Infrastructure Standards
Canonical reference: Infrastructure Standards (full)
Applies to: All AzureLocal repositories
Last Updated: 2026-03-17
Overview
Standards for Infrastructure as Code (IaC), Terraform state management, and deployment processes for AzureLocal solutions.
Infrastructure Pipeline
flowchart LR
A[Generate Variables] --> B[Validate Config]
B --> C[Plan Infrastructure]
C --> D[Review Changes]
D --> E[Apply Changes]
E --> F[Update State]
State Management
| Principle | Rule |
|---|---|
| Remote state | Store Terraform state in Azure Storage Account |
| State locking | Enable locking during all operations |
| Backup | Regular state file backups before destructive operations |
| Naming | <solution>-<env>.tfstate (e.g., platform-prod.tfstate) |
IaC Tool Parity
All tools must produce identical infrastructure when given the same configuration values:
| Tool | Primary Format | State Management |
|---|---|---|
| Terraform | .tf / .tfvars | Remote state in Azure Storage |
| Bicep | .bicep / .bicepparam | ARM deployment history |
| ARM | .json | ARM deployment history |
| PowerShell | .ps1 | Config-driven, logged |
| Ansible | .yml | Inventory-based |
Deployment Phases
| Phase | Scope | Tools |
|---|---|---|
| Phase 1: Azure Foundation | Resource groups, networking, Key Vault, storage | Terraform, Bicep, ARM |
| Phase 2: Compute & Workload | VMs, clusters, workload deployment | Terraform, PowerShell |
| Phase 3: Configuration | Guest config, monitoring, policies | PowerShell, Ansible |