Azure Documentation Overview
This section covers deploying BigHammer and Airflow on Azure Kubernetes Service (AKS) with Workload Identity, External Secrets, and Azure Key Vault.
Quick Links
| Topic | Description |
|---|---|
| Prerequisites | Azure resources, tools, and permissions |
| Architecture | System diagrams and data flow |
| Key Vault Secrets | Required secrets reference |
| Platform Deployment | Deploy the platform on AKS |
| Airflow Deployment | Deploy Airflow on AKS |
| Scripts Reference | Install and bootstrap scripts |
| Deployment Checklist | Pre/post deployment checklist |
| External Secrets | SecretStore and ExternalSecrets |
| Troubleshooting | Common issues and fixes |
Topics Covered
- Platform & Airflow — Deploy platform and orchestration on AKS
- Workload Identity — Pod-level authentication to Azure without storing credentials
- External Secrets Operator — Sync secrets from Azure Key Vault to Kubernetes
- ClusterSecretStore — Share secrets across namespaces
- PostgreSQL — Azure Database for PostgreSQL Flexible Server
- Storage — Azure Blob Storage and CSI drivers
- TLS Certificates — Wildcard certificates from Key Vault