Start of documentation

docs/README.md

@@ -0,0 +1,18 @@
+# Seamless App Deployment with IBM Cloud's Secure Landing Zone
+
+With the release of IBM Cloud Deployable Architectures, it is easy to provision an exisiting pre-defined architecture or customize and import.
+
+In this hands-on lab, you will learn to:
+
+1. Create a customized VPC-based topology using the VPC Landing Zone Deployable Architecture
+2. Deploy and expose a web application on top of this secure topology. For this lab, we will use an Apache service as an example.
+3. Share this deployable pattern with your enterprise through the IBM Cloud Private Catalog
+
+The objective of this lab is split into two distinct parts. The first part is built as a stepping stone for the second part.
+
+- Part 1 shows how the end-to-end steps to deploy a sample web application on top of a secure VPC-topology in your own account.
+  - The secure VPC-based topology will be deployed using the Landing Zone Deployable Architecture.
+  - Operator access will be provided through a manually deployed jump box VSI
+  - An Apache server will be deployed in a secure VSI workload VPC
+  - The web application will be exposed for outside access.
+- Part 2 shows how to automate the manual steps in Part 1, and then, how to package, and share the automation as a “Deployable Architecture” with other user through a private IBM Cloud Catalog

docs/about/10-fs-cloud.md

@@ -0,0 +1,25 @@
+# VPC Landing Zone
+
+IBM VPC Landing Zone (“SLZ”) is a set of [Infrastructure-As-Code](https://en.wikipedia.org/wiki/Infrastructure_as_code) automation that enables creating a fully customizable VPC environment within a single region. The VPC Landing Zone is implemented in terraform and automates the provisioning, configuring, and integration of several services that participates in the realization of a compliant VPC-based topology:
+
+- A resource group for cloud services and for each VPC.
+- Cloud Object Storage instances for flow logs and Activity Tracker
+- Encryption keys in either a Key Protect or Hyper Protect Crypto Services instance
+- A management and workload VPC connected by a transit gateway
+- A flow log collector for each VPC
+- All necessary networking rules to allow communication.
+- Virtual Private Endpoint (VPE) for Cloud Object Storage in each VPC
+- A VPN gateway in the management VPC
+
+[Available VPC Landing Zone terraform modules](https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone)
+
+VPC Landing Zone comes with four fully functional patterns that are strictly following the IBM Cloud Financial Services reference architecture:
+
+- VPC pattern
+- VPC with Virtual Servers (“VSIs”) – which the lab will use.
+- VPC with OpenShift
+- VPC with VSIs and OpenShift (“mixed”) pattern.
+
+Each of the patterns can be used as a starting point to create your own customizable VPC-based topology that matches your enterprise or customer exact needs.
+
+![VPC reference architecture](../images/about-fs-cloud.png)

docs/about/20-vpc-landing-zone.md

@@ -0,0 +1,9 @@
+# IBM Cloud for Financial Cloud Services Framework
+
+The IBM Cloud Financial Cloud Services Framework provides comprehensive and detailed guidance to help address the needs of enterprises with regulatory compliance, security, and resiliency during the initial deployment phase and with ongoing operations.
+
+Whilst the framework was initially based on the needs of financial institutions, as its name indicates, it can be used as a starting point and baseline for meeting compliance and security for most industries.
+
+[Getting started with IBM Cloud for Financial Services](https://cloud.ibm.com/docs/framework-financial-services?topic=framework-financial-services-about)
+
+The framework provides secure [VPC reference architectures](https://cloud.ibm.com/docs/framework-financial-services?topic=framework-financial-services-vpc-architecture-about) meeting with a number of regulatory controls.

docs/about/30-deployable-arch.md

@@ -0,0 +1,21 @@
+# Deployable Architecture
+
+“Deployable Architecture” is officially defined as “Cloud automation for deploying a common architectural pattern that combines one or more cloud resources that is designed for easy deployment, scalability, and modularity.”
+
+More specifically, and concretely, from a technical perspective, “Deployable Architectures” are essentially terraform modules that are fully integrated into the IBM Cloud experience. Deployable Architecture are:
+
+- Discoverable and available through the IBM Cloud Catalog (and through IBM Cloud search)
+- Fully integrated in IBM Cloud Projects and Schematics.
+- Integrated with [IBM Cloud Risk Analyzer](https://cloud.ibm.com/docs/code-risk-analyzer-cli-plugin?topic=code-risk-analyzer-cli-plugin-cra-cli-plugin#terraform-command)
+
+In other words, it is possible for an end-user to execute the terraform automation behind a “Deployable Architecture” just from a few clicks and inputs in the IBM Cloud console.
+
+![Deployable Architecture console](../images/about-deployable-arch.png)
+
+The Landing Zone terraform module and patterns described just above have a corresponding [Deployable Architecture](https://cloud.ibm.com/docs/secure-infrastructure-vpc?topic=secure-infrastructure-vpc-overview) in IBM Cloud. In this lab, the Secure Landing Zone is consumed through the Deployable Architecture experience for ease of use, rather than using the terraform CLI against the open-source github version.
+
+IBM-maintained Deployable Architectures, like the Landing Zone Deployable Architecture:
+
+- Provide the same level of customer support as any other IBM Cloud product
+- [Come with extensive documentation](https://cloud.ibm.com/docs/secure-infrastructure-vpc?topic=secure-infrastructure-vpc-overview)
+- Are maintained and remains current over time

docs/about/40-projects.md

@@ -0,0 +1,18 @@
+# IBM Cloud Projects
+
+IBM Cloud Projects make it easy to manage Infrastructure-As-Code deployments across accounts, collaborate with team members, and maintain compliance.
+
+At its core, an IBM Cloud Project is made up of a collection of configurations that are used to manage related Infrastructure as Code (IaC) deployments (and associated resources) across accounts.
+
+As a concrete example, let’s imagine the scenario of a SRE team responsible for setting up the infrastructure supporting the web application. That SRE team wants to follow best practices and deploy the following environments, all based on the same Deployable Architecture template (but with slight configuration differences for each environment):
+
+1. A development environment – with scaled down compute resources and no audit event tracking.
+2. A staging environment – as close as possible to the production environment
+3. 2 production environments: one in America and another one in Europe.
+
+That SRE team can group configurations, and thus centralize the governance, for the 4 different environments in one single Project.
+
+Beyond the core configuration grouping capability, IBM Cloud Projects is designed with an IaC and a compliance-first approach. Projects also seemingly integrate with IBM Cloud Schematics to deploy, update, and manage the resources created by the IaC automation.
+Each project also includes tools to scan for potentially harmful resource changes, compliance, security, and cost, as well as tracking configuration versioning and governance.
+
+![IBM Cloud Projects](../about/40-projects.md)

docs/cover.md

@@ -0,0 +1,8 @@
+<img src="header.jpg">
+
+> Seamless App Deployment with<br/>
+> IBM Cloud's Secure Landing Zone
+
+_Session 2448_
+
+[Get Started](#main)

docs/index.html

@@ -0,0 +1,87 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8" />
+    <meta http-equiv="X-UA-Compatible" content="IE=edge" />
+    <meta
+      name="viewport"
+      content="width=device-width, initial-scale=1, minimum-scale=1.0, shrink-to-fit=no"
+    />
+    <title>Deploy your first application to IBM Cloud in 3 clicks | IBM TechXchange 2023</title>
+    <!-- <link rel="stylesheet" href="https://unpkg.com/docsify-themeable/dist/css/theme-simple.css" /> -->
+    <link rel="stylesheet" href="css/theme-simple.css" />
+
+    <!-- 3. Custom Theme Properties -->
+    <link rel="preconnect" href="https://fonts.googleapis.com">
+    <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+    <link href="https://fonts.googleapis.com/css2?family=IBM+Plex+Sans&display=swap" rel="stylesheet">
+    <style>
+      :root {
+        /* Reduce the font size */
+        /* --base-font-size: 14px; */
+        --base-font-family     : "IBM Plex Sans", -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol";
+
+        /* Change the theme color hue (0-360) */
+        /* --theme-hue: 325; */
+        --cover-blockquote-font-size         : var(--font-size-xxl);
+
+        --cover-max-width                    : 80%;
+        --cover-background-color             : var(--base-background-color);
+        --cover-background-image             : ;
+
+        --sidebar-width                      : 20rem;
+        --content-max-width                  : 85em;
+      }
+
+      .medium-zoom-image {
+        display: block;
+        padding: 20px;
+      }
+    </style>
+
+    <link rel="shortcut icon" type="image/jpg" href="images/favicon.svg"/>
+  </head>
+
+  <body>
+    <div id="app"></div>
+
+    <script>
+      // 4. Docsify Configuration
+      window.$docsify = {
+        name: "Seamless App Deployment with IBM Cloud's Secure Landing Zone",
+        // repo: "https://github.com/IBM-Cloud",
+        coverpage: "cover.md",
+        homepage: "README.md",
+        loadSidebar: "sidebar.md",
+        auto2top: true,
+        maxLevel: 3,
+        subMaxLevel: 2,
+
+        // 5. docsify-themeable
+        themeable: {
+          // readyTransition : false,
+          // responsiveTables: false
+        },
+
+        requestHeaders: {
+          'cache-control': 'max-age=0',
+        },
+      };
+    </script>
+
+    <!-- <script src="https://unpkg.com/docsify/lib/docsify.min.js"></script> -->
+    <script src="js/docsify.min.js"></script>
+
+    <!-- <script src="https://unpkg.com/docsify-themeable"></script> -->
+    <script src="js/docsify-themeable.js"></script>
+
+    <!-- <script src="//unpkg.com/docsify/lib/plugins/search.js"></script> -->
+    <script src="js/search.js"></script>
+
+    <!-- <script src="//unpkg.com/docsify/lib/plugins/zoom-image.min.js"></script> -->
+    <script src="js/zoom-image.min.js"></script>
+
+    <!-- <script src="//unpkg.com/docsify-pagination/dist/docsify-pagination.min.js"></script> -->
+    <script src="js/docsify-pagination.min.js"></script>
+  </body>
+</html>