Azure Setup

This guide outlines a typical Azure deployment aligned with the product architecture. Adjust SKUs and regions to your compliance and latency requirements.

Architecture summary

Users → CDN (Frontend) → App Gateway / TLS → App Service (API)
                              ↓
                         Azure SQL (RLS)
                              ↓
                    Blob storage (edge snaps, optional)

Deployment steps

1. Azure SQL — Create database; run Flyway migrations from your release pipeline. Enable RLS policies per the internal runbook Backend/docs/deployment/row-level-security.md.

2. App Service — Deploy API container from ACR; configure app settings from Environment Variables. Set SQL_SERVER + SQL_DATABASE with managed identity, or DATABASE_URL for dev.

3. Frontend — Build Frontend with production API URL; deploy static assets to CDN. Set APP_BASE_URL and ALLOW_ORIGINS on the API.

4. DNS — Point cloud.monozu.io (SPA/API) and ingest.cloud.monozu.io (device ingest) to respective endpoints.

5. Observability — Configure APPLICATIONINSIGHTS_CONNECTION_STRING and log level for production.

6. Secrets — Store SECRET_KEY, OAuth secrets, and optional feed API keys in Key Vault references.

Caution

Infrastructure-as-code templates are not published in this repository snapshot. Treat this page as an architecture checklist; mirror your organization’s IaC modules for repeatable environments.

See also

• Deployment Requirements
• Environment Variables