Azure Cloud Hierarchy

Published by admin on

Azure Cloud Hierarchy

Cloud governance is the rules, policies, and practices that help run an organization’s environment. This set of conditions helps an organization remain organized in several ways, from creating logical separations of resources across different departments to tracking costs in a more orderly manner to ensuring correct authorization and accessibility of user permissions. Azure splits up its governance hierarchy as such: 

  • Root Management Group 
    • Single top-level management group to set global policies
  • Management Groups
    •  Containers that help manage access, policy, and compliance across subscriptions
  • Subscriptions
    • Containers that help manage groups of related resources
  • Resource Groups 
    • Containers that help manage related resources
  • Resource 
    • Azure features like apps, databases, virtual machines, virtual private networks, etc. 

Example

ZCloud is a cloud consulting company that is using Azure to host its web app and database full of survey responses.

ZCloud utilizes Azure solely for this task so the administrator sets a global policy through the Root Management Group that only allows for the Web App, Azure NoSQL, Azure MySQL, and other strictly app deployment resources to be created.

Next, given that it’s good practice to keep track of what works and what doesn’t, the administrator creates two management groups: one for production and one for development.

In the Production management group (PDM), there is only one subscription, with two resource groups: one containing the Web App and one containing a MySQL database.

ZCloud has also been testing out NoSQL databases to see if they better suit its database needs. To the Development management group we go! Here exist two subscriptions. The first subscription contains two resource groups, similar to the PDM: one that contains just the Web App and another that contains databases, but in this case NoSQL databases. There are A LOT of survey responses and NoSQL databases tend to work better when scaling out and creating new instances. However, Azure places a quota on the number of resources per type per resource group so, in order to scale out, the second subscription is created with another resource group with even more NoSQL databases.

With this, ZCloud has a solid organizational structure for its Azure environment!

Categories: Cloud

0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

Related Posts

Cloud

Azure RBAC/ABAC

Azure RBAC/ABAC Role-Based Access Control (RBAC) Role-Based Access Control (RBAC) is a key aspect of Azure Identity and Access Management and allows roles to be assigned to users to determine their permissions across different cloud Read more…

Cloud

Azure Policy

Azure Policy An Azure policy is a rule that can be placed across management groups, resource groups, and resources to ensure that each respective environment is compliant with the organization’s standards. This means that real-time Read more…

Cloud

Passing the AZ-900

Passing the AZ-900 The Azure Fundamentals exam, or AZ-900, is Microsoft’s introductory certification into the world of the Azure cloud platform. Preparing for it gives one an overview of several key cloud computing concepts and Read more…

css.php