following%20table%20provides%20some%20of%20the%20most%20important%20elements%20to%20protect%2C%20along%20with%20examples%20of%20vulnerabilities%20that%20might%20occur%20if%20you%20don't%20protect%20those%20elements%20adequately.

https://learn.microsoft.com/en-us/training/modules/control-govern-azure-environment-deploying-infrastructure-code/4-secure-azure-environment#:~:text=here's%20how%20you%20might%20configure%20your%20role%20assignments%20for%20your%20toy%20company's%20environments%2C%20for%20both%20your%20azure%20administrators%20and%20the%20developers%20who%20write%20your%20code%20and%20scripts

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment