Microsoft Azure users will now have access to new management groups that will allow them to better organize their subscriptions and apply governance controls, while the open-source Ansible IT automation platform gains four new Azure modules and 17 enhancements to existing Azure modules.
The latest features, unveiled by Microsoft on July 31 in separate posts on the Microsoft Azure Blog, add new capabilities for enterprise Azure cloud users.
The addition of the Azure management groups, which had been in testing but are now in general availability to all customers, now allows enterprises to streamline their Azure subscriptions while also applying governance controls including Azure Policy and Role-Based Access Controls (RBAC), wrote Rich Thorn, the program manager for Azure Commercial Experiences, in a post. “All subscriptions within a management group automatically inherit the controls applied to the management group,” simplifying administration and configuration for users.
The new controls are available to Azure customers, including those with Enterprise Agreements, Certified Solution Partners, using Pay-As-You-Go accounts or any other subscription types, wrote Thorn. “This service gives all Azure customers enterprise-grade management at a large scale for no additional cost.”
The new services also allow Azure customers to group subscriptions together so they can apply a policy or RBAC role to multiple subscriptions and their related resources using only one assignment. Management groups also include capabilities to group other management groups together to form a hierarchy for improved planning and configuring. That means that policies can be set for some groups while leaving other groups without the policies.
“By using management groups, you can reduce your workload and reduce the risk of error by avoiding duplicate assignments,” wrote Thorn. “Instead of applying multiple assignments across numerous resources and subscriptions, you can apply the one assignment on the one management group that contains the target resources. This will save time in the application of assignments, creates one point for maintenance, and allows for better controls on who can control the assignment.”
Ansible 2.6 Gains 4 Azure Modules
Azure users who are also using the open-source Ansible IT automation platform to help automate their cloud deployments and provisioning are now gaining four new Azure modules, according to a post by Ken Thompson, a Microsoft senior product marketing manager for DevOps. Also added were 17 enhancements for other modules to help improve user features, he wrote. The module enhancements enable more scenarios for the deployment and management of virtual machines and networking objects, he added.
The latest modules in Ansible 2.6 allow users to natively manage Azure Kubernetes Service by creating, updating or deleting an Azure Kubernetes Service, while also allowing users to create, update, delete or get facts for any Azure resource using the Azure REST API.
The new modules are:
- azure_rm_aks – Manage a managed Azure Container Service (AKS) instance
- azure_rm_aks_facts – Get Azure Kubernetes Service facts
- azure_rm_resource – Create any Azure resource
- azure_rm_resource_facts – Generic facts of Azure resources
Also, three new tutorials are being added to the Ansible Developer Hub to help IT administrators plan and build their deployments. The new tutorials are:
- Create and configure AKS clusters: This tutorial describes how to use Ansible to create and configure an Azure Kubernetes Service cluster.
- Create and configure VMSS: This tutorial describes how to use Ansible to create and scale out a virtual machine scale set.
- Deploy app to VMSS: This tutorial explains how to deploy a Java application to an Azure virtual machine scale set (VMSS).
Engineering teams from Microsoft and Red Hat work together to develop Azure modules for the Ansible community. Users can visit the GitHub repository to make feature requests, report issues or contribute code. More details can be found at the Ansible on Azure developer hub.