Loading source
Pulling the file list, source metadata, and syntax-aware rendering for this listing.
Source from repo
Assess and migrate workloads from AWS, GCP, or other clouds to Azure services.
Files
Skill
Size
Entrypoint
Format
Open file
Syntax-highlighted preview of this file as included in the skill package.
references/services/container-apps/fargate-assessment-guide.md
1# Assessment: Fargate to Container Apps2## Checklist4### 1. Container Configuration6- **CPU/Memory**: Extract from task definition and verify the requested CPU/memory fits within Azure Container Apps limits for the target environment/region7- **Container Images**: Registry location (ECR), image size, base image8- **Port Mappings**: Exposed ports and protocols9### 2. Environment & Secrets11- Static configuration values (env vars)12- Secret references: Secrets Manager ARNs → Key Vault URLs with managed identity13- Parameter Store references → App Configuration or Key Vault14- Service discovery endpoints15### 3. Networking17- VPC subnets (public vs private) → VNet integration18- Security groups → NSG rules19- Load balancer type (ALB/NLB) → Container Apps ingress (built-in HTTPS)20- Health check configuration and SSL/TLS certificates21### 4. IAM & Security23- Task role policies → Managed Identity + Azure RBAC24- ECR pull permissions → ACR role assignment (AcrPull)25- Secrets Manager access → Key Vault RBAC (recommended) or access policies for vaults still using access-policy mode26### 5. Dependencies28- **Databases**: RDS → Azure Database for PostgreSQL/MySQL/SQL29- **Cache**: ElastiCache → Azure Cache for Redis30- **Storage**: S3 → Azure Blob Storage (SDK: boto3 → azure-storage-blob)31- **Messaging**: SQS/SNS → Service Bus / Event Grid32- **Monitoring**: CloudWatch → Azure Monitor / Log Analytics (requires Log Analytics workspace on Container Apps environment)33### 6. Scaling & Performance35- Auto scaling policies (target tracking, min/max tasks)36- Request rate and latency requirements37- Actual CPU/memory usage vs allocation38## Resource Mapping40| ECS Task Definition | Container Apps Equivalent |42|---------------------|--------------------------|43| `cpu: "512"` (0.5 vCPU) | `cpu: 0.5` |44| `memory: "1024"` (MB) | `memory: 1Gi` |45| `containerPort` | `ingress.targetPort` |46| `environment` | `env` array |47| `secrets` (Secrets Manager ARN) | `secrets` with `keyVaultUrl` + `identity` |48| `logConfiguration` (awslogs) | Log Analytics (requires workspace on environment) |49| Service Auto Scaling | `scale.rules` (HTTP/CPU/memory/custom) |50## Complexity Rating52- **Low**: Single container, no VPC, standard env vars, public ingress54- **Medium**: Multiple containers, VPC with private connectivity, secrets, custom IAM55- **High**: Multi-service dependencies, VPN/Direct Connect, cross-account IAM, stateful workloads56