In this session we will cover Azure Resource Manager (ARM) and the new capabilities it brings to managing your resources in Azure. Discover some of the considerations when moving your resources from classic mode (ASM), the tooling options you have to assist with this and some of the pitfalls you may experience if you have an existing legacy in Azure.
Gen AI in Business - Global Trends Report 2024.pdf
Azure ARM’d and Ready
1. Bring the cloud back down to earth
We are proudly sponsored by
Azure – ARM’d and Ready….
Steve Harwood
Enterprise Architect @ risual Ltd
@steeveeh
2. I’m an EA working with organisations across the UK in
helping them to understand and adopt technology – I love
cloud in particular the right sort of adoption and am also
keen on the future of AI/Cognitive Learning
Away from the world of tech I’m a first time dad to my
daughter (Maia). Also love Stoke City and a bit of
Snowboarding (although am awful)
I tweet from @steeveeh
Email me steeveeh@googlemail.com
Who Am I?
• Steve Harwood
• Microsoft Enterprise Architect @ risual Ltd
3. Agenda
What is ARM and why the discussion?
Journey from Classic to ARM
Advantages and key capabilities of ARM
Migration Considerations / Tooling
Pitfalls and Opportunities
Q&A
4. Why the discussion?
• ARM is the future of Azure, faster and more flexible
• Has new security and deployment model, and new features are only being
released on ARM
• Announced @ Build (2014) – exams updated late 2016 – so has been
around a while
• Complements DevOps which is the changing face of IT
5. So, what is ARM ?
• Azure Resource Manager (ARM) – new set of REST based APIs
• Promotes a different way of managing dependent resources
• Drive standardisation of deployment through cookie-cutter
approach, i.e. declaration not instruction
• RBAC is natively integrated into the management platform
• Logical tagging of resources
• Note, a key requirement for any cloud provider is
programmability
6. Journey from Classic to ARM…
• Azure Service Management (ASM) was original programmatic
solution into the Azure platform, first attempt, limited
• Grew organically as more services “bolted” into Azure, became
fragmented and lacked key features (e.g. groups, RBAC, rollback)
• Azure Resource Manager (ARM) acknowledged this and introduced
REST based APIs with new capabilities
• Note, ASM (v1, classic) and ARM (v2) treated separately in both
programmatic access and portals
7. Advantages and key capabilities…
• You can deploy, manage, and monitor all the resources for your solution as a group
• You can repeatedly deploy your solution throughout the development lifecycle and
have confidence your resources are deployed in a consistent state
• You can deploy faster as true parallel compared to semi-sequential in ASM
• You can manage your infrastructure through declarative templates rather than scripts.
• You can define the dependencies between resources so they are deployed in the
correct order.
• You can apply access control to all services in your resource group because Role-
Based Access Control (RBAC) is natively integrated into the management platform.
• You can apply tags to resources to logically organize all the resources in your
subscription.
• You can clarify your organization's billing by viewing costs for a group of resources
sharing the same tag.
8. Manage your infrastructure through code…
• Azure Resource Templates (JSON) used to deploy
resources to group
• Portal, PowerShell or the CLI can be used
to perform deployment
• A template is essentially a “JavaScript
Object Notation (JSON)” file
• Includes a number of elements;
parameters, variables and resources
• Template driven deployments drive consistency
and repeatability > Source Control!
9. Getting Started - Demo
• Basic knowledge of JSON required
• An editing tool, recommend Visual Studio
(Community Ed. Is free) or VSCode
• Easiest to start with an example template, - either from GitHub
or download directly from the Azure Portal and edit
• Once you have it, you can deploy direct or using PowerShell
New-AzureRmResourceGroup –Name xyz
New-AzureRmResourceGroupDeployment –TemplateFile xyz
SQL - A Website Virtual
Machines
SQL-A
Website
[SQL CONFIG] VM (2x)
DEPENDS ON SQL
DEPENDS ON SQL
SQL
CONFIG
10. Management – All about the role…
• RBAC built into the heart of ARM
• Give users the exact permissions they need
• Three roles that apply to all RBAC types
Owner, Contributor, Reader
• Remaining roles are specific to the
resource type, e.g. VM
contributor
• Can use an RG as a scope and
inheritance applies
• Old world required Sub Admin (Co-Admin)
12. Opportunities
• ExpressRoute – must be moved to ARM to be able to be used
with both deployment models, you can connect ExpressRoute to
both but it must be moved first
• Re-design your Azure tenant appropriately – opportunity to re-
think your management model, e.g. governance, RBAC, cost
centres, tagging, subscription method, billing – take it
• Re-think for cloud – IaaS v1 promoted “lift and shift” – is this
correct? Are you architecting for cloud?
13. Resources
• Azure QuickStarts https://azure.microsoft.com/en-us/documentation/templates
• ARMViz.io
• Export From Azure Web App Deployment wizard
• Visual Studio Templates (With appropriate Azure SDK version installed)
• Preview: Export Resource Group Template
https://azure.microsoft.com/en-us/documentation/articles/resource-group-authoring-templates/
http://download.microsoft.com/download/8/E/1/8E1DBEFA-CECE-4DC9-A813-
93520A5D7CFE/World%20Class%20ARM%20Templates%20-%20Considerations%20and%20Proven%20Practices.pdf
https://azure.microsoft.com/en-us/documentation/articles/resource-group-template-functions/
15. UC and Cloud Day 2017 – 9th October
• The UK’s leading community Microsoft conference focusing on
Skype for Business, Exchange, Office365, Azure and the Microsoft
Cloud
• Get-Website “www.ucday.co.uk” | Set-MailingList $true
Demo stuff that’s on GitHub
Demo getting your JSON from an existing Deployment in Azure
Open up Visual Studio and demo getting code from GitHub
Demo actually deploying some JSON using PowerShell