
# 🤖 Azure Landing Zone: Automation

## Overview

Automation in Azure Landing Zone helps reduce manual effort, improve deployment consistency, and enforce governance. It covers both infrastructure provisioning (IaC) and application deployment (CI/CD).

---



## 🏗️ Infrastructure Provisioning (IaC)

Use tools like Terraform, Bicep, and ARM templates to define and deploy cloud resources declaratively.

### Tools:
- **Terraform**: Open-source, multi-cloud IaC tool.
- **Bicep**: Simplified DSL for Azure-native infrastructure.
- **ARM Templates**: JSON-based native deployment format.



# main.tf (Terraform)
provider "azurerm" {
  features {}
}

resource "azurerm_resource_group" "example" {
  name     = "rg-automation-demo"
  location = "East US"
}



## 🚀 Application Deployment (CI/CD)

Automate application deployment using GitHub Actions, Azure DevOps, or CLI scripting. This reduces manual steps and allows for version-controlled, repeatable workflows.

### Tools:
- GitHub Actions
- Azure DevOps Pipelines
- Azure CLI or PowerShell Scripts



# .github/workflows/deploy.yml
name: Deploy to Azure Web App

on:
  push:
    branches:
      - main

jobs:
  build-and-deploy:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout Code
      uses: actions/checkout@v3

    - name: Deploy to Web App
      uses: azure/webapps-deploy@v2
      with:
        app-name: "my-landingzone-app"
        publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }}
        package: "."



## 🛠️ Shell Script for VM Initialization
Useful for bootstrapping services like Apache, MySQL, or WordPress.



#!/bin/bash
# install.sh

apt-get update
apt-get install -y apache2 php php-mysql mysql-server
systemctl start apache2

cd /var/www/html
wget https://wordpress.org/latest.tar.gz
tar -xvzf latest.tar.gz
cp -r wordpress/* .
chown -R www-data:www-data /var/www/html



## ✅ Best Practices

| Practice                    | Description                                             |
|-----------------------------|---------------------------------------------------------|
| 📄 Use IaC for consistency  | Avoid manual deployments using Terraform/Bicep         |
| 🔁 Integrate CI/CD          | Automate app builds and deploys via pipelines          |
| ✅ Validate before deploy   | Run `terraform validate` and `plan` before apply       |
| 🏷 Auto-tag resources       | Include tags in your deployment templates/scripts      |
| 🔄 Reusable modules         | Break IaC into reusable modules for teams              |



## ✅ Summary

> Automation in Azure Landing Zone is not just about saving time—it's about creating reliable, scalable, and repeatable deployments for infrastructure and applications.
