Windows Virtual Desktop Azure landing zone review
Before the Contoso cloud adoption team migrates to Windows Virtual Desktop, it will need an Azure landing zone that's capable of hosting desktops and any supporting workloads. The following checklist can help the team evaluate the landing zone for compatibility. Guidance in the Ready methodology of this framework can help the team build a compatible Azure landing zone, if one has not been provided.
- Resource organization plan: The landing zone should include references to the subscription or subscriptions to be used, guidance on resource group usage, and the tagging and naming standards to be used when the team deploys resources.
- Azure AD: An Azure Active Directory (Azure AD) instance or an Azure AD tenant should be provided for end-user authentication.
- Network: Any required network configuration should be established in the landing zone prior to migration.
- VPN or ExpressRoute: Additionally, any landing zone that supports virtual desktops will need a network connection so that end users can connect to the landing zone and hosted assets. If an existing set of endpoints is configured for virtual desktops, end users can still be routed through those on-premises devices via a VPN or Azure ExpressRoute connection. If a connection doesn't already exist, you might want to review the guidance on configuring network connectivity options in the Ready methodology.
- Governance, users, and identity: For consistent enforcement, any requirements to govern access from virtual desktops and to govern users and their identities should be configured as Azure policies and applied to the landing zone.
- Security: The security team has reviewed the landing zone configurations and approved each landing zone for its intended use, including landing zones for the external connection and landing zones for any mission-critical applications or sensitive data.
- Windows Virtual Desktop: Windows Virtual Desktop platform as a service has been enabled.
Any landing zone that the team develops by using the best practices in the Ready methodology and that can meet the previously mentioned specialized requirements would qualify as a landing zone for this migration.
To understand how to architect Windows Virtual Desktop, review the Windows Virtual Desktop requirements.
For guidance on specific elements of the cloud adoption journey, see: