We'll go over some of the more important terms and fundamentals of Microsoft Azure in this post, including tenants, subscription types, resources and resource groups, and Azure object hierarchy.

The Azure Resource Manager -

Azure Resource Manager is the deployment and management service for Azure. It provides a management layer that enables you to create, update, and delete resources in your Azure account.

The following image shows the role Azure Resource Manager plays in handling Azure requests.

All capabilities that are available in the portal are also available through PowerShell, Azure CLI, REST APIs, and client SDKs.

Microsoft Azure Accounts/Tenants -

At the highest level is an Azure account, also known as a tenant or directory (these terms will be used interchangeably). An Azure account is uniquely associated with an Azure Active Directory (AAD), where user objects that access the Azure Portal exist.

An Azure tenant is free to create, and by itself is simply a container for subscriptions and AAD objects. Without a subscription, nothing can be run on an Azure account.

Each Azure tenant name has a TenantName.onmicrosoft.com domain attached to it, and tenant names must be globally unique (no other person in the world may use the same name).

Directory -

Directory has a one-to-one link with the tenant and may be thought of as your company's Azure AD instance.

Management Groups -

If your organization has many Azure subscriptions, you may need a way to efficiently manage access, policies, and compliance for those subscriptions. Management groups provide a governance scope above subscriptions.

No matter what kind of subscriptions you may have, management groups provide you with enterprise-level management at scale. However, all subscriptions within a single management group must trust the same Azure Active Directory (Azure AD) tenant.

We will discuss more about Management groups in another blog post.

Subscriptions -

Inside Management Groups there are subscriptions. Subscription is where you are billed for your resources. A single Azure tenant can contain multiple subscriptions, but each type of subscription must be contained within a single tenant.

You can create resources inside of a subscription that you buy straight from Microsoft or through an Azure reseller. Every resource you use within a subscription will be listed in the monthly Azure invoice. Your bill is zero if you don't use any resources and don't consume anything.

Directly purchased Microsoft subscriptions are typically Free, Pay-as-you-go, A, CSP, or Sponsored.

1. Free -

This is a temporary subscription that you can get from azure.com to experiment with Azure for a short while and use up to $200 in resources.

2. Pay-as-you-go -

You must provide a credit card when you sign up to utilize Azure at www.azure.com. Any resources used inside of your subscription will be invoiced automatically every month at Azure's list prices using the agreed-upon payment method.

3. EA (Enterprise Agreement) -

A direct volume licence arrangement between your customer and Microsoft, which is renegotiated every few years with annual "True Ups". As part of this EA, the customer will have made a financial commitment for a specific amount of Azure consumption and will be able to use the subscription's resources up to this level. At the time of the customer's True Up with Microsoft, any overages will be adjusted.

4. CSP -

If you are a Direct CSP with Microsoft, you can set up an Azure CSP subscription inside of either your own tenant or the tenant of your client. Microsoft will charge you at your discounted reseller rate for the usage (i.e. consumption) inside of this kind of subscription, and you will then charge your client. This is One of the most versatile and powerful Azure subscription kinds.

5. Sponsored –

Microsoft may offer you a sponsored Azure subscription that you may use to practice your Azure skills, give customer demos, and use internally if you are a member of the Microsoft Partner Network (MPN) and have Silver or Gold competencies. Each subscription will have a certain financial limit, and you'll need to add a credit card to be utilized if the predetermined restrictions are exceeded.

Globally unique IDs (GUID) are linked to subscriptions. They also have a friendly name that you can give them; it's not required that it be special. In fact, you are allowed to have subscriptions within of the same tenancy with the same friendly name. To make things simpler to handle, try giving each of your subscriptions a logical, distinct name.

Microsoft Azure Resource Groups -

Below the Azure subscription are resource groups (RG). These are logical groupings of resources in Azure that allow you to easily view and manage sets of resources associated with a single function. The resource group can include all the resources for the solution, or only those resources that you want to manage as a group. You decide how you want to allocate resources to resource groups based on what makes the most sense for your organization.

A subscription may contain several resource groups, but each resource group may only be a member of one subscription. Resource group names do not have to be globally unique, but must be unique within a single subscription.

When defining your resource group, there are some important factors to consider.

1. All the resources in your resource group should share the same lifecycle. You deploy, update, and delete them together. If one resource, such as a server, needs to exist on a different deployment cycle it should be in another resource group.

2. Each resource can exist in only one resource group.

3. You can add or remove a resource to a resource group at any time.

4. You can move a resource from one resource group to another group.

5. The resources in a resource group can be located in different regions than the resource group.

6. You can apply tags to a resource group.

7. A resource can connect to resources in other resource groups.

8. When you delete a resource group, all resources in the resource group are also deleted.

9. You can deploy up to 800 instances of a resource type in each resource group.

10. Some resources can exist outside of a resource group. These resources are deployed to the subscription, management group, or tenant. Only specific resource types are supported at these scopes.

Azure Resources -

Finally, resources are created inside of a resource group. A resource is a manageable item that is available through Azure. Virtual machines, storage accounts, web apps, databases, and virtual networks are examples of resources. Resource groups, subscriptions, management groups, and tags are also examples of resources.

There are billable and non-billable resources. Billable resources have a Meter attached to them that runs while the resource is provisioned.

Hopefully, these Microsoft Azure fundamental terms have made sense to you.

Thank you for reading!

*** Explore | Share | Grow ***