Azure Verified Modules: Streamlining Infrastructure as Code What Are Azure Verified Modules (AVM)?

Azure Verified Modules (AVM) is our latest project aimed at unifying the Infrastructure as Code (IaC) module strategy across Microsoft. Currently, Microsoft supports Bicep and Terraform, and looking forward to expanding this in the future.

Why AVM?

Many organizations begin their cloud journey by manually deploying resources through the Azure Portal. Over time, they start using IaC tools like Bicep and Terraform to automate deployments, often through GitHub Actions or Azure DevOps Pipelines. However, as teams within the organization independently create their own IaC scripts, inconsistencies arise. You might find five different ways to deploy a VNet, ten different ways to deploy a VM, and so on. This results in redundant code that’s hard to manage.

The Problem with Existing Solutions

When searching for IaC solutions, customers often encounter numerous open-source repositories. These come with different standards, goals, and support levels. Some may even become stale over time due to a lack of maintenance. Often, these were not officially supported by Microsoft, but rather community-driven projects that started internally.

The AVM Solution

AVM addresses these issues by providing officially supported modules with a clear ownership process. If you encounter any issues, you can raise a support ticket, and the module maintainers will respond. AVM brings together two previous projects: Terraform Verified Modules and CARO, a Bicep project. This unification ensures a consistent and reliable IaC experience across Microsoft.

Core Principles of AVM

1.???? Well-Architected by Default: AVM aligns with the Well-Architected Framework, ensuring resources are deployed securely and in highly available configurations. For example, resources are deployed across multiple availability zones, and public access is disabled by default unless explicitly enabled.

2.???? Resource and Pattern Modules:

1. Resource Modules deploy individual resources like VMs, ensuring all necessary components (e.g., disks, network adapters) are included.
2. Pattern Modules deploy collections of resources, such as a complete application tier with load balancers, virtual machine scale sets, and network security groups.

3.???? Standardized Interfaces: AVM simplifies common Azure tasks such as private endpoints and role-based access control by offering standardized inputs across all modules.

Use Cases for Azure Verified Modules

AVM is designed to help application teams streamline their deployment processes, especially during the adoption phase of the Azure Cloud Adoption Framework. While primarily aimed at application deployments, AVM can also be used by platform teams for platform-level deployments like hub networking or virtual WAN management.

How to Get Started with AVM

If you're interested in learning more about AVM, visit aka.ms/AVM . Here, you'll find:

• Support Statements: Microsoft's commitment to maintaining and updating these modules.
• Specifications: Detailed functional and non-functional requirements for resource and pattern modules.
• Module Index: A list of available modules and those in development.

If you don’t see the module you need, you can propose new modules or even contribute to existing ones through GitHub.

Conclusion

Azure Verified Modules provide a centralized, supported solution for deploying infrastructure as code. Whether you're building applications or managing platform resources, AVM offers a consistent, reliable, and secure approach to accelerate your cloud deployments.

?