Core Building Block

At the heart of every subscription is a Core Building Block containing the resources that manage the health of your estate.

Core houses “cross-cutting” concerns that apply to all resources. There are six capability stacks in Core which form the foundation of good cloud service management.

Deploying Core is a straightforward first step toward building the operational capability of your cloud estate.

Keys

A Keys stack is a specialist store for certificates, passwords, keys, and tokens. This integrates with other cloud services to allow for secure dissemination of access controls.

Whether you are encrypting VM disks, enforcing SSL on websites, or configuring connections to SQL databases in a DevOps pipeline, the secure value should be put into a secret store. Almost every resource will require some kind of access control key, so a secret store is a critical part of your Core architecture.

Tagging

While not a resource in itself, a standardised Tagging stack enables clearer operational processes and automation possibilities. A good tagging strategy allows resources to participate in pre-defined automation behaviours and defines relationships between resources and wider service concepts. For example:

Monitoring

Concerned with the storage and management of logs across the cloud environment. Alongside the ability to search and interrogate logs are options around metrics to be tracked, alert thresholds, and onward incident processing when these thresholds are breached.

Monitoring must be deployed and integrated into wider cloud operational processes.

Automation

Changes to cloud environments can take one of two paths:

  • Redeployments from defined source code repositories
  • Changes driven by cloud automation (this component)

Standard Operational Procedure can be defined and carried out by Automation accounts. These procecures can further be triggered to run when some threshold or specific alert type is detected in the monitoring stack, potentially making an environment self-healing and reducing the burden on Service Desk teams.

Cost controls

Consumption-based charging can be a blocker to cloud adoption. As costs are not predictable, typical financial controls may be ineffective. New tools and processes are needed to monitor spend and quickly react to unexpected consumption. The Budget stack includes tooling to track and control spend tied into operational process.

The Cost Control stack also includes associated cost optimisation configuration options.

Edit this page on GitHub

The content on this page is published under Open Source licenses via GitHub. To submit issues or provide feedback please visit the repository.

Visit