Azure Landing Zone: 3-Week Workshop

YASH Technologies

3-Week Workshop for planning and designing Landing Zone for Azure.

A Landing Zone is an environment provisioned in the cloud based on a set of best practices and guidelines on how to implement Azure subscriptions, Identity & Access Management, Networking, Security and Governance. Through automation, it is made available as a well-defined and repeatable standard for setting up all workloads in the cloud. This workshop provides a structured approach to understanding Landing Zone and how to plan and design one for your organization.

Key Takeaways

  • Landing Zone and why you should implement it on your Azure cloud
  • Key considerations for setting up a Landing Zone
  • Best practices in setting up Landing Zone components - Azure subscriptions, IAM, Networking, Security & Governance
  • Designing a Landing Zone based on your organization needs


Day D1-D2: Landing Zone Overview Business and IT considerations driving Digital Transformation and IT Modernization Cloud Strategy Day D3: Subscription Design and Resource Organization Best practices on setting up a management hierarchy to consistently apply access control, policy, and compliance to groups of resources. Identity Management and Access Control Defining user ID configurations, access, and password standards. Azure role-based access control (RBAC) and how it is used to manage access. Best practices for using Azure Active Directory (Azure AD) for IAM Day 4: Best practices for creation of networks within the account VPCs required per account, security groups, connectivity between on-premise and cloud accounts. Day 5: Guidelines for hardened machine images Security policies, network monitoring, log analytics, regulatory compliance and data residency. Day 6–11: Planning and Design Exercises Day 12-15: Design Validation, Final Documentation

Deliverables* Assessment Report and LZ High Level Design