Installation

Overview

Resources

• The resource group that contains a managed application synthetic resource. The synthetic resource doesn't require administration or maintenance.
• The managed resource group of the application. This group contains all Azure resources that the solution utilizes. This group includes a VNet, a key vault, an Azure Kubernetes Service (AKS) cluster, and an Azure Log Analytics workspace.
  Warning

  Don't delete the resources in the managed resource group of the application.
  These resources may require very limited administration. Administration tasks include adjusting AKS node pools to the workload and scaling up PostgreSQL servers.
• The infrastructure resource group of the AKS cluster. This group contains AKS-specific resources, such as virtual machine (VM) scale sets or load balancers. Azure fully manages this resource group.
  Warning

  Don't directly modify the infrastructure resource group of the AKS cluster.

Endpoints

• The frontend of the internal load balancer of the AKS cluster. The frontend is used for access to the solution, that is, the dashboard and the API. A Private Link service is tied to the frontend. This way, the customer can create a private endpoint that enables access to Virtual Private Cloud from the corporate network.
• The workspace storage account. This account is used to store asset files. To access this storage account, the customer has these possibilities:
  • If public access is enabled, the customer can access the account through the account's public IP.
  • The customer can create a private endpoint for the account, for example, in the same VNet or subnet as the other private endpoint. The customer is responsible for these tasks:
    • Configuring the internal DNS name resolution
    • Ensuring that internal clients can resolve the name of the storage account to the IP address of its private endpoint

Phases