I'm working on a method/program that will automatically name resources according to restrictions and recommended abbrevation.
At the moment I add the restrictions in a table but it's alot of labor and annoying to maintain. Are there an API I'm missing that would allow me to retreive naming restrictions for resources in Azure?
Currently I'm using below docs:
Naming rules and restrictions for Azure resources
Recommended abbreviations for Azure resource types
Adding as an answer from our comment discussion, We don't have any REST API to pull the resource naming restriction and recommended abbreviations.
Alternatively,You can use this Azure naming tool and also you can run this as a standalone container on your local machine that is running with docker or deploy it on azure app service container as well.
Thanks to VenkateshDodda-MSFT:s comment i managed to find this file:
AzNamingTool/repository/resourcetypes.json
This contains what I was searching for. All the rules in one file that I can use to build my logic around.
Thanks!
Related
Is there an existing Azure Policy that enforces Microsoft's published, recommended Azure Naming Conventions?
One thing you can check is that you can validate resource names against specific naming patterns and forbid the creation of resources which names don’t satisfy pattern requirements.
Starting in January 2020 the Azure / azure-policy repo on GitHub is updated each time changes are deployed to Azure. At the time of this answer, none of the Built-in Azure Policies match the Recommended abbreviations for Azure resource types.
There is a generic enforce-match-pattern that is documented to "Ensure resource names match the naming pattern" but you would need to deploy with the proper naming pattern, and more likely have a specific rule to match each Resource Type and that specific naming pattern.
You might want to have a look at my private project here, which hosts Azure policies that let you enforce Microsoft's naming convention.
It's still in the early phase, so pull requests and feedback is welcome.
I want to provision resources in Azure using ARM where user can select the required input parameters like Vnet or Function app that are already provisioned.
Just like AWS have parameter types such as AWS::EC2::VPC::Id to list down the VPC available in a region. For AWS references https://aws.amazon.com/blogs/devops/using-the-new-cloudformation-parameter-types/
Is there something similar we can do in azure too.
Similar, yes, the same no... You can author a ui definition file that will allow you to restrict input. For some resources there are controls you can leverage but there's also the capability to write a control that uses semi-custom logic (that could call an Azure API to list skus for example).
This is about the ui defintion:
https://learn.microsoft.com/en-us/azure/azure-resource-manager/managed-applications/create-uidefinition-functions
And you can bundle it with a deployment template like this:
https://preview.portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FAzure%2Fazure-quickstart-templates%2Fmaster%2F100-marketplace-sample%2Fazuredeploy.json/createUIDefinitionUri/https%3A%2F%2Fraw.githubusercontent.com%2FAzure%2Fazure-quickstart-templates%2Fmaster%2F100-marketplace-sample%2FcreateUiDefinition.json
The feature is in preview right now, so you need to use preview.portal.azure.com instead of portal.azure.com but rollout will finish in a few weeks.
No, this is not possible in ARM Templates. If you would be doing managed applications with arm templates you'd have some of the pickers (very limited set), but with regular arm templates you cant do that. you can create a powershell script that would mimic that for you.
This is (now, maybe not when this question was asked?) possible by using the Microsoft.Solutions.ResourceSelector UI element.
I want to delete azure resource by service or group type. ( for example delete resource related to Virtual Machine, App Service with Application Insights or Storage etc.)
Planning to build the tool using C# or Power shell script. Please provide recommended reusable approach.
this is too generic. there can be none, best you can do is do filtering based on the resource type (so delete all of the resources of the same type, you can add resource group\tag as a filter). But in essence this is not possible. you would have to create a database where you store relationships between different resources and resource types.
Also, how do you solve conflicts? If you delete 1 thing and another thing depends on it? what if its not a hard dependency? etc.
How to configure the default type and number of VM that gets allocated in AKS cluster? Is there a way we can do this per Resource Group?
Why am I asking this? From the point of view of saving costs by default in non-prod environments and minimize human error in general to automate and streamline things as part of DevOps group.
Your solution-recipe is much appreciated.
you can use powershell\az cli\arm template\sdk's to generate AKS. either way works. you can also use third party solutions like pulumi, ansible.
all of these solutions would allow you to pass in parameters to define vm size. you can restrict those with pre-validation
I think you should check this one which has lot of information regarding your ask.
Why don't you use az aks create: https://learn.microsoft.com/en-us/cli/azure/aks?view=azure-cli-latest#az-aks-create
The PowerShell equivalent New-AzAks is not as configurable but it does allow for the definition of the node count. You can always execute cli from PowerShell if you prefer to work with PowerShell in Automation.
We have a large system built in Azure apps. It is made up of an App Service for our API and several Functions Apps for backend processing.
What's the best way to allow these apps to share configuration?
We use ARM templates currently to set up the environment variables for each app, which is fine for deploy-time, but there's nothing to keep the config in sync between the apps.
A use case might be a feature flag that controls whether a sub-system is operational. We might want this flag to be used in the API and a Functions App. At present we can manually go in and set the variable in each of the apps, but it would be easier to manage if we only had to do it in one location.
Ideally, any update to the config would be detected by Azure and trigger a restart of the service, as currently happens with the native implementation.
Is there a good, off-the-shelf, way to do this? Or will I be rolling my own with a table in a database and a lightweight function?
One way would be to use the new App Configuration service: https://learn.microsoft.com/en-us/azure/azure-app-configuration/overview.
It is meant for sharing configuration settings across components.
Note it is not meant for secrets, that's what Key Vault is for.
There is a guidance/design pattern for this from Microsoft, it can be found from here.
Best Practice in Architecture: You can use the external configuration store pattern and use a Redis Cache to share the configuration between multiple applications as described in here: https://learn.microsoft.com/en-us/azure/architecture/patterns/external-configuration-store
The approach is you can get this data from Appsettings for each environement (this can be automated in CI/CD pipeline). On first connection you store the data in RedisCache.
For senstive data: Use Keyvault to store the secrets/keys/certificates.