Two years ago I had a training on MS Azure Fundamentals. Back in those days the Azure orgnizational structure was:
Account -> subscription (+Directory) -> resource group -> resource
Now I am about to refresh my knowledge and see that this was changed to
Management Group -> management group / Subscription (+ Directory) -> resource group -> resource
Was it just renamed or do I have a missleading picture of an "account" in my mind thinking that this is a encapsulating entity where I can do some major/general configuration.
What I find searching the web for information on that topic never gives an holistic overview on the interchange between all those elements:
User Account
Directory (same as AAD)
Tenant
Subscription
Did I forget something on the first levels?
Yes you are on the right track please check the below Architectural structure
Related
In an attempt to view the cost analysis at the Management group level, I am receiving the following error message:
Management group LandingZone does not have any valid subscriptions. (Request ID: 3867f325-14c1-4181-bc25-0299516c0b25)
It has the following subscriptions
Probably you have 2 directories: directory A and directory B.
You can check that if you go into your account and you have Switch Directory:
The billing of all the subscriptions in directory A are redirected into directory B or the other way around.
EDIT: In this case what you need to do is to go to Cost Management, create a view with all the subscription that are in the directory A and a view with all the subscriptions in the directory B and save.
Use that to see the totals
Recently I was provisioning a new Azure Synapse resource, which ended up creating 2 different resource groups.
I understand a resource group is basically a container for related items, fair enough but thinking about it more I am actually confused why would Azure decide to create two separate resource groups instead of just putting it all into one?
The bigger burning question I have is after creating a number of resources - Lets say each one spawns multiple resource groups.
How can I tell which resource group is a "child" or a "parent" of another?
#rodneyc8063 Thanks for updating the concern of your question. Posting your discussion in the comments as an Answer to help other community members.
As said by Daniel Mann you are getting the additional resource group because your synapse workspace is creating the managed resource group.
A managed resource group is like a container which can hold the resources required by your resource. It is created by default when your workspace is created.
You can name it if you want, else its name will be created automatically.
When you delete the Main Resource Group of your resource, then the resources inside it also will be deleted.
The managed resource group also deleted when you delete the resource(managed application).
That’s why the second resource group is deleted when you delete the first one.
As far as I know apart from this there is no relationship between them.
References:
Overview of managed applications - Azure Managed Applications | Microsoft Docs
Blog from DataSimAntics about managed resource group.
please I have deployed Azure Active Directory Domain Services Azure AD DS in my environment and added 2 VMs into this domain. When I tried to create WINDOWS failover Cluster , it failed with below error
Create computer object ggg on domain controller \aaaa.bbbb.onmicrosoft.com in organizational unit OU=AADDC Computers,DC=bbbb,DC=onmicrosoft,DC=com. Access is denied.
I've owner permissions on Subsction and hence on Azure AD DS.
Please how can I create cluster or prestage CNO in Azure AD DS .
Please I tried all permissions combinations but all failed.tried with powershell with Admin too
To resolve the error "Create computer object ggg on domain controller \aaaa.bbbb.onmicrosoft. com in organizational unit OU=AADDC Computers,DC=bbbb,DC=onmicrosoft,DC=com. Access is denied."
I suggest you try following the below steps:
Make sure to grant the user permissions while creating cluster like
below:
Active directory users and computers - > View -> Advanced features -> Right click on CNO -> Select properties -> Security tab -> Add -> Select Users, computers or groups -> click on user account -> select Ok -> Allow check box of the permissions -> Select ok.
Check whether you have granted the permissions to the OU, by following this MS Docs.
For more in detail, please refer this link : Prestage cluster computer objects in Active Directory Domain Services | Microsoft Docs.
I am trying to move all my current Azure services to my new Azure BizSpark Plus account. Following this article, there is this little note that needs to be checked before the move (see image below):
I understand that tools and scripts associated with moved resources will not work until I update them to use new resource IDs
What does this mean? Will I have to update my Azure API keys or Azure script URL in my client apps? Should I expect a downtime? How can I update the 'tools and scripts' to use the 'new resource ID'?
Note: the little exclamation mark lead back to the same article mentioned above.
Your IDs for your resources are in the format:
resource/subscriptions/[subscription id]/resourceGroups/[resource group name]/providers/Microsoft.Web/sites/[app name]/appServices
As you can see, the resource group name is part of that unique Id, so moving it to a new resource group changes that Id.
The warning is simply stating that if you currently have any tools or scripts that reference the resource using the old resource group name, they will need to be updated to the use the new Id.
We are trying to set up a Hybrid Connection from an App Service and the Azure Portal behavior is quite odd. We have done this previously from another subscription; this subscription is part of a CSP (so we can't even try doing it from the old/classic portal).
Blade prompts us to create a new resource group even though the one it defaulted to already exists. (Like it can't populate existing resource groups?)
No locations are provided when navigating to the Location pane, there's a cutoff error message:
"There are no locations available. You may not h..."
We have "owner" role on the subscription.
his subscription is part of a CSA (so we can't even try doing it from the old/classic portal).
Do you mean CSP there, as in Cloud Solution Provider? If so, the resource provider Microsoft.BizTalkServices is not yet available in CSP.
Yes, the error message and how the UI flow is handled could use some improvement.
See this for more:
https://blogs.technet.microsoft.com/hybridcloudbp/2016/06/29/list-of-azure-services-in-csp/