Azure design for external facing website

%3CLINGO-SUB%20id%3D%22lingo-sub-2256345%22%20slang%3D%22en-US%22%3EAzure%20design%20for%20external%20facing%20website%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2256345%22%20slang%3D%22en-US%22%3E%3CP%3EHi%3C%2FP%3E%3CP%3EI%20have%20a%20requirement%20to%20migrate%20an%20containerized%20external%20facing%20website%20to%20Azure%20from%20AWS%20%2C%20how%20to%20define%20a%20landing%20zone%20for%20this%20requirement%2C%20I%20have%20read%20through%20azure%20documentation%20completely%20which%20says%20to%20start%20small%20or%20go%20for%20enterprise%20level%20landing%20zone%20but%20I'm%20not%20seeing%20an%20example%20architecture%20that%20suits%20my%20requirement%2C%20does%20anyone%20have%20any%20reference%20architecture%20on%20how%20an%20external%20facing%20web%20application%20can%20be%20deployed%20to%20containers%20in%20azure%20%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2437937%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20design%20for%20external%20facing%20website%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2437937%22%20slang%3D%22en-US%22%3EThis%20is%20how%20I%20would%20do%20it%3A%3CBR%20%2F%3E%3CBR%20%2F%3E*%201%20Subscription%3CBR%20%2F%3E*%201%20Resource%20Group%20for%20Networking%3CBR%20%2F%3E*%201%20Resource%20Group%20for%20Azure%20Management%20(Log%20Analytics%2C%20Diagnostic%20Storage%20account)%3CBR%20%2F%3E*%201%20Resource%20Group%20for%20Backup%3CBR%20%2F%3E*%201%20Resource%20Group%20for%20your%20Website%2FAKS%2FContainer%20on%20WebApp%20%2B%20Database%20and%20App%20Gateway%20with%20Web%20Application%20Firewall%20(ie%20everything%20that%20has%20the%20same%20lifecycle).%3CBR%20%2F%3EOptional%3A%201%20Resource%20Group%20for%20your%20external%20website%20dev%2Ftest.%3CBR%20%2F%3E*%20Enable%20Security%20Center%3CBR%20%2F%3E%3C%2FLINGO-BODY%3E
Regular Visitor

Hi

I have a requirement to migrate an containerized external facing website to Azure from AWS , how to define a landing zone for this requirement, I have read through azure documentation completely which says to start small or go for enterprise level landing zone but I'm not seeing an example architecture that suits my requirement, does anyone have any reference architecture on how an external facing web application can be deployed to containers in azure ?

1 Reply
This is how I would do it:

* 1 Subscription
* 1 Resource Group for Networking
* 1 Resource Group for Azure Management (Log Analytics, Diagnostic Storage account)
* 1 Resource Group for Backup
* 1 Resource Group for your Website/AKS/Container on WebApp + Database and App Gateway with Web Application Firewall (ie everything that has the same lifecycle).
Optional: 1 Resource Group for your external website dev/test.
* Enable Security Center