CCA-Hosting Infrastructure
🤖 Generated with Claude Code
Co-Authored-By: Claude (noreply@anthropic.com)
Azure Resources​
| Komponente | Resource | Zweck |
|---|---|---|
| Application Gateway | TIS-PROD-CCA_Weblight-AppGw | WAF, HTTPS Termination |
| Webserver | TIS-PROD-CCAWeblight-WE-VM-POC | IIS (CCA-Online, OMDSmanager) |
| SQL Server 1 | CCA-Hosting-SQL01 | Cloud Edition Datenbanken |
| SQL Server 2 | CCA-Hosting-SQL02 | Host-It Datenbanken |
| VPN Server | TIS-PROD-CCAWebLight-WE-VM-AccessServer | OpenVPN Access Server |
| Backup Storage | Storage Accounts (Cold Tier) | SQL Backups |
Region: West Europe (alle Ressourcen)
Network Topology​
Subnets​
| Subnet | Adressbereich | Komponenten |
|---|---|---|
| DMZ | 10.42.1.0/24 | Application Gateway |
| VPN | 10.42.0.0/24 | OpenVPN Access Server |
| APP | 10.42.2.0/24 | Webserver |
| DB | 10.42.3.0/24 | SQL01, SQL02 |
Public Endpoints​
| Endpoint | IP | Zweck |
|---|---|---|
| Application Gateway | 40.114.151.227 | HTTPS Zugang (CCA-Online) |
| OpenVPN | 4.180.1.41 | VPN Zugang (CCA9) |
Network Security​
- NSGs pro Subnet konfiguriert
- WAF v2 auf Application Gateway
- SQL01 nicht via VPN erreichbar (bewusste Isolation)
- SQL02 via VPN Port-Forwarding (MSSQL 1433)
Related Documentation​
| Dokument | Inhalt |
|---|---|
| ARCHITECTURE.md | System Context, Applications, Integrationen |
| DECISIONS.md | Architecture Decision Records |
| Betriebskonzept Kap. 1 | VM-Sizing, Disk-Konfiguration, Kosten |
| Betriebskonzept Kap. 3 | NSG-Regeln, Security Details |