0

Resource Group deployment via ARM templates

Azure Resource Manager

When deploying an Azure Resource Manager (ARM) template you have to create a resource group within Azure. To deploy a template via script your script would look like the one below.

Select-AzureRmSubscription -SubscriptionId [subscriptionid]
New-AzureRmResourceGroup -Name [name] -Location [location] -Force

New-AzureRmResourceGroupDeployment -ResourceGroupName [name] -TemplateFile [templatefile]

In this script you explicitly create a resource group and then deploy the template to that resource group. Depending on the content of the template because there is also cross resource group deployment.

Resource group in an ARM Template

Since a couple of weeks it isn’t necessary anymore to create a resource group before you deploy a template. You are now able to add the resource group creation in the template.

{
  "type": "Microsoft.Resources/resourceGroups",
  "apiVersion": "2018-05-01",
  "location": "westeurope",
  "name": "rp-ARM-Test",
  "properties": {}
}

The resource group is a resource that you can incorporate in a template, making it a subscription wide deployment via ARM.

At the moment it is only possible to deploy subscription wide ARM templates via the Azure CLI, PowerShell compatibility will be added shortly.(the article will be updated when it is available).

Azure CLI

Make sure you use a new version of the Azure CLI. I have run the scripts with version 2.0.44.

The script used for the deployment is shown below. I’m not certain why the “-l” is required. Normally it stands for the location but in the template you also specify a location. That location is used as the location of the resource group.

az deployment create -l [location] --template-file [template-file] --parameters @[parameters file]

Deploying resources in the Resource group

Incorporating the resource group in the template also allows you to deploy resources in this group. The example below deploys a hosting plan and a website in the resource group.

{
  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.1",
  "parameters": {
    "resourceGroupName": {
      "type": "string"
    },
    "location": {
      "type": "string"
    },
    "hostingPlanName": {
      "type": "string"
    },
    "webApp": {
      "type": "string"
    },
    "skuName": {
      "type": "string",
      "defaultValue": "F1",
      "allowedValues": [ "F1", "D1", "B1", "B2", "B3", "S1", "S2", "S3", "P1", "P2", "P3", "P4" ]
    },
    "skuCapacity": {
      "type": "int",
      "defaultValue": 1,
      "minValue": 1
    }
  },
  "variables": {  
  },
  "resources": [
    {
      "type": "Microsoft.Resources/resourceGroups",
      "apiVersion": "2018-05-01",
      "location": "[parameters('location')]",
      "name": "[parameters('resourceGroupName')]",
      "properties": {}
    },
    {
      "type": "Microsoft.Resources/deployments",
      "apiVersion": "2017-05-10",
      "name": "resourcegroupdeployment",
      "resourceGroup": "[parameters('resourceGroupName')]",
      "dependsOn": [
        "[resourceId('Microsoft.Resources/resourceGroups/', parameters('resourceGroupName'))]"
      ],
      "properties": {
        "mode": "Incremental",
        "template": {
          "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
          "contentVersion": "1.0.0.0",
          "parameters": {},
          "variables": {},
          "resources": [
            {
              "apiVersion": "2016-09-01",
              "name": "[parameters('hostingPlanName')]",
              "type": "Microsoft.Web/serverfarms",
              "location": "[parameters('location')]",
              "tags": {
                "displayName": "HostingPlan"
              },
              "sku": {
                "name": "[parameters('skuName')]",
                "capacity": "[parameters('skuCapacity')]"
              },
              "properties": {
                "name": "[parameters('hostingPlanName')]"
              }
            },
            {
              "apiVersion": "2016-08-01",
              "name": "[parameters('webApp')]",
              "kind": "app",
              "type": "Microsoft.Web/sites",
              "location": "[parameters('location')]",
              "tags": {
                "displayName": "Website"
              },
              "properties": {
                "name": "[parameters('webApp')]",
                "serverFarmId": "[parameters('hostingPlanName')]"
              },
              "dependsOn": [
                "[resourceId('Microsoft.Web/serverfarms', parameters('hostingPlanName'))]"
              ]
            }
          ],
          "outputs": {}
        }
      }
    }
  ],
  "outputs": {}
}

The deployment uses the cross deployment group deployment method.

For the complete sample I have also included a parameters file.

{
  "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "hostingPlanName": { "value": "gaag-web-plan-05" },
    "webApp": { "value": "gaag-web-05" },
    "resourceGroupName": { "value": "gaag-rg-armtest" },
    "location": { "value": "westeurope" }
  }
}

Deploying the files is done like this.

az deployment create -l westeurope --template-file 12-resourcegroup.json --parameters @12-resourcegroup.parameters.json

Subscription wide deployment

Subscription wide deployment are now a possibility with the addition of resource groups in the ARM templates. Microsoft also added other subscription wide resources:

  • Policies
  • Role-based access control
  • Azure Security Center

More details about these resources and the deployment can be found here:

 

Related Posts

Azure DevOps Automation A couple of weeks ago the rename / rebranding of Visual Studio Team Services to Azure DevOps was announced. The rebranding is a great step forward int...
AKS (Kubernetes) and no connection could be made because the target machine acti... A client of my had an error while connecting to different resources within their Kubernetes cluster in Azure (AKS). Kubectl error On the kubectl com...
Kubernetes (AKS) attached to Azure Storage (Files) Kubernetes (AKS) can be used for many situations. For a client we needed to make files available trough a Kubernetes Pod. The files needed to be share...
Azure Managed Service Identity and Local Development Instead of storing user credentials of an external system in a configuration file, you should store them in the Azure Key Vault. Before MSI (Managed S...
The securitydata Azure resource group Most of the times companies have rules in place for managing their Azure environment. The main rules that should be in place are “Azure Policies” and ...
Point to Site VPN Client won’t install To connect an Azure App Service to a on-premise database you can make use of different solutions. Two of those solutions are: Hybrid Connection ...

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.