Whatβs Included
Included in Setup
- Modular setup using Terraform modules by service and environment
- Secret handling via Key Vault
- Remote state setup using Azure Storage and locks
- RBAC configuration and scoped assignments
- Multi-stage apply strategy (bootstrap β stage 2)
We can also import your existing resources into Terraform state without downtime β perfect for brownfield Azure environments.
Glossary
While we try to avoid jargon, sometimes it's the clearest way to explain technical concepts. Here's a brief glossary of terms used on this page.
Development & DevOps
- Microservices
- Design pattern using small, self-contained services for each feature.
- Webhook
- Automatic message sent from one system to another when an event occurs β often used for integrations and real-time triggers.
- Background Jobs
- Automated tasks that run behind the scenes β like sending emails, processing queues, or scheduled cleanups.
- Terraform
- Tool to define and deploy infrastructure as code (IaC).
- Azure Pipelines
- CI/CD system that automates build, test, and deployment in Azure.
- YAML
- YAML Ainβt Markup Language β a human-readable format often used for config files in CI/CD pipelines and infrastructure tools.
- CI
- Continuous Integration β automatically building and testing code with each change.
- CD
- Continuous Deployment β automatically releasing tested changes to production.
- MVP
- Minimum Viable Product β a basic version of a product for testing.
Security & Compliance
- GDPR
- General Data Protection Regulation β EU/UK law on personal data.
- reCAPTCHA
- Google service that protects websites from bots and abuse.
- OAuth
- Open Authorization β a secure way for apps to access user data without sharing passwords.
- API Key
- Unique identifier used to authenticate a request to an API, often used for basic access control.
- JWT
- JSON Web Token β a compact, secure way to transmit identity and claims between systems.
- 2FA
- Two-Factor Authentication β adds an extra layer of security by requiring a second form of verification.
- RBAC
- Role-Based Access Control β restricts system access based on a user's role (e.g. admin, editor, viewer).
- Key Vault
- Azure service for securely storing secrets, certificates, and encryption keys, often used in secure infrastructure deployments.
- B2C
- Azure Active Directory B2C β a Microsoft identity service for customer-facing apps, supporting social and enterprise logins.
- PBKDF2
- Password-Based Key Derivation Function 2 β a secure hashing algorithm commonly used to store user passwords.
- MFA
- Multi-Factor Authentication β requires two or more verification methods to enhance login security.
- OpenID
- OpenID Connect β an identity layer on top of OAuth 2.0 used for federated authentication.
- SSO
- Single Sign-On β allows users to log in once and gain access to multiple systems without re-authenticating.
- DNSSEC
- Domain Name System Security Extensions β protects DNS from spoofing by digitally signing DNS data to verify its authenticity.
- Security Headers
-
Common HTTP headers used to harden apps:
- CORS
- (Cross-Origin Resource Sharing) β restricts cross-origin access to APIs.
- HSTS
- (Strict Transport Security) β enforces HTTPS connections.
- CSP
- (Content Security Policy) β limits executable scripts and resources.
- X-Frame Options
- β prevents clickjacking by disallowing iframes.
Talk DevOps
From Infrastructure-as-Code to CI/CD — get advice or support on your Azure platform setup.