Skip to content

Commit 6e47dc7

Browse files
anwatherAnthony Watherston
anwather
and
Anthony Watherston
authored
Add new repo for Terraform exclusion - docs update (#1038)
* Add new repo for Terraform exclusion * Fix typo --------- Co-authored-by: Anthony Watherston <[email protected]>
1 parent def8ad7 commit 6e47dc7

File tree

1 file changed

+11
-2
lines changed

1 file changed

+11
-2
lines changed

Docs/integrating-with-alz-library.md

Lines changed: 11 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -318,16 +318,25 @@ Sync-ALZPolicyFromLibrary.ps1 -DefinitionsRootFolder .\Definitions\ -Type ALZ -L
318318

319319
The process to migrate from the legacy sync process to the new process mainly involves changed to how the assignment files are generated and maintained. If the environment structure is well-aligned to the Cloud Adoption Framework the process will be fairly seamless. For environments which aren't aligned it will present a little bit more of a challenge however the initial complexity is balanced by less maintenance in the future when synchronising.
320320

321-
## CAF Aligned
321+
### *Cloud Adoption Framework Aligned*
322322

323323
Use the process [documented here](integrating-with-alz-library.md#using-the-new-azure-landing-zone-library-sync-process).
324324

325325
Ensure that the management groups and the parameter values are updated in the newly generated structure file. When synchronising and running the build plan changes should be fairly minimal as all the assignments already exist - but any discrepancies should be examined as to why changes are being made.
326326

327-
## CAF Unaligned
327+
### *Cloud Adoption Framework Unaligned*
328328

329329
Because the environment is not aligned to CAF - the sync process using the legacy method will already require a number of changes to the default assignment files. In this case it is best to maintain a [custom library](integrating-with-alz-library.md#using-a-custom-library-for-custom-management-group-structures).
330330

331331
Carefully add the new archetypes to the cloned library - ensuring that all assignments are included.
332332

333333
Again the sync process should be fairly simple as all the assignments already exist - however there will be more assignment files to manage. Setting up the custom library properly will ensure a seamless transition.
334+
335+
### Using EPAC to manage ALZ policies in place of Terraform
336+
337+
If you are using Terraform to manage ALZ policies but are planning on integrating EPAC - you must stop Terraform from managing the policies.
338+
339+
Depending on the method of deployment for your Terraform based ALZ you can use the links below to find files which can override the default archetypes containing the policy definitions and assignments. Use these in your Terraform repo to remove its ability to manage policy.
340+
341+
- Azure Verified Module - avm-ptn-alz - <https://github.com/anwather/epac-removetf-avm>
342+
- Legacy CAF module - terraform-azurerm-caf-enterprise-scale - <https://github.com/anwather/epac-removetf>

0 commit comments

Comments
 (0)