salmon-air-62010
04/07/2024, 9:44 AMsalmon-air-62010
04/08/2024, 9:39 AMadventurous-butcher-54166
04/08/2024, 1:13 PMproject
is a "self-contained" workload that includes most dependencies for it to run
ā¢ stack
is the environment (dev, prod, test etc.)
I then layer the projects (workloads):
ā¢ landing_zone
-> Configures identities, permissions and resources which are shared across workloads
ā¢ hubspoke
-> Provisions networking for an environment. This is where I usually have VPN or in your case a bastion host
ā¢ app_zone
-> Provisions an application runtime environment ā container service, container registry, secret store, centralized logging, data stores shared by multiple applications (SQL/blob etc...)
ā¢ <app_workload> (multiple)
-> A single application workload, usually containerized
All of these projects have dev/prod/test stacks and they will usually have dependencies in the form of stack references to upstream projects... `<app_workload>`s will require a reference to which app_zone
it should run in. An app_zone will need a private network/subnet which it will reference from hubspoke
and so on...adventurous-butcher-54166
04/08/2024, 1:14 PMadventurous-butcher-54166
04/08/2024, 1:25 PMadventurous-butcher-54166
04/08/2024, 1:27 PM