TagARM

Custom Azure RBAC Roles

Role Based Access Control is Azure’s method for setting permissions on resources to control who can manage and administer these resources. Each type of Azure resource has a number of permissions that can be set on it, and these permissions can be grouped into roles that can be applied to users or groups of users to grant rights to manage resources. Out of the box Azure comes with a large...

Dynamic ARM Templates with Inline Logic Operators

A while back I wrote an article talking about the new “Condition” option in Azure Resource Manger (ARM) templates. This was the first step into conditional logic in ARM templates and worked great where you needed to apply a  condition at the resource level. Where it fell down was where you needed a condition inside a resource, this resulted in you having to duplicate objects with...

Azure Resource Manger Snippets for VSCode

I previously wrote about using VS Code for authoring Azure Resource Manger templates, in particular about using the snippets from the cross platform toolkit to create skeletons for many ARM resources. In this post I documented the manual installation process for these snippets, as there was not a VS Code extension to install these automatically. This is no longer the case, I have recently...

Completing your automated VM deployments with the DSC VM extension

Azure Resource Manager (ARM) templates are a great resource for deploying Azure infrastructure, including virtual machines, in a declarative manner. However, using an ARM template to deploy a VM will only get you as far as having a VM deployed and the operating system installed and running. The next step is to get any applications and supporting software installed on those machines. Of course you...

Conditions in ARM Templates – The Right Way!

At this months Build conference there where lot’s of new Azure announcements and in particular lots of new features for Azure Resource Manager (ARM) templates. Ryan Jones. PM on ARM templates, did a breakout session talking about all this new functionality which is available now on channel 9. I want to focus on one of the big improvements, at least from perspective, and that is we now have...

Using Linked Templates and Conditional Logic in ARM

Microsoft have now added first class conditions to the language so this workaround is no longer required. See this article on how to use this feature. ARM Templates are a great tool for deploying complex sets of resources in Azure, however as it currently stands there is no concept of an “If” statement in a template. This can make it much more difficult to support the re-use of code...

Protecting Azure Resources with Resource Manager Locks

Resource Manager Locks provide a way for administrators to lock down Azure resources to prevent deletion or changing of a resource. These locks sit outside of the Role Based Access Controls (RBAC) hierarchy and when applied will place the restriction on the resource for all users. These are very useful when you have an important resource in your subscription which users should not be able to...

ARM Snippets for VS Code

 Since writing this article I’ve released a VS Code Extension that installs these snippets with a single click, see here.   In my previous post on using VS Code for authoring ARM templates I recommended using an ARM Snippets from the plugin gallery. However since then I have come to realise this plugin is fairly limited in the amount of plugins, and difficult to extend. Given this I...

Authoring ARM Templates in Visual Studio Code

If your writing ARM templates for Azure you’ll have found that the amount of tooling available for authoring templates is fairly limited. The default solution seems to be Visual Studio but this can be very heavyweight and resource intensive without gaining any of the real benefits of VS such as debugging. I’ve recently switched over from using Visual Studio to use Visual Studio Code...

Azure Resource Manager and Multiple NAT Rules

![](/content/images/2016/01/JsonArmNat.PNG) Back in the days of cloud services every VM created got a set of default endpoints that let in traffic for RDP and Remoting on a random port, and if you wanted ingress on other ports you just created more endpoints. In the V2 world cloud services don’t exist, and endpoints are now primary configured as inbound NAT rules on a load balancer, with...

Follow Me

Follow me on Twitter