Tech-driven logistics company

Cloud governance in Azure using Infrastructure as Code

Allata implemented a solution that enabled fast infrastructure development while adhering to Serverless and Cloud Governance standards in Azure.

Services

Technology & Cloud

Industry

Logistics and Transportation

A company worker in an orange hard hat is strategically operating a forklift in a warehouse.

OUTCOMES

Automatic scaling capability implemented without the need for additional considerations.
Infrastructure as code provisioning established for tracking changes and facilitating easy replication and deployment of new infrastructure.
Detailed infrastructure documentation generated easily.
Resource compliance monitoring implemented through Azure Policies.
Knowledge transfer demonstrations and configurations recorded for future reference.

TECHNOLOGY

Serverless Terraform
.NET Core
Azure
Azure Resource Groups
CDN
Storage Account
Storage Blob
Functions
Azure SQL
Key Vault
App Service Plan

The Challenge

Transforming logistics with serverless agility

Our client is a tech-driven logistics company that delivers smart, creative supply chain solutions. Given the need to implement a project with a serverless architecture running on Azure Cloud and aware of their little experience providing the infrastructure for this type of Azure cloud architectures, the client turned to Allata for advice.

After an assessment of all the resources in the client’s cloud, they became aware of the absence of Cloud Governance standards in the organization. The way to manage the infrastructure was a manual process and without inter-project standards, depending on different people, permissions and required roles. This led to the artisanal management of resources and little attachment to best practices, so it was proposed to take this project as the first step on the road to establish Cloud Governance standards in the organization.

The Solution

Accelerate infrastructure development and compliance

The solution allowed the creation of infrastructure development in a fast way, considering good practices and complying with the requirements of Serverless and Cloud Governance in Azure standards.

For this purpose, an Infrastructure as Code (IaC) approach was used, which allowed keeping a detailed record of changes in the infrastructure and replicating/deploying it with minimum effort. The resources necessary for the operation of a static website hosted on a Storage Blob and its operation with CDN were deployed. Azure functions with test code were deployed from a ZIP file and its integration with Azure SQL server.

Cloud governance

Regarding cloud governance, resources were deployed to support the best practices in terms of handling permissions and user access, as well as compliance standards for existing and new resources.

Built-in roles such as Reader, Contributor, and Owner were assigned to the created groups. A custom Role with specific permissions for Developer was created and assigned to the group created for these users. The scope of the roles was limited to the resource group that contains the resources for this specific project so that they do not affect other existing resources.

The creation and allocation of Policies to Audit existing resources and newly created resources were carried out in a way that the client can monitor the level of compliance of the resources according to the definitions of each policy (Location, Tag, Size, etc.)

In addition, the solution included extensive documentation to allow the configuration of the necessary prerequisites and deployment of the infrastructure and the understanding and transfer of good practices from the solution to future customer projects to gradually establish cloud governance at the organization level.

The Results

Unlocking success through collaboration

Through our collaboration with Allata, the following outputs were achieved. First, we successfully implemented automatic scaling capabilities without the need for additional considerations, ensuring that our infrastructure can adapt to fluctuating demands seamlessly. Second, the implementation of infrastructure as code provisioning allowed us to track changes and effortlessly replicate and deploy new infrastructure components. This has greatly streamlined our development process. Third, we generated detailed infrastructure documentation effortlessly, which has proven invaluable for future reference and troubleshooting. Fourth, we implemented resource compliance monitoring through Azure Policies, ensuring that our resources adhere to necessary guidelines and regulations. Lastly, we recorded knowledge transfer demonstrations and configurations, capturing valuable insights for training and continuous improvement. These outputs have collectively enhanced the robustness, efficiency, and agility of our digital systems, positioning us for success in the evolving market.