Azure Resource Manager- Default deployment model on Azure!
Let’s get back to a time when Azure was launched.
At that time, the Azure deployment model was ASM.
Now what is ASM?
Azure Service Manager (ASM) was the initial deployment model in Azure.
It used a classic deployment model where resources were managed individually.
In ASM, resources are managed at the individual resource level.
Resources, like virtual machines, storage accounts, and virtual networks, are managed independently.
In ASM, there is no concept of resource groups.
Now, Resources are not grouped together, it makes it challenging to manage and organize resources.
In ASM, you must manually manage dependencies between resources.
Use Case:
When deleting a virtual network, you need to remove associated virtual machines and storage accounts separately.
Templates: ASM does not have a built-in template-based deployment mechanism like ARM. It is not declarative in nature.
Shortcomings:
- Resource management was too difficult as you had to manage resources individually.
- No concept of policies to enforce your compliance rules and business standards
- No resource groups to contain resources
- Not that admin friendly.
Azure Resource Manager (ARM) was introduced by Microsoft Azure in the year 2014. This was done to fix the shortcomings of ASM.
ARM is a consistent management layer with which you interact via the portal, PowerShell, and other SDKs.
ARM has become the recommended and default deployment model for managing Azure resources.
It offers significant improvements over the previous Azure Service Manager (ASM) model, providing enhanced resource management, declarative deployments, better scalability, and improved governance capabilities.
Characteristics of Azure Resource Manager (ARM) :
Management:
Deployment Model:
Azure Resource Manager is the current and recommended deployment model for Azure. It uses a modern, declarative approach for resource deployment and management.
Scope: ARM manages resources at the resource group level.
A resource group provides unified management, policy enforcement, and role-based access control
Resource Group: Resource groups provide a logical boundary to organize and manage related resources.
Dependencies: ARM automatically manages dependencies between resources.
That means, If I delete a virtual machine, associated resources will be deleted along with that.
IAC for Azure:
Templates: ARM introduces Azure Resource Manager Templates, which are JSON files describing the desired state of the infrastructure. Templates allow for declarative and repeatable deployments, making it easier to provision and manage resources consistently.
Identity and Access Management:
Role-Based Access Control (RBAC): ARM provides granular RBAC for managing access to resources and resource groups. RBAC allows you to assign fine-grained permissions to users, groups, or applications based on their roles.
Compliance and Tracking:
Azure Policies: ARM integrates Azure Policies, which enforce specific rules and configurations on resources. Policies help maintain compliance, security, and governance across the Azure environment
Tags: ARM allows you to assign tags to resources, which are name-value pairs that help categorize and organize resources.
They are used for tracking costs, grouping of data, and applying policies across related resources.
Built on top of ARM, Azure Blueprints provides a way to automate the deployment of compliant environmentsBlueprints capture the design patterns and best practices for a specific scenario, making it easier to create consistent and compliant environments.
Conclusion:
In a nutshell, Azure Resource Manager simplifies resource management and deployment in Azure by providing a consistent and centralized approach. It offers improved visibility, control, and governance over your Azure resources, enabling you to efficiently manage your applications and infrastructure at scale.
