Presentation is loading. Please wait.

Presentation is loading. Please wait.

Microsoft Azure Managing Users & Resources with Azure Resource Manager

Published byนรินทร์ศักดิ์ เก่งงาน Modified over 5 years ago

Similar presentations

Presentation on theme: "Microsoft Azure Managing Users & Resources with Azure Resource Manager"— Presentation transcript:

1 Microsoft Azure Managing Users & Resources with Azure Resource Manager

2 Module Overview Overview of Microsoft Azure Managing Users in Azure
4/5/2019 6:45 PM Module Overview Overview of Microsoft Azure Managing Users in Azure Provisioning Resources ARM Tools & Resources Azure ARM Templates © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 Overview of Microsoft Azure

4 Understanding Azure Resources
Azure resources are usage-based Office 365 is license based Azure subscription Account within Azure for a customer that can contain resources Once a subscription exists, resources can be provisioned within that subscription

5 Organizing Resources Resource Groups Tags Organize multiple resources
Commonly used for projects Ex: Corporate website might include website, database, storage, CDN & an AAD tenant Useful for billing Tags Name-value pair Can be applied to resources Max 15 tags per resource Viewing resources by tag will span across all resource groups Useful for billing or management

6 Understanding Azure Billing
All Azure resources are consumption based Pay for what you use Resources may have different rates for different usage and different regions Example: blob storage EAST US region: $0.0240/GB for first 1TB $0.0236/GB for next 49TB BRAZIL SOUTH region: $0.0326/GB for first 1TB $0.0320/GB for next 49TB

7 Resource Management: ASM & ARM
Azure Service Management (ASM) Classic model New resources added to Azure do not support this model Azure Resource Management (ARM) Current management model Enables templated provisioning of resources Both have REST APIs you can call… Directly using REST or Indirectly using web portals, PowerShell or the CLI

8 Managing Users in Azure

9 Role Based Access Control (RBAC)
Enables fine-grained access management Users & groups within a subscription’s AAD can be added to roles Roles can be applied at various levels: Subscriptions Resource Groups Resource (websites / virtual machines / etc) Built-in roles Owner: full access & can manage delegated access & membership to other roles Contributor: create & manage all types of resources, but not manage role membership Reader: can view resources, but not make any changes

10 Understanding Users in Microsoft Azure
Users within a customer’s AAD tenant must be explicitly granted permissions to manage Azure resources When partners create Azure subscriptions for customers, partner Admin Agents group assigned Azure subscription owner role for customer’s Azure subscription Partner Admin Agents can manage resources in the customer’s Azure subscription Partner can grant users in customer AAD tenant to a Azure tenant

11 CSP User Management in Microsoft Azure
CSP Subscription Role | Contributor Role | Owner Role | Reader Azure Resources Direct Subscription Azure AD Tenant Admins by default do not have managements over Azure subscriptions in their tenant. X Role | Tenant Admin X Azure AD Tenant for Contoso Subscriptions belonging to Contoso in Microsoft Azure Legend Is member of Can manage Is partner of

12 CSP User Management in Microsoft Azure
CSP Subscription Role | Contributor Role | Owner Role | Reader Azure Resources Direct Subscription Role | Tenant Admin User must be assigned role for a subscription before he/she can manage that subscription. Azure AD Tenant for Contoso Subscriptions belonging to Contoso in Microsoft Azure Legend Is member of Can manage Is partner of

13 CSP User Management in Microsoft Azure
CSP Subscription Role | Contributor Role | Owner Role | Reader Azure Resources Direct Subscription When a CSP partner creates an Azure subscription for a customer tenant, the partner Admin Agents group is automatically assigned subscription owner role. Group | Admin Agents Role | Tenant Admin Azure AD Tenant for Wingtip (CSP Partner) Azure AD Tenant for Contoso Subscriptions belonging to Contoso in Microsoft Azure Legend Is member of Can manage Is partner of

14 CSP User Management in Microsoft Azure
CSP Subscription Role | Contributor Role | Owner Role | Reader Azure Resources Direct Subscription Therefore, the partner Admin Agents group is able to manage resources in that subscription. Group | Admin Agents Role | Tenant Admin Azure AD Tenant for Wingtip (CSP Partner) Azure AD Tenant for Contoso Subscriptions belonging to Contoso in Microsoft Azure Legend Is member of Can manage Is partner of

15 CSP User Management in Microsoft Azure
CSP Subscription Role | Contributor Role | Owner Role | Reader Azure Resources Direct Subscription Partner can grant customer access to the Azure subscription by assigning customer a role to the subscription. Group | Admin Agents Role | Tenant Admin Azure AD Tenant for Wingtip (CSP Partner) Azure AD Tenant for Contoso Subscriptions belonging to Contoso in Microsoft Azure Legend Is member of Can manage Is partner of

16 DEMO Managing Users

17 Provisioning Azure Resources

18 Provisioning Azure Resources
All Azure offerings are referred to as resources Virtual Machine Storage Website Database Some resources have dependencies SQL databases need a SQL server Virtual machine needs a virtual disk in a storage account, virtual network, IP, etc Unique billing per resource, per unit & per region Resources are added to resource groups

19 ARM Tools & Resources

20 Azure Resource Explorer
Discover the ARM APIs Get API documentation Make actual API calls directly in your own subscriptions

21 DEMO Azure Resource Explorer

22 Azure CLI with ARM Command-line interface Works on Windows & cross platform Scriptable with batch script (*.bat | *.cmd) or shell script (*.sh) files

23 DEMO Azure CLI and Azure Resource Manager

24 Azure PowerShell with ARM
Windows PowerShell interface Scriptable with script (*.ps1) files

25 DEMO Azure PowerShell and Azure Resource Manager

26 Azure ARM Templates

27 Azure ARM Templates Azure based applications commonly require combination of resources Database server & database Web server, storage, etc ARM templates enables provisioned deployment in a single, coordinated operation Greatly simplifies provisioning

28 Creating Azure ARM Templates
Templates are JSON files <1MB Specify resources needed for the deployment Specify input parameters to define variability Visual Studio provides tools to assist template authoring

29 ARM Template Schema { "$schema": " "contentVersion": "", "parameters": { }, "variables": { }, "resources": [ ], "outputs": { } } /resource-group-authoring-templates

30 Provisioning Templates with PowerShell
// config variables $deployName = "Test Deployment" $RGName = "Contoso Corp Dev VM" $locname = "East US" $templateURI = " // create a new resource group & provision a virtual // machine with dependencies New-AzureRmResourceGroup –Name $RGName –Location $locName New-AzureRmResourceGroupDeployment -Name $deployName ResourceGroupName $RGName -TemplateUri $templateURI

31 Provisioning Templates with Azure CLI
// config variables $deployName = "Test Deployment" $RGName = "Contoso Corp Dev VM" $locname = "East US" $templateURI = " // create a new resource group & provision a virtual // machine with dependencies azure group create –n $RGName –l $locName azure group deployment create –n $deployName g $RGName -f $templateURI

32 Provisioning Templates with REST API: Request
HTTP PUT /subscriptions/{subscription-id} /resourcegroups/{resource-group-name} /providers/microsoft.resources /deployments/{deployment-name} ?api-version={api-version} HTTP REQUEST BODY: Includes either link to template / actual template

33 Provisioning Templates with REST API: Payload
{ "properties": { "templateLink": { "uri": "[..]/template.json", "contentVersion": " ", }, "mode": "Incremental", "parametersLink": { "uri": " }

34 Provisioning Templates with REST API: Payload
{ "properties": { "template": { // entire contents of a ARM template }

35 Get Status of Template Deployment Operations
HTTP GET /subscriptions/{subscription-id} /resourcegroups/{resource-group-name} /providers/microsoft.resources /deployments/{deployment-name} /operations ?api-version={api-version}

36 Azure ARM Quickstart Templates
Microsoft & community created templates Provision resources by changing input parameters & deploying template straight from the GitHub repo Public GitHub repository with searchable index on the Microsoft Azure site:

37 DEMO Provisioning Azure Resources with ARM Templates

38 Module Summary Overview of Microsoft Azure Managing Users in Azure
4/5/2019 6:45 PM Module Summary Overview of Microsoft Azure Managing Users in Azure Provisioning Resources ARM Tools & Resources Azure ARM Templates © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

39 4/5/2019 6:45 PM © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "Microsoft Azure Managing Users & Resources with Azure Resource Manager"

Similar presentations

SQL Server Primary SQL Server Secondary SLA 99.95 SLA High Availability Hardware and Software Windows and Linux.

SQL Server Primary SQL Server Secondary SLA SLA High Availability Hardware and Software Windows and Linux.
Power BI Sites and Mobile BI. What You Will Learn Sharing and Collaboration Introducing Power BI Exploring Power BI Features and Services Partner Opportunities.

Power BI Sites and Mobile BI. What You Will Learn Sharing and Collaboration Introducing Power BI Exploring Power BI Features and Services Partner Opportunities.
“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.

“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.
Building Android Apps with Mobile Services Speaker Name Speaker Title Speaker Company Email: Twitter:

Building Android Apps with Mobile Services Speaker Name Speaker Title Speaker Company Twitter:
MANAGE CLOUD EASILY WITH AZURE RESOURCE MANAGER

MANAGE CLOUD EASILY WITH AZURE RESOURCE MANAGER
20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.

20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.
Enabling the Cloud OS Today  New high-density Web Sites with elastic cloud scaling and complete dev-ops experiences  New rich IaaS experience for self-service.

Enabling the Cloud OS Today  New high-density Web Sites with elastic cloud scaling and complete dev-ops experiences  New rich IaaS experience for self-service.
ALL INFORMATION PRESENTED AS WELL AS ALL SESSIONS ARE MICROSOFT CONFIDENTIAL AND UNDER YOUR NON-DISCLOSURE AGREEMENT (NDA) AND\OR TECHNOLOGY PREVIEW.

ALL INFORMATION PRESENTED AS WELL AS ALL SESSIONS ARE MICROSOFT CONFIDENTIAL AND UNDER YOUR NON-DISCLOSURE AGREEMENT (NDA) AND\OR TECHNOLOGY PREVIEW.
Copyright © New Signature 2016. Who we are: Focused on consistently delivering great customer experiences. What we do: We help you transform your business.

Copyright © New Signature Who we are: Focused on consistently delivering great customer experiences. What we do: We help you transform your business.
Azure ARM Templates CLD321 Aaron Saikovski

Azure ARM Templates CLD321 Aaron Saikovski
Digital Partner of Record Overview

Digital Partner of Record Overview
1/27/2018 5:13 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

1/27/2018 5:13 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
IT06 – HAVE YOUR OWN DYNAMICS NAV TEST ENVIRONMENT IN 90 MINUTES

IT06 – HAVE YOUR OWN DYNAMICS NAV TEST ENVIRONMENT IN 90 MINUTES
Run Azure Services in your datacenter

Run Azure Services in your datacenter
Building ARM IaaS Application Environment

Building ARM IaaS Application Environment
5/21/2018 9:40 PM BRK3021 Learn about modern infrastructure roles in RDS: Next generation Windows desktop & app virtualization Clark Nicholson - Principal.

5/21/2018 9:40 PM BRK3021 Learn about modern infrastructure roles in RDS: Next generation Windows desktop & app virtualization Clark Nicholson - Principal.
Ed Wilson @Scriptingguys OMS Team 5/29/2018 1:05 PM PowerShell as a Service Managing clouds, Windows, Linux, on-premises or public with Microsoft Operations.

Ed OMS Team 5/29/2018 1:05 PM PowerShell as a Service Managing clouds, Windows, Linux, on-premises or public with Microsoft Operations.
Developing Hybrid Apps on Microsoft Azure Stack

Developing Hybrid Apps on Microsoft Azure Stack
Jeff Hollan / Kevin Lam Program Manager / Principal Program Manager- Microsoft Bringing Logic Apps into DevOps with Visual Studio and monitoring.

Jeff Hollan / Kevin Lam Program Manager / Principal Program Manager- Microsoft Bringing Logic Apps into DevOps with Visual Studio and monitoring.
Cloud Data platform (Cloud Application Development & Deployment)

Cloud Data platform (Cloud Application Development & Deployment)

Similar presentations

Ads by Google