Understanding Azure Blueprints

Azure Blueprints have the ability to create predefined templates, which allows centralised control over the behaviour permitted within tenants and an Azure subscription.

Azure Blueprints govern the Cloud platform as a whole.

There’s no longer any reason to apply individual policy objects or try to solve control issues with Role-Based Access Control (RBAC) since Blueprints scales so well.

Table of Contents

1. Defining a Blueprint

2. Creating a Blueprint

1. Defining a Blueprint

A blueprint can be composed of the following:

· Resource groups

· Policy and role assignments

· Scripts

· Templates

· Marketplace products

Where Azure Policy allows the management and allocation of a policy object, blueprints allow multiple artifacts to be grouped together. Administrators can produce and apply templates that involve control elements (such as policies) in bulk. This can benefit businesses that require strict primary control and multiple Azure subscriptions conformed to pre-determined settings.

Azure templates based on Azure Resource Manager (ARM) can also be implemented, which creates possibilities for virtually any deployment or provisioning strategy when you’re employing a blueprint. You’ll normally have one blueprint template for every subscription type.

2. Creating a Blueprint

This feature can be found in the Azure Portal under Blueprints. This allows blueprint definitions to be created and assigned.

When creating a blueprint, select Blueprint Definitions:

1. Select Create Blueprint from the top toolbar. You will be given the option of using one of the available sample templates or creating one from scratch.

2. Add a name and description to the blueprint as well as a definition location- pick a management group and, if you’d like, a subscription.

3. Click Next and choose your artifacts. The provided sample templates have some already chosen but you can add more, however, keep in mind the design effort and time included when doing this.

4. Select Save Draft to save the blueprint definition. This will not be applied anywhere yet as it’s still a draft.

5. Right-click on the blueprint definition and choose Publish Blueprint. The blueprint has now been published but is not yet assigned.

6. Right-click the published blueprint definition once again and pick Assign Blueprint

7. Since multiple blueprints with multiple versions can be created, it’s vital to monitor what’s assigned, as well as their location and time. You can clarify which version to assign and how (Don’t Lock, Do Not Delete and Read Only)
Don’t Lock: Resources are not affected through the blueprint and also aren’t protected by it. Admins can delete or alter these as they wish. This option is also the default and has the least potential for harm.
Do Not Delete: Resources can be manipulated but not deleted.
Read Only: Locks the resource, keeping the subscription and its resources in a constant, unchanging mode.

8. Some parameters must be filled in, depending on what your artifacts are.

9. After you’ve assigned the blueprint, you can evaluate the positioning process through Assigned Blueprints.

Our app, CloudClarity, can help make your cloud environment easier to visualise and more efficient. Visit our site to find out more: https://portal.cloudclarity.app/