Azure Infrastructure-as-Code modules
18 verified terraform modules for Azure, spanning Azure. Every artifact is statically validated (tofu validate + tflint + Checkov) and passes the publish gate before it appears here. Each ships an annotated terraform.tfvars.example and a perpetual licence with 12 months of updates.
All 18 Azure modules are static-validated, live-test pending (validated and publish-gated; a real cloud apply→verify→destroy is pending a Azure sandbox account). We never claim “live-tested” without the real test — how we verify.
All Azure modules
Application Gateway v2 + WAF
Regional L7 load balancer with WAF v2 policy, TLS termination from Key Vault, autoscaling and health probes.
$129.00
AzureAzure App Service (Linux Web App)
App Service plan + Linux web app with deployment slots, custom domain + managed TLS, VNet integration and autoscale.
$129.00
AzureAzure Bastion + Hardened Jumpbox
Bastion (Developer/Basic/Standard SKU) with optional hardened Linux VM, JIT-style NSG rules and boot diagnostics for secure VM access without public IPs.
$49.00
AzureAzure Container Apps Environment
Container Apps environment with workload profiles, Dapr, KEDA scale rules, ACR pull identity and custom domain.
$129.00
AzureAzure Container Registry
ACR with geo-replication, retention/trust policies, private endpoint and AcrPull role wiring for AKS/Container Apps.
$49.00
AzureAzure Cosmos DB Account
Cosmos DB (NoSQL or MongoDB API) with multi-region failover, autoscale throughput, private endpoint and backup policy.
$129.00
AzureAzure Front Door (Std/Premium) + WAF
Global entry point: Front Door profile, endpoints, origin groups, custom domains with managed TLS and WAF policy.
$129.00
AzureAzure Functions App
Function app (Flex Consumption or Premium) with storage, Application Insights, managed identity and VNet integration.
$129.00
AzureAzure Key Vault
RBAC-mode Key Vault with private endpoint, diagnostics, and managed keys/secrets/certificates scaffolding.
$49.00
AzureAzure Kubernetes Service Cluster
Hardened AKS with system/user node pools, workload identity, Entra RBAC integration, Azure CNI overlay, and Container Insights wired in.
$299.00
AzureAzure Landing Zone Core
Management-group hierarchy, policy baseline (ALZ-aligned), centralized logging and RBAC scaffolding — the flagship enterprise starter.
$299.00
AzureAzure Monitor & Log Analytics Baseline
Central Log Analytics workspace, diagnostic-settings-everywhere pattern, action groups and starter alert pack (metric + log + activity).
$129.00
AzureAzure SQL Database
Logical SQL server + database with Entra-only auth, firewall/private endpoint, auditing, TDE and failover-group option.
$129.00
AzureAzure Storage Account (secure-by-default)
Storage account with containers/file shares, lifecycle rules, network rules, CMK encryption and private endpoint options — Azure's most-deployed resource done right.
$129.00
AzureAzure Virtual Network (hub-ready)
Production VNet with subnets, NSGs, route tables, peering and optional NAT Gateway — the network backbone every Azure deployment starts with.
$129.00
AzureEntra ID Workload Identity Baseline
App registrations, service principals, groups and federated credentials (OIDC for GitHub/Terraform) — the identity plumbing every Azure org rebuilds by hand.
$129.00
AzurePostgreSQL Flexible Server
Flexible Server with HA option, private VNet delegation, Entra auth, firewall and tuned server parameters.
$129.00
AzureResource Group + Naming/Tagging Baseline
Opinionated resource group factory with CAF-compliant naming, mandatory tags, locks and budget alert.
$49.00