Azure Landing Zones
Azure Landing Zones
This page is the curated reading path for Chilepluto articles on Azure landing zones, cloud governance, platform engineering, automation, FinOps, and operating models.
Start with the foundation article, then follow the supporting articles as they publish.
Published articles
Scheduled reading path
The planned content cluster is:
- Practical Azure Landing Zone Design for Secure Enterprise Platforms
- Azure Management Group and Subscription Design for Secure Enterprise Platforms
- Azure Policy Guardrails for Enterprise Landing Zones
- Terraform and Azure DevOps Delivery Model for Landing Zones
- Azure Hub-and-Spoke Networking for Enterprise Landing Zones
- Azure Logging and Monitoring Baseline for Landing Zones
- FinOps Tagging and Cost Accountability for Azure Platforms
- Azure Identity and Privileged Access Design for Platform Engineering
- Azure Policy as Code with Terraform
- Enterprise Platform Operating Model for Cloud Governance Teams
What the cluster covers
The articles are written as practical engineering notes for building and operating secure enterprise Azure platforms.
They cover:
- Landing zone architecture
- Management groups and subscriptions
- Policy and guardrails
- Terraform and Azure DevOps delivery
- Hub-and-spoke networking
- Logging, monitoring, and alerting
- FinOps and cost accountability
- Identity and privileged access
- Policy as code
- Platform operating models
How to use this page
Use this page as a map. Each article is designed to stand alone, but the cluster works best when read as a sequence from architecture through operations.
For implementation work, start with the landing zone design article and then jump to the topic that matches the current design decision as each article becomes available.