Create paved roads
Blueprints for creating cloud resources with best practices embedded
This blueprint creates an Azure Resource Group with best practices in mind, such as providing a default location of "eastus" while allowing customization, and encouraging the use of tags for better resource identification and management. It organizes variables into intuitive groups to assist users—including those who may not be cloud infrastructure experts—in configuring essential settings easily.
This blueprint creates a Google Compute Engine instance with best practices in mind, such as not assigning a public IP address by default to enhance security. It uses a default machine type of e2-medium and a Debian 10 image for the boot disk, promoting cost-effectiveness and stability. The blueprint encourages the use of labels for better resource management and organizes variables into logical groups to assist users—including those who may not be cloud infrastructure experts—in configuring essential settings easily.
This blueprint creates an Azure Network Security Group (NSG) with best practices in mind, encouraging the definition of specific security rules to control network traffic and enhance security. It uses secure defaults while allowing customization to suit different requirements. The blueprint also promotes the use of tags for better resource identification and management, organizing variables into intuitive groups to assist users—including those who may not be cloud infrastructure experts—in configuring essential and advanced settings easily.
This blueprint creates an AWS Route Table associated with a specified VPC. It allows users to define multiple routes using section tags, adhering to best practices by encouraging the use of tagging for resource identification and management. The blueprint is organized into groups to assist users, including those who may not be cloud infrastructure experts, in configuring essential settings and routes easily.
This blueprint creates an AWS S3 bucket with best practices in mind, such as blocking public access by default, enabling server-side encryption and versioning to protect data integrity and security. It provides options for access logging and tagging for better resource management. The blueprint is organized to guide users through essential settings while offering flexibility for advanced configurations.
This blueprint creates an AWS IAM Policy by requiring users to provide a valid JSON policy document, adhering to best practices in security and compliance. It encourages the use of tags for resource identification and management, organizing variables into groups to assist users—including those who may not be cloud infrastructure experts—in configuring essential settings easily.
This blueprint creates an Azure Managed Disk with best practices in mind, such as defaulting the storage account type to "Standard_LRS" for cost-effectiveness and setting the create option to "Empty" for a new disk. It encourages the use of tags for better resource identification and management. Advanced configurations like specifying the OS type and source URI are available for more experienced users, and variables are organized into logical groups to assist users—including those who may not be cloud infrastructure experts—in configuring essential and advanced settings easily.
This blueprint creates an AWS IAM User with best practices in mind, such as encouraging the use of tagging for resource identification and management. It provides advanced options like setting a permissions boundary for enhanced security control. The blueprint organizes variables into groups to assist users, including those who may not be cloud infrastructure experts, in configuring essential and advanced settings easily.
This blueprint creates a Google Cloud VPC network following best practices by defaulting to custom mode (auto_create_subnetworks set to false), allowing for manual subnet creation and better control over network configuration. It includes advanced options like routing mode and MTU with sensible defaults, providing flexibility for advanced users. The blueprint is organized to help users, including those who may not be cloud infrastructure experts, configure essential settings easily.
This blueprint creates an Azure Virtual Machine with best practices such as disabling password authentication by default to enhance security and encouraging the use of SSH keys for authentication. It uses managed disks and defaults to the latest Ubuntu LTS image. Variables are organized into intuitive groups to assist users who may not be cloud infrastructure experts. The blueprint also promotes the use of tags for better resource identification and management.
This blueprint creates an Azure SQL Database with best practices in mind, such as defaulting to the 'Basic' edition and service objective for cost-effectiveness, setting a standard collation, and encouraging the use of tags for better resource identification and management. It allows customization of advanced settings like collation and maximum size, organizing variables into logical groups to assist users—including those who may not be cloud infrastructure experts—in configuring essential and advanced settings easily.
This blueprint creates an AWS RDS Cluster following best practices such as enabling encryption at rest for data security, setting deletion protection by default to prevent accidental deletion, and configuring sensible defaults for backup retention and preferred backup windows. It encourages the use of tags for resource identification and management. The blueprint is organized into intuitive groups to assist users—including those not well-versed in cloud infrastructure—in configuring essential and advanced settings easily.
This blueprint creates an Azure Load Balancer with best practices in mind, such as defaulting to the 'Standard' SKU for enhanced features and security. It provides flexibility to configure either a public or internal Load Balancer by allowing users to specify the appropriate frontend IP configurations. The blueprint promotes the use of tagging for better resource management and organizes variables into logical groups to guide users—including those who may not be cloud infrastructure experts—through the essential and advanced settings.
This blueprint creates an AWS RDS DB instance following best practices such as enabling encryption at rest for data security, setting Multi-AZ deployment by default for high availability, and disabling public access to enhance security. It organizes variables into intuitive groups to assist users—especially those not well-versed in cloud infrastructure—in configuring essential and advanced settings easily. The blueprint also encourages tagging for better resource identification and management.
This blueprint creates an AWS SNS Topic with best practices in mind, such as encouraging the use of KMS encryption to secure messages at rest. It allows users to specify custom policies for fine-grained access control and delivery settings. Tags are included to promote better resource identification and management. The blueprint organizes variables into intuitive groups to assist users—including those not well-versed in cloud infrastructure—in configuring essential and advanced settings easily.
.webp)
.webp)
.webp)
.webp)