Please enable JavaScript.
Coggle requires JavaScript to display documents.
1.1 Azure Resource Manager - Coggle Diagram
1.1 Azure Resource Manager
resource groups
Logical grouping
Life cycle
Authorization
resource group called
NetworkWatcherRG
You can ignore this resource group, it's created automatically to enable Network Watcher in Azure virtual networks.
Organizing principles
strictly by resource type
by environment (prod, qa, dev).
by department (marketing, finance, human resources).
tags
name/value pairs
department (like finance, marketing, and more)
environment (prod, test, dev)
cost center
life cycle and automation
max 50 tags for resource
for organization
for billing
for monitoring
for automation
not inherited
policies
enforce naming conventions
enforce use of azure region
enforce tags
definitions
Assignments
role-based access control (RBAC)
Access control (IAM)
Segregate duties within your team
lowest privilege level
resource lock
resource locks
Delete
: block delete
Read-only
: block edit and delete
Read-only lock on a storage account prevents all users from listing the keys. The list keys operation is handled through a POST request because the returned keys are available for write operations.
you must first remove the lock in order to perform that activity