Resource Group deployment via ARM templates
When deploying an Azure Resource Manager (ARM) template you have to create a resource group within Azure. To deploy a template via script your script would look like the one below.
Select-AzureRmSubscription -SubscriptionId [subscriptionid] New-AzureRmResourceGroup -Name [name] -Location [location] -Force New-AzureRmResourceGroupDeployment -ResourceGroupName [name] -TemplateFile [templatefile]
In this script you explicitly create a resource group and then deploy the template to that resource group. Depending on the content of the template because there is also cross resource group deployment.
Resource group in an ARM Template
Since a couple of weeks it isn't necessary anymore to create a resource group before you deploy a template. You are now able to add the resource group creation in the template.
{ "type": "Microsoft.Resources/resourceGroups", "apiVersion": "2018-05-01", "location": "westeurope", "name": "rp-ARM-Test", "properties": {} }
The resource group is a resource that you can incorporate in a template, making it a subscription wide deployment via ARM.
At the moment it is only possible to deploy subscription wide ARM templates via the Azure CLI, PowerShell compatibility will be added shortly.(the article will be updated when it is available).
Azure CLI
Make sure you use a new version of the Azure CLI. I have run the scripts with version 2.0.44.
The script used for the deployment is shown below. I'm not certain why the "-l" is required. Normally it stands for the location but in the template you also specify a location. That location is used as the location of the resource group.
az deployment create -l [location] --template-file [template-file] --parameters @[parameters file]
Deploying resources in the Resource group
Incorporating the resource group in the template also allows you to deploy resources in this group. The example below deploys a hosting plan and a website in the resource group.
{ "$schema": "", "contentVersion": "", "parameters": { "resourceGroupName": { "type": "string" }, "location": { "type": "string" }, "hostingPlanName": { "type": "string" }, "webApp": { "type": "string" }, "skuName": { "type": "string", "defaultValue": "F1", "allowedValues": [ "F1", "D1", "B1", "B2", "B3", "S1", "S2", "S3", "P1", "P2", "P3", "P4" ] }, "skuCapacity": { "type": "int", "defaultValue": 1, "minValue": 1 } }, "variables": { }, "resources": [ { "type": "Microsoft.Resources/resourceGroups", "apiVersion": "2018-05-01", "location": "[parameters('location')]", "name": "[parameters('resourceGroupName')]", "properties": {} }, { "type": "Microsoft.Resources/deployments", "apiVersion": "2017-05-10", "name": "resourcegroupdeployment", "resourceGroup": "[parameters('resourceGroupName')]", "dependsOn": [ "[resourceId('Microsoft.Resources/resourceGroups/', parameters('resourceGroupName'))]" ], "properties": { "mode": "Incremental", "template": { "$schema": "", "contentVersion": "", "parameters": {}, "variables": {}, "resources": [ { "apiVersion": "2016-09-01", "name": "[parameters('hostingPlanName')]", "type": "Microsoft.Web/serverfarms", "location": "[parameters('location')]", "tags": { "displayName": "HostingPlan" }, "sku": { "name": "[parameters('skuName')]", "capacity": "[parameters('skuCapacity')]" }, "properties": { "name": "[parameters('hostingPlanName')]" } }, { "apiVersion": "2016-08-01", "name": "[parameters('webApp')]", "kind": "app", "type": "Microsoft.Web/sites", "location": "[parameters('location')]", "tags": { "displayName": "Website" }, "properties": { "name": "[parameters('webApp')]", "serverFarmId": "[parameters('hostingPlanName')]" }, "dependsOn": [ "[resourceId('Microsoft.Web/serverfarms', parameters('hostingPlanName'))]" ] } ], "outputs": {} } } } ], "outputs": {} }
The deployment uses the cross deployment group deployment method.
For the complete sample I have also included a parameters file.
{ "$schema": "", "contentVersion": "", "parameters": { "hostingPlanName": { "value": "gaag-web-plan-05" }, "webApp": { "value": "gaag-web-05" }, "resourceGroupName": { "value": "gaag-rg-armtest" }, "location": { "value": "westeurope" } } }
Deploying the files is done like this.
az deployment create -l westeurope --template-file 12-resourcegroup.json --parameters @12-resourcegroup.parameters.json
Subscription wide deployment
Subscription wide deployment are now a possibility with the addition of resource groups in the ARM templates. Microsoft also added other subscription wide resources:
- Policies
- Role-based access control
- Azure Security Center
More details about these resources and the deployment can be found here: