Azure Blueprints.
Production-ready Azure IaC modules. Bicep and Terraform.
Free to use, practical to extend, and aligned to regulated delivery.
- Modules: reusable Bicep + Terraform for landing zones, security, and governance.
- Blueprints: reference architectures you can deploy and extend.
- Compliance: CIS, NIST 800-53, and CMMC alignment built in.
Landing Zone
management-groupsCAF-aligned management group hierarchy
hub-spoke-networkEnterprise hub-spoke topology with Azure Firewall
azure-firewallAzure Firewall Premium with IDPS
policy-baselineCIS benchmark policy sets
identity-baselineEntra ID hardening and RBAC
Security
defender-for-cloudMicrosoft Defender configuration
sentinelAzure Sentinel SIEM deployment
key-vaultKey Vault with private endpoints
private-endpointsPrivate Link configurations
Governance
azure-policy-setsRegulatory compliance policy sets
cost-managementBudgets and anomaly detection
tagging-standardEnforced tagging policies
AI Infrastructure
ai-foundry-privatePrivate AI Foundry deployment
openai-privateAzure OpenAI with Private Link
cognitive-servicesAI services baseline
Commercial Landing Zone
Complete CAF-aligned landing zone for commercial enterprises. Hub-spoke networking, governance, and identity baseline.
Federal Landing Zone (Lite)
Azure Government foundation with NIST 800-53 policy set. Full version includes CMMC Level 2 controls.
Private AI Enclave (Lite)
Basic private AI infrastructure with zero public IP. Full version includes agent governance and compliance docs.
| Feature | Public | Premium |
|---|---|---|
| Core modules | Included | Included |
| Advanced configurations | Basic | Full |
| Compliance documentation | Mapping only | Full SSP/POAM |
| Implementation support | Community | Dedicated architect |
| Priority updates | N/A | Included |
Built by Azure Architects
These modules power our production deployments. Battle-tested and compliance-ready.