Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The Azure Kubernetes Services (AKS) landing zone accelerator defines a strategic design path and target technical state for deploying Azure Kubernetes Service (AKS) clusters in enterprise environments. This accelerator provides a modular, reference implementation that aligns with the Cloud Adoption Framework's Azure landing zones and design principles.
Establish a platform foundation before deploying AKS
A platform foundation provides shared services such as networking, identity, security, and governance. This foundation supports consistent and secure AKS deployments across your environment.
Implement a platform foundation using Azure landing zones. Use the Cloud Adoption Framework's Azure landing zone guidance to deploy shared services that include identity providers, hub-and-spoke networking, and centralized policy enforcement. This foundation simplifies security and management across your cloud environment.
Skip this step if your organization already has a platform foundation. If you already have an Azure landing zone, proceed to deploy the AKS landing zone accelerator.
Deploy the AKS landing zone accelerator
The AKS landing zone accelerator includes open-source templates and reference architectures that support scalable AKS deployments.
Use the templates from the official GitHub repository. Use the AKS landing zone accelerator repo to access ARM template, Bicep, and Terraform templates for deploying AKS infrastructure components fit your environment. Modify environment variables and parameters to align with your organization’s naming conventions, policies, and operational requirements.
Deploy the accelerator in the landing zones management group. Place the AKS workload in the appropriate subscription and management group to ensure alignment with platform governance and policy enforcement.
Evaluate the AKS design areas
Design areas help you align your AKS implementation with Azure landing zone principles. Use the following guides to evaluate and configure each area:
- Azure billing and Active Directory (if needed)
- Identity and access management
- Network topology and connectivity
- Resource organization
- Security
- Management and business continuity and disaster recovery (BCDR)
- Platform automation and DevOps
- Storage
Example conceptual reference architecture
The conceptual reference architecture illustrates a golden state for AKS in an Azure landing zone. It shows how AKS integrates with shared services and aligns with the design areas.
Azure tools and resources
| Category | Tool | Description |
|---|---|---|
| Platform foundation | Azure landing zone | Guidance on deploying an Azure landing zone. |
| Deployment templates | AKS landing zone accelerator | AKS deployment templates and instructions. |