The purpose of this contribution page will be to share our approach to deploy, update container images, and monitor Grouper. We will also share our architecture diagrams and a nifty solution to create a New Employees Grouper group.
We opted to deploy Grouper into Azure. We have an Azure ExpressRoute back to our Source of Record (Microsoft Identity Manager) and our primary provisioning target (Active Directory).
The Grouper containers run inside an Azure App Service Plan, which basically defines the resources (CPU/ memory) that are available to the App Services (which run the actual containers). Both containers send log messages to our Log Analytics workspace and performance metrics are sent to Application Insights. We have enabled Smart Detectors within Application Insights to alert us of abnormal activity via an action group; we have received a few alerts and have adjusted settings within Grouper accordingly.
Notes regarding our Azure Resources: