I have read about affinity group, and it allocates the services close in the datacenter, same rack. On the other hand, the new resource groups give me easy access for managing my services related.
I want to deploy an App with a website + sql + storage, so im going to create a resource group for them, and for better performance, i also want to choose an affinity group (previously created), but i cant.
Using the portal management i can choose a affinity group but not a affinity group. And using the beta portal management i can choose a resource group but not an affinity group (affinity group no appears on Location list).
I tried using the powershell mode for managing resource groups, but the cmdlet for create a website dont have a parameter for affinity group (only have a Location).
I was wondering if in one deployment i can choose an affinity group and resource group. There is no docs for this. Or maybe resource group is a replacement for affinity groups, i dont know.
Edit: I still cant do it
PD: hahah sorry about my gramatical errors, we speak spanish here in Peru.
Here is how you can create a Resource Group that belongs to an affinity group:
From the old portal, create an affinity group (if not already
created)
From the old portal, create a cloud service and associate it with
the affinity group.
From the new portal, the cloud service is now listed under "Resource
Groups"
Now when you add a service to the Resource Group it will also be associated with the cloud service and the affinity group.
It seems like 'Cloud Services' are now called 'Resource Groups' but I can't find any documentation to confirm this.
https://azure.microsoft.com/en-us/documentation/articles/virtual-networks-migrate-to-regional-vnet/
Seems that it's less important now than before to have affinity groups.
Related
I need to get the architecture of all the resources connected in a subscription. Is there any feature where I can get the architecture of how all the resource are connected under a subscription.
In the Azure Portal, go to the Subscriptions and Select your Subscription.
Click on Resource Groups or Resources based on your need.
Resource Groups option shows you the resource groups using these filters like Location, Type, Kind, Resource Group, etc.
Resources Option shows you all the resources based on its recent activity.
But you can get the resources which are linked with that resource group or specific Azure Services using the filters option.
For example,
In Resource Groups Page, if you select No grouping option - it shows all the resource groups alphabetically/randomly.
If you select the filter as type, then it shows the resource groups according to services like:
In our organization, we have a common Azure subscription with a separate resource group for each solution. I have Owner rights for my solution's resource group, but when we create Databricks workspaces, a separate managed resource group databricks-rg-*** is created which I don't have access to. To be able to manage our Azure costs, I need to have access to the Cost analysis section of this managed resource group. What role do I need in this resource group to be able to see the costs?
To be able to manage our Azure costs, I need to have access to the Cost analysis section of this managed resource group. What role do I need in this resource group to be able to see the costs?
To see the cost, the Reader role is enough. If you want to do other operations except reading, you need the role e.g. Contributor, Owner.
This is my first project in Azure. Please avoid if any mistake. I have a user group "Azure Cross Team Contributors". I want to add it in resource group contributors by default whenever I create any resource group. I got to know there is policy, But not able to write policy rule. What would be policy rule for this scenario.
Similar thread answered on Microsoft Q&A , so updating here for broader community usage. Thank you AshishMishra and DCtheGeek for helping on the thread.
Azure Policy lets you audit the compliance of the configuration of Azure Resource Manager (ARM) properties.
In some cases, such as AKS or Guest Configuration, it can also audit configuration of Resource Provider properties. While Azure Policy can be used to audit how a role definition is defined (sample here), it isn't for applying roles to specific objects. That's the domain of Azure role-based access control (RBAC).
If you want the group "Azure Cross Team Contributors" to have access to all resource groups within a subscription, an easier alternative is to grant the role assignment at the subscription scope.
There isn't a built-in role with the name "Resource Group Contributors".
Feel free to revert back if you have any further queries. Thank you.
Some times we had deleted the 'resource group' accidentally on azure cloud, its fine that if our/your resource group does not have any deployments on it and we can create immediately newer one and will proceed our stuff, but if we had deployments on it, then its becomes major problem/task.
So can we recover Resource Group? like a recovery of Virtual machine in Azure.
You can export service configurations that belong to a resource group as JSON. Within the portal, there is an option "Export Template" under the Resource Management Navigation Group.
So can we recover Resource Group? like a recovery of Virtual machine in Azure.
Unfortunately, we have no way to recovery it, if the resource group is deleted . We could get the warning if we try to delete resource group from the azure portal. Connect to Azure support team for help maybe a way, but I don't think it could be easy for restoring.
Note : based on my understanding even if we could re-create the resource with ARM template(If we have exported the ARM template before delete), it seems that just with the same resource names with deleted resource that is not equal recovery action.
Is it possible to share a particular resource (redis cache in my case) across multiple resource group?
Resource group is just logical container. It doesn't matter in which resource group resource is. You can use resources from any resource group.
Example:
Imagine that you create App Service Plan in RG1 and Web App Service in RG2. This Web App Service can use App Service Plan from RG1.
Your redis cache could be used from any code you write, whether in the cloud, on-premises, or wherever, given proper uri + access key.
As long as you have access keys/passwords/etc. to your resources, you can use your resources no matter what resource group they're in. This includes ssh keys, vm usernames/passwords, redis cache keys, storage keys, cosmos db keys, sql database logins, etc.
The only thing access-specific, with resource groups, is granted user permissions. That is: if you add someone as a contributor to resource group A, and not to resource group B, they won't be able to manipulate the settings in resource group B via the portal or any of the Management APIs. Still, they'd be able to work with all of the resources in resource group B, assuming they had the login details / keys / etc.