GDCT
Governance
Introduction
GitHub Enterprise Team Structure
Attestation Process
Conclusion
Standards
Cloud
Azure Application (API) Gateway Management
Environments
Deployment to the APIM’s
Products
Subscriptions
Developer Portal
Signing up for an account
Accessing the API’s
Monitoring and Metrics
Contacting the Cloud Ops Team
How GDCT Manages and Provisions Subscriptions
Sandbox
Retention
Your Team Wants to Create Resources from Experimentation
TODO, complete this
Naming Conventions
Legacy Workloads and Naming
Repository Names
Subscription Example
Resource Group Standards
Resource Naming
What needs to change
Secrets Management
Usage Guidance
GitHub Secrets
Terraform Secrets
Key Vault Secrets
App Configuration
Glossary
Code
Introduction
What is a Self-Hosted Runner
Differences between GitHub-hosted and self-hosted runners
Seagen Self-Hosted Runner Standards
Other Standards
IaC
Standard Module Structure
Azure Storage Account Terraform Module
Resources
Example Usage
Storage Account
Containers
SMB File Shares
Inputs
Outputs
Pipelines
Promoting Code through the Seagen Change Control Process
Tooling
Introduction
Microsoft Certified Extensions
Hashicorp
Git
Behavior Driven Development
Optional Extensions
Added Tools
Strategies
Cloud Subscriptions
Introduction
Sandboxes
Dev/Test
Standardization
Resource Groups within Subscriptions
Cloud Technologies
Name of Resource
Use Cases
Process for Use
Standards and Practices
2023 Plan
2024 Plan
Release Notes
Azure
Application Insights
Azure Service Bus Namespace - Authorization Rule
Azure API Management in each of the 3 subscriptions for ETS.
Azure Active Directory B2C
Azure Active Directory Domain Services
Azure Active Directory (Free and Premium P1 + P2)
Azure SQL Server (IaaS)
Azure SQL Edge
Azure VM Image Builder
Azure VMware Solution
Azure VPN Gateway
Azure Advanced Threat Protection
Azure Advisor
API Management
Implementing Azure API Management for Cross-Functional Collaboration
Integrating Azure API Management into DevOps for Enhanced Support and Collaboration
Application Change Analysis
Azure App Configuration
Application Gateway
Azure Applied AI Services
Application Service: API Apps
Application Service: Mobile Apps
Application Service: Static Web Apps
Application Service: Web Apps
Appsource
Azure Arc-enabled Kubernetes
Azure Arc-enabled Servers
Azure Archive Storage
Azure Attestation
Automation
Azure Bastion
Azure Batch
Azure Blockchain
Azure Blueprints
Azure Bot Service
Azure Cache for Redis
Azure Cloud for Sustainability
Azure Cloud Shell
Azure Cloud Services
Azure Cognitive Search
Azure Cognitive Services REST APIs
Azure Cognitive Services: QnA Maker
Azure Cognitive Services: Anomaly Detector
Azure Cognitive Services: Computer Vision
Azure Cognitive Services: Content Moderator
Azure Cognitive Services: Custom Vision
Azure Cognitive Services: Face
Azure Cognitive Services: Form Recognizer
Azure Cognitive Services: Immersive Reader
Azure Cognitive Services: Language Understanding
Azure Cognitive Services: Personalizer
Azure Cognitive Services: Speech Services
Azure Cognitive Services: Text Analytics
Azure Cognitive Services: Translator
Azure Communication Services
Azure Container Instances
Azure Container Registry
Azure Container Service
Azure Content Delivery Network
Azure Cosmos DB
Azure Cost Management and Billing
Azure Data Catalog
Azure Data Explorer
Azure Data Factory
Azure Data Lake Analytics
Azure Data Share
Azure Database for PostgreSQL
Azure Database Migration Service
Azure DDoS Protection
Azure Defender for IoT
Azure DevOps (formerly VSTS)
Azure DevTest Labs
Azure Digital Twins
Azure DNS
Azure Event Grid
Azure Event Hub
Azure Express Route
Azure File Sync
Azure Firewall
Azure Firewall Manager
Azure Front Door
Azure Functions
Azure Healthcare API (previously API for FHIR)
Azure Information Protection
Azure Intelligent Recommendations
Azure IoT Hub
Azure Key Vault
Azure Kubernetes Configuration Management
Azure Kubernetes Service (AKS)
Azure Lab Services
Azure Load Balancer
Azure Logic Apps
Azure Machine Learning
Azure Managed Application
Azure Maps
Azure Media Services
Azure Migrate
Azure Monitor
Azure Multi-Factor Authorization
Azure Netapp Files 3
Azure Network Watcher
Azure Notification Hubs
Azure Peering Service
Azure Policy
Azure Portal
Azure Power BI Embedded
Azure Private Link
Azure Public IP
Azure Purview
Azure Red Hat OpenShift
Azure Resource Graph
Azure Resource Manager
Azure Resource Mover
Azure Route Server
Azure Scheduler
Azure Security Center
Azure SignalIR Service
Azure Signup Portal
Azure Site Recovery
Azure Snowflake
Azure Sphere
Azure Storage: Blob
Azure Storage: Disks
Azure Storage: Files
Azure Storage: Queues
Azure Storage: Tables
Leveraging Azure API Management for Organizational Growth
Azure Service Fabric
Azure Service Health
Azure Synapse Analytics
Azure Time Series Insights
Azure Traffic Manager
Azure Virtual WAN
Azure Virtual Desktop
Azure Virtual Machine (incl. Reserved Instances)
Azure Virtual Machine Scale Sets
Azure Virtual Network
Azure Virtual Network Address Translation (NAT)
Azure Web App Firewall
Azure Web PubSub
Azure SQL and MSSQL Server Secure Access Restrictions and Requirements
Azure SQL PaaS Database
Databricks Workspace Computing
Microsoft Genomics
Microsoft Power Automate
Name of Cloud Technology
Google (GCP)
Google IAM and Admin
Google Anthos
Google API and Services
Google App Engine
Google Application Integration
Google Artifact Registry
Google Batch
Google BigQuery
Google BigTable
Google Billing
Google Bucket
Google Cloud Build
Google Cloud Run
Google Cloud Scheduler
Google Cloud Storage
Google Cloud Tasks
Google Compliance
Google Compute Engine
Google Container Registry
Google Data Transfer
Google Databricks
Google Dataflow
Google Dataprep
Google Dataproc
Google Debugger
Google Deployment Manager
Google Document DB
Google Elastic Cloud
Google Error Reporting
Google Filestore
Google Functions
Google Healthcare
Google Hybrid Connectivity
Google Identity Platform
Google Kubernetes Engine
Google Life Sciences
Google Logging
Google Maps Platform
Google Memorystore
Google Monitoring
Google Network Intelligence
Google Network Security
Google Network Services
Google Network Service Tiers
Google Profiler
Google Pub/Sub
Google Security
Google Service Catalog
Google Spanner
Google SQL Server (IaaS)
Google Support
Google Trace
Google Vertex AI
Google Vertex AI Vision
Google VPC Network
Google Workflows
Introduction
Oracle
Introduction
Salesforce
Introduction
Mono Repos
Introduction
When can it be used
What are some challenges with monorepos
Who are using monorepos today
What to consider when creating and using a monorepo
Next steps
References
Infrastructure
Introduction
Assumptions
Site Provisioning
Onboarding a Repo
Using the 3-digit Server VM Code
Domain
Who owns the process
What happens when there is not a 3 letter code
Decision from GDCT
Issues
Monitoring
Monitoring Strategy for Global Digital Cloud Transformation
Technical Implementation of Services
Network
Strategy: Azure Region Peering
Planning for the Global Azure Infrastructure
Differences Between Peering and VPN
Peered Azure Region
VPN Connection
Advantages to Peering
Azure Peering Security Considerations
Security Benefits
Security Concerns
Zero Trust Architecture Implications
Conclusion
Managing IP Addresses with Azure Region Peering
Plan your IP address space
Subnet allocation
Reserve IP ranges for future use
Consistent naming and tagging
Use IP address management (IPAM) tools like Efficient IP
Automate IP allocation
Monitor and audit IP address usage
Update and maintain IP address documentation
Conclusion
Testing
Test Automation Framework
Tooling
Introduction
Scope of Change
Engineering
Applications and Solutions
Authentication and Authorization
Data and Information Quality Management
Baseline Testing
Infrastructure and Hardware Testing
Training
Cloud Training
Outline
Training Paths
Introduction to Global Digital Cloud Transformation
Continuous Integration/Continuous Delivery (CI/CD)
Developer Training
Analyst/Tester Training
References
CI/CD
Cloud
Analyst/Tester
GitHub
GDCT Request Automation
GitHub Introduction
Shift Quality to the Left
What is GitHub and GitHub Actions
Vision
Configuration as Code
CaC Solves Real Problems
Manage any Configuration
Manage On-Premises - OS - Lab Distributions and Configuration
Vision
References
Infrastructure as Code
IaC solves real problems
Manage any Infrastructure
Module Support
Terraform Resources
Resources That are Not Allowed
Standardize your deployment workflow
IaC delivers real benefits
Prefer declarative definitions
Using IaC on Azure
Vision
Out of Scope
References
M1 Scope for GDCT
Criteria for Success
Onboarding Changes
Azure Resource Deployment
Google Resource Deployment
Oracle Resource Deployment
Salesforce Veeva Deployment
Terraform Cloud
Octoperf Test Automation
Overall Process
VSM Imaging
Introduction
Roadmap
Timeline
Ingestion Process
Scale
Number of Concurrent Users
Zero Trust Architecture
Zero Trust Architecture
How is ZTA Measured?
What is the Value of ZTA
What IT Teams are Involved in ZTA?
What are the Risks of not Implementing Zero Trust Architecture?
References
Introduction
How can ZTA be Applied to an Application Running in Azure?
How can ZTA be Applied to a Data Architecture and our Data Ecosystem?
How can ZTA be Applied to the Implementation of a Manufacturing Process Automation System?
Introduction
Problems
Scenarios
Deliverables by EOY
How-Tos
Getting Started with GitHub and Terraform
Project Request Process
Azure Arc
How to deploy and link arc related resources
Files - they should be used in this order for optimal results
General Information Before You Start
Azure Arc Location
How to setup AKS cluster and hook it up to Azure Arc
Create a new cluster and connect to it
Once you have a cluster running
Once the cluster is conected, you can move on to install the data controller and app services extensions with a new location
This holds instructions on how to setup a GKE cluster and link it to to Azure Arc
Create a new cluster and connect to it
Install gcloud locally or use a cloud shell in the UI to run the following commands
Hook it up to ARC, this will be run locally or on the Azure side:
Once the cluster is conected, you can move on to install the data controller and app services extensions with a new location
This describes the process to install the following extensions on the Arc resource for the Kubenetes clusters created
All the above services can be added through the UI by navigating to the Extensions page for the Arc resource for the clusters
It is recommended to use a Log Analytics Workspace
Once these are installed you can now deploy apps, functions, and managed SQL to the new custom location
This holds instructions on how to setup a VM or SQL VM in Arc
Detailed instructions on how to setup a VM or SQL VM
If you are unable to login to AZ then you will have to do the following while setting up a VM
This page outlines ways to troubleshoot your Arc deployments
How to verify the pods are running the workload
Please add more troubleshooting instructions here as they arrise
Automated Testing
Introduction to Octoperf
Logging In
Navigation
Design the Tests
Run the Tests
Analysis
Limits
Recommendations
Conclusion
LeanIX VSM Integration with GitHub Actions
Introduction
Local Setup
Configuration
Building/Testing Locally
Publishing Documentation
References
Start Developing: Introduction
How to Get Started
How-to: Enter Something Here
Background
Details
Expectations
Assumptions
Outcomes
References
Architectures
Lambda Architecture
Batch Layer
Serving Layer
Speed Layer (Stream Layer)
Benefits of lambda architectures
Challenges with lambda architectures
Seagen Demand
References
Rx Logix Documentation
Registry
Blueprint: CosmosDB and Global Replication
Overall Plan
Core Cloud Components
Base Configuration
Testing - Monitoring - Support
Training - Delivery
Blueprint: CKan Knowledge Platform
Overall Plan
Core Cloud Components
Base Configuration
Testing - Monitoring - Support
Training - Delivery
Blueprint: CosmosDB and Global Replication
Overall Plan
Core Cloud Components
Base Configuration
Development and Staging Subscriptions
Development and Staging Defaults
Performance and Production Defaults
Testing - Monitoring - Support
Training - Delivery
References
Blueprint: Azure SQL with Networked Global Delivery
Overall Plan
Core Cloud Components
Base Configuration
Development and Staging Subscriptions
User Defined Settings
Defaulted Module Settings Network
Testing - Monitoring - Support
Training - Delivery
SLAs
September 3, 2021
Project Goals
SLO and SLAs
Metrics
Support
Introduction
Approach for Cloud Product Management
Ongoing Cloud Governance
Resources Needed
2023 Roadmap
Cloud Engineering and Networking
Resources Needed
2023 Roadmap
DevOps Automation and Operations
Resources Needed
2023 Roadmap
Platform Needs
GitHub Enterprise
Snyk
Octoperf
Terraform
Sentinel
Artifactory
Ansible Cloud
Cloud Account Management
Cloud Server Management
Cloud Network Management
Ephemeral Environments
Monitoring
Cloud Monitoring
Application Support
DevOps Community of Practice
Scenarios
Governance
Community Support
DRAFT FOLLOW-UPS
Git SCM Support
Installation
Windows
MAC
Documentation
GitHub Support
Setting User Name and Email
Terraform Module Support
Versioning
What does support mean
What Terraform providers are supported by Global DevSecOps
What Terraform Modules are currently supported by Global DevSecOps
Azure Kubernetes Services
Azure API Management
Azure Application Insights
Azure Authorization Rules
Azure Cognitive Account Services - v.007
Azure Cosmos DB - v.0.0.11
Azure SQL Database - v 0.0.22
Azure Databricks Cluster - v0.0.8
Azure Databricks Workspaces - v0.0.1
Azure Data Factory - v0.0.12
Azure Data Lake Gen 2 - v0.0.6
Azure Firewall - v0.0.1
Azure Function Apps - v0.0.8
Azure Identify Providers - v0.0.9
Azure Key Vault - v0.0.4
Azure Kubernetes Cluster - v0.0.1
Azure Network Watcher - v0.0.9
Azure Redis Cache - v0.0.6
Azure Service Bus - v0.0.7
Azure Signal R - v0.0.18
Azure Storage - v0.0.7
Azure VNET - v0.0.7
Azure Windows Web App - v0.0.5
Google App Engine - v0.0.3
Google Big Query - v5.2.0
Google Cloud Build - v0.1.0
Google Cloud Run - v0.0.3
Google Cloud Storage - v3.2.0
Google Databricks - v0.1.0
Google Data Flow - v2.1.0
Google Data Processor - v0.0.2
Google Event Function - v2.2.0
Google Cloud Commands - v3.1.1
Google Groups - v0.0.1
Google Healthcare - v2.2.0
Google Kubernetes - v19.0.0
Google Memory Store - v4.1.0
Google Network - v5.0.0
Google Project Services - v0.0.0
Google PubSub - v3.2.0
Google Scheduled Function - v2.2.0
Google Secret Manager - v0.3.1
Google Spanner - v0.2.0
Google SQL DB - v8.0.0
GDCT
Cloud Subscriptions
GitHub
View page source
GitHub