For ARM Template steps are in the following order
-
Create Resource Group
-
If Needed Create Custom Network Security Group NSG if default NSG is not sufficent for your deployment.
-
Create Network and defined the subnets ranges and assign default or custom NSG
- Hight recommended to defined specific subnet where all private links will use
-
Create LogAnalytics
-
Create Application Insights
-
Create Private DNS Zone for all private link to use during the deployment configuration
-
Create Key Vault
-
Enable Key Vault VNET Integration
-
Enable Key Vault Private link
-
Enable Key Vault diagnostic and metric Data to Log Analytics
-
Create Azure Storage Account
-
Create Azure Storage Blob Storage
-
Enable Selected Network and select the Custom Network
-
Enable Private link
-
Enable diagnostic and metric Data to Log Analytics
-
Create Azure Event Hubs NameSpaces
-
Create Azure Event Hub
-
Create Azure Consumer group
-
Enable SaaS Portal Web App VNET Integration
-
Enable Private link
-
Enable diagnostic and metric Data to Log Analytics
-
Create Metered Billing App Service Plan
-
Enable diagnostic and metric Data to Log Analytics
-
Create Metered Billing Web App from "FunctionApp" Kind and reference metered billing App ServicePlan
-
Link Azure function App Cofiguration to KeyVault
-
Add VNET Inegration Configuration please refer to docs
-
Enable Azure function App VNET Integration
-
Enable Azure function App Private link
-
Enable Azure function App diagnostic and metric Data to Log Analytics
-
Enable Azure function App Application Insights
-
Create Application Gateway
-
Configure Front-End IP pool
-
Configure Backend and reference to Web App
-
Configure HTTP Route
-
Configure Listener
-
Enable Application Gateway VNET Integration
-
Enable Application Gateway Private link
-
Enable Application Gateway Application Insight