vali_111 - Fotolia
Private cloud improves certain management capabilities, but it's difficult to control cloud applications, which often consist of multiple cloud services and resource instances. Azure is no different, though Microsoft hopes to change that with its management portal.
Azure Resource Manager (ARM) is a management portal that lets admins roll a cloud application's components -- virtual machines, storage instances, virtual networks, databases and third-party services -- into a group for easier management. Introduced in 2014, ARM lets administrators deploy, change and delete cloud app components as a single template-driven task.
ARM also works with Azure Stack, which enables administrators to build Azure Resource Manager templates for Azure PowerShell, Azure command line interface (CLI), the Azure portal, REST API, and various development tools. The portal lets administrators and developers create Azure Resource Manager templates that deploy and manage cloud apps on premises or in Azure. By comparison, traditional tools, such as Microsoft System Center, do not have native integration nor do they support Azure Stack. However, Microsoft Operations Management Suite reportedly can work with Azure Stack when OMS agents are installed.
Azure and Azure Stack include networking resources -- virtual networks and load balancers – as well as other resources, such as compute and storage instances with attributes unique to the particular resource. ARM gathers resources into resource groups; organizations use these templates to build the environment. Orchestration features in Azure Resource Manager templates enable users to call any combination of Azure resources as a single task and produce a desired operating state.
ARM requires an Azure subscription, which provides access to role-based access control (RBAC) and provides a level of granular access to Azure resources. RBAC establishes roles and correlates those roles to scopes of action, resource groups or individual resources. For example, admins create an application -- or a resource that an application uses -- that only certain administrators can modify or delete to secure cloud deployments. They also can customize policies to tailor deployment behaviors, such as enforcing region limitations or naming conventions.
With ARM, admins assign advanced tracking tags to resources and resource groups. These tags organize resources and shows business leaders how much a group of Azure or Azure Stack resources costs, which is helpful for budgeting. Audit features track resource activity so admins can monitor resource use and speed troubleshooting.
ARM is an integral part of Azure and Azure Stack -- not a separate management tool such as System Center. Its APIs connect the varied interfaces, namely the Azure portal or Azure CLI, to Azure and Azure Stack. Those tools then connect to the underlying compute, storage, network and other resources and services.
How to effectively use Azure Resource Manager
Navigate through the Microsoft Azure portal
Build and manage Windows containers in Azure
Dig Deeper on Microsoft Azure cloud services
Related Q&A from Stephen J. Bigelow
Microsoft Hyper-V on Windows comes with advanced protection schemes, including several virtualization-based security features the company introduced ... Continue Reading
The BitLocker encryption technology continues to evolve from its roots as a Windows Vista feature to protect resources both in the local data center ... Continue Reading
Some enterprises avoid the public cloud due to its multi-tenant nature and data security concerns. Learn what data separation is and how it can keep ... Continue Reading