| Category | |
| Setting up Azure – Blog No 2 | |
| Time to Read | |
| 15 Minutes | |
| Who should read this blog? | |
| If you are thinking to onboard your services on azure, Understanding Azure hierarchy is a must. Give it first preference. |
Preface
Azure is a powerful cloud computing platform provided by Microsoft that offers a wide range of services for building, deploying, and managing applications and services. As organizations grow and deploy more resources in the cloud, it becomes increasingly important to manage and organize those resources in a structured and efficient way. Azure offers a hierarchical structure to organize resources, which is called the Azure hierarchy. In this blog, we will dive into the Azure hierarchy and discuss the role of the tenant in this hierarchy.
Azure Hierarchy
The Azure hierarchy is a structure used to organize and manage resources within the Azure platform. It consists of several levels, each of which serves a unique purpose in organizing and managing resources.
Let’s understand each level in detail. On the lowest level, there are actual services offered by Azure.
We will follow the Top-to-bottom approach to explain each constituent in the hierarchy.
Azure Tenant
The first user who creates the Azure account and uses his email address as the account address.
Along with the azure account, A Free Azure AD account with a Primary domain matching his email address will be created which will be known as a tenant. For example, if I create an azure account with my email id mail.cloudblogger@gmail.com my tenant id will be created with a Free Azure AD account with a Primary domain mailcloudblogger.onmicrosoft.com. The tenant is associated with Azure AD. As soon as an account is created a free Azure AD account is also created known as a tenant. The first user who created the account becomes the global administrator of the Azure AD and has all the power to make the changes related to the added resources under the tenant.
Role of Tenant
In the Azure hierarchy, a tenant serves as the top-level organizational boundary for Azure resources. It represents an instance of the Azure Active Directory (Azure AD) service that is used for identity and access management across Azure services. The tenant provides several key roles in the Azure hierarchy.
- Identity and Access Management:
Azure tenants provide the foundation for identity and access management in Azure. Each tenant has a unique domain name and user accounts that are used to authenticate and authorize access to Azure resources. By using Azure AD, tenants can enable single sign-on and manage access to applications and services across multiple cloud and on-premises environments.
- Subscription Management:
Azure tenants serve as the billing and ownership boundary for Azure subscriptions. Each subscription is associated with a tenant, and tenants can have multiple subscriptions. Tenants can assign roles, policies, and resource groups to subscriptions to manage access and resource allocation.
- Resource Management:
Azure tenants provide the root-level namespace for Azure resources. Resources are organized into resource groups, which are contained within subscriptions, and subscriptions are associated with tenants. Tenants can use Azure Policy to apply governance and compliance policies to resources across multiple subscriptions and resource groups.
Management Groups
Management groups are containers used to organize subscriptions and resources based on organizational structure, policies, and compliance requirements. They provide a way to manage and apply policies across multiple subscriptions. Management groups allow organizations to manage resources across multiple departments, business units, or regions in a scalable and efficient manner.
Subscription
A subscription is a logical container for Azure resources that is associated with a billing account. Each subscription can have one or more resource groups and can be assigned to management groups. Subscriptions are the foundation of the Azure hierarchy and are used to manage access control, billing, and resource management. To know more about Azure subscription
Resource groups
Resource groups are logical containers(Folders) used to organize and manage Azure resources based on functional or technical requirements. They provide a way to manage and apply policies to related resources. Resource groups can be used to organize resources based on their lifecycle, geography, or application.
Resources
Azure resources are the individual components that make up a cloud solution, such as virtual machines, databases, storage accounts, and networking components. Resources are created and managed within resource groups and are billed based on usage.
Conclusion:
The Azure hierarchy provides a structured way to organize and manage resources in a scalable and efficient manner. The tenant serves as the foundation for identity and access management, subscription management, and resource management in the Azure hierarchy. It provides a secure and scalable way to organize and manage resources in a multi-cloud environment. By effectively using the Azure hierarchy, organizations can achieve greater visibility, control, and compliance in their cloud environments.
