Contents
Introduction
Azure is a cloud computing service provided by Microsoft. Azure is a continually expanding set of cloud services that help your organization meet your current and future business challenges. Azure gives you the freedom to build, manage, and deploy applications on a massive global network using your favorite tools and frameworks.
As we had overviewed the introduction to Azure Cloud in the previous blog, today we are going to have a look at the different parts of Azure Cloud.
So let’s go…
Azure Tenant
It refers to a dedicated instance of Azure Active Directory (Azure AD) that is automatically created when a certain organization or an app developer begins a relationship with Microsoft. This relationship begins with signing up for a Microsoft cloud service subscription, such as Microsoft 365, Azure or Microsoft Intune.
Azure AD refers to a directory that includes tenant’s users, group and applications and is used to perform identity and access management functions for tenant resources. Tenant allows an administrator to set policies on the user within the organization and the apps that the organization owns to meet their security requirements.
Each and every Azure AD Tenants are globally unique and separate from other Azure AD Tenants. These tenants have their own portrayal and organization of work and school identities, consumer identities (if its an Azure AD B2C tenant), and app registrations. An app registration inside a tenant will allow authentications only from accounts within our tenant or all tenants.
There are two types of Azure Tenants:
Single Tenant: Azure tenants that access other services in a dedicated environment are considered single tenant.
Multi-Tenant: Azure tenants that access other services in a shared environment, across multiple organizations, are considered multi-tenant.
Azure Subscription
It is a logical container into which Azure can serve any number of resources (Virtual Machines, Web Applications, Storage Accounts, etc.) that can be deployed. It serves as a single billing unit for Azure resources in that services used in Azure are billed to a subscription. An Azure subscription is linked to a single account, the one that was used to create the subscription and is used for billing purposes.
There are three main types of subscriptions available, free, pay-as-you-go, and member offers.
The free account is a subscription that provides unlimited access to Azure resources with a $200 credit that can be applied to paid products. At the end of the trial period, any Azure services created with the subscription are disabled, unless the subscription is upgraded to a paid subscription.
The pay-as-you-go subscription lets you pay for the services and resources that you use on a monthly basis. A credit or debit card must be attached to the account and billing for this account is on a monthly basis. Free Azure accounts can be converted to pay-as-you-go accounts.
The member offers from Microsoft provides reduced rates for Azure services, like MSDN Platform subscribers and Visual Studio subscribers just to name a few. These types of subscriptions offer substantial discounts over a pay-as-you-go subscription, so it is highly recommended that businesses review and take advantage of any offers for which they may qualify.
Azure Tenant Vs Azure Subscription
People sometimes use the word ‘Tenant’ instead of ‘Subscription’ or vice-versa. Let’s understand the difference between them.
Azure tenant is a directory. It is associated with a single identity (person, company, or organization) and can own one or several subscriptions.
Whereas, Azure subscription is an object that represents a "folder" that we can put resources in. Subscriptions are tied to tenants. A subscription is linked to a payment setup and each subscription will result in a separate bill. In every subscription, you can add virtual resources (VM, storage, network, ...).
So, 1 tenant can have many subscriptions, but not vice versa.
Azure Resources
Azure Resources are nothing but all the services provided by Azure, such a app service, Azure storage, Azure Active Directory, etc. It means whenever we create a new resource, we are actually creating the Azure service.
Azure Resource Groups
An Azure Resource Group is required when there is a need to group all the Azure virtual machines of related resources for an application and division for the same into groups for production and non-production, or any other organizational structure that is certainly being preferred. As the name suggests, Azure Resource Group is a container which contains the logical collection of virtual machines, storage accounts, virtual networks, web apps, databases and database servers.
Azure Resource Group Management
The Azure Resource Group Management model provides four levels of management to organize our resources as we want:
Management Groups: These groups helps us to manage access, policy and compliance for multiple subscriptions. These groups are often used for grouping subscriptions by geographical regions. All the subscriptions in this group automatically inherit the conditions applied to the management group.
Subscriptions: A subscription links the user accounts and their resources that were created by the user. Each subscription has certain limits and quotas depending upon the number of resources used and created. It is essentially a billing unit.
Resource Groups: A logical container of related virtual machine resources like databases, web apps, storage accounts, etc. are deployed and managed.
Resources: Resources are the services which we create, like virtual machines, storage, etc.
Ways to Create an Azure Resource Groups
There are several ways to create and manage an Azure Resource Group. They are:
The Azure Portal
Azure PowerShell scripts
The Azure CLI
An ARM template
How To Create Azure Resource Groups
As mentioned above, there are various ways to create and manage Azure Resource Groups. One of the simplest ways is through the Azure Portal:
1. Sign in to Azure Portal .
2. Select Resource Groups situated below Azure Services title.
3. Click on Create after getting the following interface:
4. Enter the following values:
Subscription: Select your Azure Subscription.
Resource Group: Enter a new Resource Group name.
Region: Select an Azure location, such as East US.
5. Click on Review + Create.
6. Lastly, click on Create. It will take a few seconds for a resource group to get created.
7. Select Refresh from the top menu to refresh the Resource Group list, and then select the newly created resource group to open it. You can also click on Notification (bell icon) from the top, and then select Go to Resource Group to open the newly created Resource Group.
There are other ways too for creating the same which will be defined in the upcoming blogs. Stay tuned.
Key Points of Azure Resource Groups
The Resource Group provides better control to manage the security of a group of services such as user access and resource permission, etc. so someone cannot harm the services.
Every resource in resource group can connect to the other resource group services.
We can move services from one resource group to the other.
All services located in the resource group have a similar life cycle, we can delete, update and deploy them together.
The resources and the resources groups can be in different regions. It means that if our resource group is in US region, then our service might have other deployment location such as Western Europe, etc.
Each resource group can deploy 800 services at a time
The resource group can be created using Azure Portal, Azure CLI, Azure PowerShell and Azure ARM Template.
When we delete the resource group, then all the services which are in the resource also gets deleted.