Skip to content

Latest commit

 

History

History
73 lines (54 loc) · 2.55 KB

1.3. Management - Resource Groups.md

File metadata and controls

73 lines (54 loc) · 2.55 KB
Raw

Resource groups

  • Logical grouping of resources that shares the same lifecycles.
    • Resource group holds different unique resources.
    • Resource groups can contain resources that reside in different regions.
      • Location of resource group is just the meta data for the resource group.

Tags

  • Categorization / organization of resource groups for e.g. billing, management
  • E.g. Dept: IT
  • 💡 Tags are not inherited
  • ❗ Max 15 tag name/value pairs.

Locks

  • For accidental deletion or accidental changes to resources within a resource group.
  • Consists of two locks:
    • CanNotDelete
      • Authorized users can still read and modify a resource, but they can't delete the resource.
    • ReadOnly
      • Authorized users can read a resource, but they can't delete or update the resource.
      • Same as giving everyone a Reader role.
  • Locks are inherited from resources within the resource group.

IAM

  • Access control, RBAC
  • Roles are inherited
  • Role assignment: Role definition role (role, e.g. Reader) + Person/Scope/Service Principal + Scope

Policies

  • Azure entity that controls behaviors within a resource group
    • Allow you to keep compliant with corparate standards and SLAs.
    • Set in a scope with a name and definition.
      • Scope: E.g. resource group, subscription.
      • Definition: E.g. "Allow resource types"
        • Name, description, Policy (e.g. azurepolicy.rules.json), Parameters (e.g. azurepolicy.parameters.json)

Events

  • Create event subscriptions triggered by the resources group in Event Grid.

Automation Script

  • Can be added to library to be redeployed later on.
    • ❗ All resources cannot be redeployed
    • 💡 Must change the name to avoid duplicates.
  • ARM templates for resource groups can also be found on GitHub.
  • You can Add to library, or click on Deploy to deploy directly.

Moving Resources

  • You can move resources to another resource group or subscription.
  • ❗ All resources cannot be moved.
  • Ways of moving
    • Using CLI: az resource move --destination-group new-rg --id resourceid
    • In portal: Overview → Move

Alerts

  1. Target: What resource and where
  2. Criteria: What specific action
  3. Details: Who, when, where, how
  4. Action Group: Who to inform and how to inform them

Metrics

  1. Resource group: Where to look at the metric
  2. Resource type: The type of resource to look at
  3. Available metrics: What specifics about the metrics
  4. Chart: Graphic display of the metric