Resource Groups, Resource Providers and Resources
- Resource Group: In Azure Subscriptions will have collection of Resource Groups which hold resources
- Resource: This is what we create using Azure Services
- Resource Providers: Resource Provider in Azure is Registered in Subscription which creates resources. Refer Here for the Resource Provider and types official docs.
- Refer Here for the mapping between Azure Services and Resource Providers
- Refer Here for all the resource providers and supported operations. Refer Here for sample operations of Network.
- Authorization to the user can be applied at
- subscription level:
- The same policy gets inherited for Resource groups and Resources
- Resource Group:
- This is generally done to override the policies at subscription level
- This policy gets applied to Resources in Resource Group
- Resource:
- Any specific permissions at Resource Level can be added
- subscription level:
Users in Azure
- Every tenant has an id and primary domain name
- The user created in Azure will have login
<username>@<primary-domain-name> - Create a user in Azure
- Now lets login into Azure. Open a new browser session
- This new user is not linked to any authorizations at any level (subscription/Resourcegroup/resource)
- Now lets give some permission at subscription level to this new user
- A role of reader is added to subscription level
- Resource Groups and Resources get the inherited Reader role by default, as we applied Reader at subscription level.
Note:
- Azure Account Creation Refer Here
- Watch Cloud Essentials videos from 1 to 7 Refer Here
