As we embark on day 3 of our 100daysofcloud journey on Azure with @beingwizard and @azdevindia we delve into Azure Resource Groups, Locks, Tags, etc. Here is what I have learned so far:-
An Azure resource group is a logical container that holds related Azure resources. For example, we could create a resource group for all the resources that are part of a web application, such as virtual machines, storage accounts, and databases.
Resource groups help us to organize and manage our Azure resources. They also provide a way to apply access control to our resources. For example, we could grant a user access to all the resources in a resource group, or we could grant them access to only specific resources.
By using "Tags" we can have multiple departments in the same Resource Group and bill them separately.
Benefits of Using Azure Resource Groups include:
Organization: Resource groups help us to organize our Azure resources into logical groups. This makes it easier to find and manage our resources.
Access control: Resource groups provide a way to apply access control to our resources. This helps us to ensure that only authorized users have access to our resources.
Cost management: Resource groups can help us to track the cost of our Azure resources. This information can be used to optimize our spending and identify areas where we can save money.
Deployment: Resource groups can be used to deploy Azure resources in a consistent and repeatable manner. This can help us to save time and reduce the risk of errors.
There are two types of Azure resource groups:
Regional resource groups: Regional resource groups are associated with a specific Azure region. Resources in a regional resource group must be located in the same region as the resource group.
Global resource groups: Global resource groups are not associated with a specific Azure region. Resources in a global resource group can be located in any Azure region.
Use Cases for Azure Resource Groups
Azure resource groups can be used in a variety of scenarios, including:
Let's say a company has an Azure Subscription and has allocated a budget of $50000 a month. So, they set up a Budget Alert for that total against the Subscription. The company has 4 Departments — Accounts, Manufacturing, R&D and Sales.
The R&D Section is allocated its own Resources and therefore gets its own R&D Resource Group with resources such as Virtual Machines within that. A budget of $10000 is allocated, and a Budget Alert Condition is set up in Azure against the R&D resource Group.
Applying access control to resources: We could create a resource group for all the resources that we want to grant a user access to. This would make it easier to manage the user's access to the resources.
Tracking the cost of resources: We could create a resource group for all the resources that we want to track the cost of. This would make it easier to identify areas where we can save money.
Deploying resources in a consistent and repeatable manner: We could create a resource group for all the resources that we want to deploy in a consistent and repeatable manner. This would save us time and reduce the risk of errors.
Two Levels of Lock
ReadOnly lock: A read-only lock prevents users from making any changes to the resources in the resource group. However, users can still view the resources in the resource group.
CanNotDelete lock: A CanNotDelete lock means users can read and modify the resource, but cannot delete it. Users can still view the resources in the resource group.
Azure resource group locks can be used in a variety of scenarios, including:
Preventing accidental changes to resources: We could apply a read-only lock to a resource group to prevent users from making any changes to the resources in the resource group. This could help to prevent accidental changes to the resources.
Preventing the deletion of resources: We could apply a CanNotDelete lock to a resource group to prevent users from deleting the resources in the resource group. This could help to prevent the accidental deletion of resources.
Enforcing compliance with policies: We could apply a lock to a resource group to enforce compliance with policies. For example, we could apply a lock to a resource group to prevent users from creating resources that are not compliant with our policies.
Top comments (0)