So, I've setup a lab environment in a azure resource group with a domain controller, sql-server and a web server. I would like to clone that whole resource group to a new one when needed and by stat I mean with everything intact. Is that possible?
I don't know of anyway to do a direct copy, but you can export a JSON template from the portal or PowerShell that will come close to giving you something you can automate. I say "close" because the feature is still in preview and some resources can't be exported.
In portal.azure.com go to:
Resource Groups > [your rg] > Settings > Export...
In PowerShell see:
Export-AzureRMResourceGroup
So, the solution I came up with was to simply creating a new Resource group, copy the template (not sysprepped) vhds to that new Resource group and creating new VMs with the vhd's attached.
I do wish that there was a "Clone resource group" button somewhere :)
To clone a resource group
1. Go to: Resource groups > [resource group to copy] > Settings (sidebar grouping) > Export template > Deploy
My resource group:
Issues on my way with solutions:
Parameter osDisk.managedDisk.id is not allowed
'Edit Template' button
Remove id field under osDisk.managedDisk
See: osDisk.managedDisk.id’ is not allowed
Disk [disk subscription] cannot be attached as the disk is already owned by VM [VM subscription]
Make the data disk snapshot
Create a new disk based on the snapshot (important: the disk name cannot be changed)
Change proper id parameter value in settings or edit parameters (under 'Edit parameters' button)
Changing property 'dataDisk.name' is not allowed.
As mentioned above. Do not change the disk name when coping the disk.
Required parameter 'adminPassword' is missing (null)."
'Edit Parameters'
Add:
"adminPassword": {
"value": null
}
'Edit Template'
Add:
"adminPassword": {
"defaultValue": null,
"type": "SecureString"
}
Set the adminPassword in settings
Check out Jeff Bow's scripts to copy / clone a resource group:
Copy-AzureRMresourceGroup.ps1
Copies Azure V2 (ARM) resources from one Azure Subscription to
another.
Unlike the Move-AzureRMresource cmdlet, this script allows
you to move between subscriptions in different Tenants and different
Azure Environments. Requires AzureRM module version 6.7 or later.
Clone-AzureRMresourceGroup.ps1
Clones Azure V2 (ARM) resources from one resource group into a new
resource group in the same Azure Subscriptions.
Requires AzureRM module version 6.7 or later.
This is intended mostly for Azure V2 virtual machines and will include
copying virtual disks, virtual network, load balancers, Public IPs and
other associated storage accounts, blob files and now managed disks.
PS suggest you upvote this Azure feedback to provide an Azure-native command, Copy resource groups:
https://feedback.azure.com/forums/281804-azure-resource-manager/suggestions/14142671-copy-resource-groups
While it doesn't look to be specifically designed for this use case, I have successfully moved RGs using Azure Resource Mover, released in 2021. Since it isn't mandatory to remove any resources from the source RG, this has worked better for me than exporting the RG JSON and redeploying, etc.
Related
All I want is to copy/recreate all the existing resources which is under resource-grp1 from a Production environment to another resource-grp2.
What would be the very easiest way to re-create the same environment in another Resource Group in the same subscription? I tried to export the resource group and downloaded. The problem is that the file “parameters.json” includes hard coded references to the original resource group name. Is there an way to do this without using Azure CLI/Powershell, only use Azure Portal
resource-grp1 contains following resources
1. 2 app service plans
2. 10 app services
3. 8 azure sql database
4. 3 NSG & vnet
5. Application Insight
6. SendGrid
6. Storage account
7. VM
You can just navigate to your Resource group > Click on Export Template from side Panel
You'll have 3 options
Download
Add to Library
Deploy
When Downloaded, the ARM Template will be saved to the local machine. This will allow for the template to be manually changed or saved somewhere for it to be retrieved for later use.
When Saving, the ARM Template will be saved to a collection accessible from “Browse > Templates” within the Azure Portal. This allows for Resource Group configurations to be saved so they can easily be redeployed later.
When Deploying, the ARM Template will be deployed to a new Resource Group. This essentially allows for the Resource Group to be “copied.” This could be useful for easily cloning a Resource Group to easily spin up a separate hosting environment with identical settings.
enter image description here
I have Downloaded the template and Imported the template using Template Deployments.
Search for Template Deployments > Build your own template in editor > Load File (Add your downloaded template after unzipping) > Save > Create
enter image description here
enter image description here
enter image description here
you can refer this site for more
If you are facing issue with Export template "The problem is that the file “parameters.json” includes hard coded references to the original resource group name" try below.
Azure portal - > Resource group -> Export Template and download the template.
After download the templates (template.json and parameters.json) files find old resource group reference and change into new resource group reference.
Deploy into other resource group:
Search Template Deployment in Azure portal search bar and click on create.
Click on Build your own template in the editor
select parameter and add updated parameters.json file
&
select resources and add updated template.file and save it.
Add subscription and Resource group which you need to deploy.
Click Create it will deploy your resources in a new resource group.
I have a consomosDB in my azure account created by a script, I want to create an ARM template to manage the resource deployment by ARM template going forward, how can I make sure that ARM template doesn't recreate/overwrite the resource as it is the first time going to be deployed using ARM template?
ARM template willnot recreate/overwrite the existing resource, if the resource is specified in the template. It will update the resource if the property values for a resource are changed. See below extract from the official document.
Resource Manager tries to create all resources specified in the template. If the resource already exists in the resource group and its settings are unchanged, no operation is taken for that resource. If you change the property values for a resource, the resource is updated with those new values. If you try to update the location or type of an existing resource, the deployment fails with an error. Instead, deploy a new resource with the location or type that you need.
In complete mode, Resource Manager deletes resources that exist in the resource group but aren't specified in the template
If you don't specify certain properties, Resource Manager interprets the deployment as overwriting those values. Properties that aren't included in the template are reset to the default values. Specify all non-default values for the resource, not just the ones you're updating
So if you want the existing resource remain intact, you can export the resource template from Azure Portal to make sure all the properties are specified and not changed.
You can also lock the resource, set the lock level to CanNotDelete or ReadOnly to keep the resource from deleted or modified. Check document Lock resources to prevent unexpected changes for more information.
To modify existing resources using ARM templates, export the template for the resource from within the Azure Portal. Then download it locally. You can then modify it to update settings for Cosmos resources. ARM templates have api-versions. This will coincide with the underlying version in PS or CLI that you used to create the Cosmos account. When modifying the ARM template you will need to note the api-version and then refer to that version Cosmos DB schema reference to ensure the properties match the api-version in the template you deployed.
When I create an AKS cluster using Azure portal I can see that new resource groups are created. It seems that I have no control over how they are named, especially the one with with "MC_" prefix. I also don't see an option to change its name when using ARM template.
In addition, if I create a cluster in customer's subscription, where I only have access to 1 resource group, I don't even see the newly created RG and can't manage it.
Is there a way to force deployment of all AKS components into a single resource group?
No, there is no way to force it at this point in time. As for the access, you should request access to that RG. No real workarounds.
Secondary resource group name can be inferred, I think, its something like:
MC_original-resource-group-name_aks-resource-name_location
it also creates OMS resource group (if you enable OMS) and Network Watcher (this can be disabled, btw, but its a provider setting). you have no control over that as well.
there is a not implemented yet nodeResourceGroup property: https://learn.microsoft.com/en-us/rest/api/aks/managedclusters/createorupdate#examples
EDIT: this is actually working right now, so the nodeResourceGroup property can be used. But it would still be a new resource group, so you would still need to request access to that group and using this property is not possible with the portal (so ARM Templates\pulumi\terraform)
I successfully moved several resources via REST API into other resource groups (using this howto) but it failed when I tried to move a WebApp and its service plan. I know there are limitations: I have to move the entire resource group and the target resource group mustn't contain a WebApp. So my target resource group is empty and my source resource group only contains the WebApp and the service plan.
As suggested in the howto, I wrote this JSON:
{
"targetResourceGroup": "/subscriptions/Subscription-B/resourceGroups/newRG",
"resources": [
"/subscriptions/Subscription-A/resourceGroups/oldRG/providers/Microsoft.Web/serverFarms/test",
"/subscriptions/Subscription-A/resourceGroups/oldRG/providers/Microsoft.Web/sites/test"
]
}
and run it via command:
armclient post https://management.azure.com/subscriptions/Subscription-A/resourceGroups/oldRG/moveResources?api-version=2015-01-01 #path/to/my/json -verbose
I get "202: accepted" in the command window and in the portal I see in both resource groups (oldRG and newRG) the info text "resources being moved" but after a minute, nothing has changed.
Edit:
When I click on "delete" in the oldRG, I see all the contained ressources: there are 4 alertrules, 1 autoscalesetting and 1 certificate.
As mentioned in the limitations, I have to move all of them. But how can I access these 3 types of ressources? I don't have their ressource ID because I don't find them when I search for them.
The certificate resource Id looks like:
/subscriptions/Subscription-A/resourceGroups/oldRG/providers/Microsoft.Web/certificates/<certificateThumbprint>
You don't have to pass in autoscale settings or alert rules.
The solution was a combination of Zain Rizvi's answer and this:
I thought it does not matter, that's why I told you the names of the both resource groups are oldRG and newRG - but actually they have the same name. That was the problem. Even if they are in different subscriptions, I wasn't able to move my resources into a resource-group with the same name as the current resource has. So I created a new empty resourcegroup (tmpRG) inside subscriptionB and moved my resources from subscriptionA\myRG to subscriptionB\tmpRG and then from subscriptionB\tmpRG to subscriptionB\myRG.
After the new model was implemented, all of my websites now belong to individual Resource Groups called "Default-Web-East" and all of my SQL databases belong to individual Resource Groups called "Default-SQL-East".
This is confusing to say the least.
I would like to rename the groups to have some semantic meaning. I would also like to group the associated SQL database and Web Site in the same Resource Group.
However, I do not see anyway to do either. Is this possible?
1) Rename the Resource Group?
2) Combine an existing SQL DB and Website together into one Resource Group?
Edit: You can't rename an Azure Resource Group.
What you can do is move your resources to a new Resource Group instead. Moving all resources in Resource Group A to Resource Group B is the poor man's rename.
Unfortunately not all resource providers let you move resources between resource groups, and some that do might have strings attached that only let you move resources under certain conditions.
For Azure Web Apps (previously called Azure Websites) you can currently only move all the websites related resources in a single invocation. That "all websites related resources" means all resource under the provider "Microsoft.Web". This includes all websites, app hosting platforms, and certificates that are in the source resource group.
Via the portal
When viewing a group's resources, you can use the "Move" tab
Clicking the "Move" tab will show something this, allowing you to choose or create a new group:
Via Azure Powershell
The easiest way to do this is to use the Move-AzureRmResource powershell cmdlet.
The command would look like this:
Get-AzureRmResource -ResourceGroupName <sourceResourceGroupName> | Move-AzureRmResource -DestinationResourceGroupName <destResourceGroupName>
source: https://azure.microsoft.com/en-us/documentation/articles/resource-group-move-resources/
Via Rest API
The other way to do this is to use the MoveResource Rest API or with the ArmClient.
Here's the API call you'll want to make:
POST https://<endpoint>/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/moveResources?api-version={api-version}
Where {resourceGroupName} is the source resource group.
I'm pretty sure the endpoint should be "https://management.azure.com", but if you use the ArmClient the tool will just take care of the endpoint for you.
Request Body:
{
"targetResourceGroup": "/subscriptions/{subscriptionId}/resourceGroups/{targetResourceGroupNameName}",
"resources":
[
"/subscriptions/{id}/resourceGroups/{source}/providers/{namespace}/{type}/{name}",
"/subscriptions/{id}/resourceGroups/{source}/providers/{namespace}/{type}/{name}"
]
}
In addition to the main answer, Azure Portal has a feature of moving the Resources that is allowed to be moved to a new Resource group.
Go to your Resource Group that has Resources you want to move to an existing or a new created Resource Group.
Select the one, multiple or all (1) Resources you want to move and click on the Move (2) bottom as shown in image. (you can select moving to Resources with in the same subscription or to another subscription) A third option if you need just to change the Region) see the the figure at the end.
It will ask you to chose which Resource Group to move to.
Note: This process might take some time, be patient. When done, you
will see that the resource disappear from the old one and will be
found in the new one. That said some resources might be restricted
from been moved to other resources.
Move (Fixing) only region