Azure Blueprints allows an engineer or an architect to sketch a project’s design parameters. From this we can define a repeatable set of Azure resource that implements and adheres to an organization’s standards, patterns, and requirements. Azure Blueprints will help us to deploy our environment in a rapid way.
Azure Blueprint are declarative way to orchestrate the deployment of various resource templates and artifacts.
- Role Assignment
- Policy Assignment
- Azure Resource Manager Template
- Resource Groups
Define and Assign an Azure Blueprint in the portal
Before we get start we need to have following
- Valid one or more Azure Account
- Azure Management Groups
- Azure subscriptions should be allocated to relevant management group
First we need to create a Blueprint definitions form Azure Blueprint
In Azure all service search for Blueprint, Select Blueprint
Azure Blueprint
Navigate to Blueprint Definitions, click Create Blueprint
Create Blueprint
Next step give a Blueprint Name, then Definition Location specify the Management Group Blueprint assigns.
In the Artifacts we define what policies, Role Assignment, ARM Template deployment or Resource Group applies
In the first artifact, We are adding Azure Policy to apply tags to a resource group if the user did’t specify. This happens without user interaction. and we add this Policy in subscription level, therefore if anyone create resource group without tags in the subscription it add the mentioned tag without any user interaction.
Add Policy
In the next artifact, adding a Role Assignment where we will assign a users who has access to the subscription resources. We can use built in Role Assignment and custom Role assignment for this.
Next we create Resource Group t
Next we use our ARM template for the deployment. we can past the ARM JSON to the portal or select a existing JSON file from local machine.
In the template parameter section you can select parameters mentioned in the template. In this example I only use Storage Type as a parameter and specify allowed values. So when we deploy the blueprint we can specify which parameter value we should use.
Next we saved out Blueprint as a draft
After save as draft we need to publish this Blueprint as below
Next we can assign this to the subscriptions we specified in the Management Groups (Definition Location) in previous step.
After assignment complete we can see the Blueprint automate the deployment we specify. As a user/admin has less tasks to complete.
In above we can see it automate the Resource Group creation and deploy the resources to that RG and do the relevant tagging to RG.