Azure Resource Manager templates ease private cloud struggles

Private cloud improves certain management capabilities, but it's difficult to control cloud applications, which often consist of multiple cloud services and resource instances. Azure is no different, though Microsoft hopes to change that with its management portal.

Azure Resource Manager (ARM) is a management portal that lets admins roll a cloud application's components -- virtual machines, storage instances, virtual networks, databases and third-party services -- into a group for easier management. Introduced in 2014, ARM lets administrators deploy, change and delete cloud app components as a single template-driven task.

ARM also works with Azure Stack, which enables administrators to build Azure Resource Manager templates for Azure PowerShell, Azure command line interface (CLI), the Azure portal, REST API, and various development tools. The portal lets administrators and developers create Azure Resource Manager templates that deploy and manage cloud apps on premises or in Azure. By comparison, traditional tools, such as Microsoft System Center, do not have native integration nor do they support Azure Stack. However, Microsoft Operations Management Suite reportedly can work with Azure Stack when OMS agents are installed.

ARM lets administrators deploy, change and delete cloud app components as a single template-driven task.

Azure and Azure Stack include networking resources -- virtual networks and load balancers – as well as other resources, such as compute and storage instances with attributes unique to the particular resource. ARM gathers resources into resource groups; organizations use these templates to build the environment. Orchestration features in Azure Resource Manager templates enable users to call any combination of Azure resources as a single task and produce a desired operating state.

ARM requires an Azure subscription, which provides access to role-based access control (RBAC) and provides a level of granular access to Azure resources. RBAC establishes roles and correlates those roles to scopes of action, resource groups or individual resources. For example, admins create an application -- or a resource that an application uses -- that only certain administrators can modify or delete to secure cloud deployments. They also can customize policies to tailor deployment behaviors, such as enforcing region limitations or naming conventions.

With ARM, admins assign advanced tracking tags to resources and resource groups. These tags organize resources and shows business leaders how much a group of Azure or Azure Stack resources costs, which is helpful for budgeting. Audit features track resource activity so admins can monitor resource use and speed troubleshooting.

ARM is an integral part of Azure and Azure Stack -- not a separate management tool such as System Center. Its APIs connect the varied interfaces, namely the Azure portal or Azure CLI, to Azure and Azure Stack. Those tools then connect to the underlying compute, storage, network and other resources and services.