Resource Hirearchy

Question 1

What is Resource Hierarchy in Azure?

Answer 1

Resource Hierarchy in Azure refers to the organizational structure that allows for easier management and centralized access control of resources, including management groups, subscriptions, resource groups, and individual resources.

Question 2

What is the parent-child relationship in Resource Hierarchy?

Answer 2

The parent-child relationship means that any policies and permissions applied at higher levels (parents) of the Resource Hierarchy are automatically inherited by lower-level objects (children).

Question 3

How is Resource Hierarchy similar to file systems?

Answer 3

Resource Hierarchy in Azure is similar to file systems where each level (folder) can have child objects (subfolders) that inherit permissions from their parent. This concept applies to Azure’s management structure.

Question 4

Explain the hierarchy levels in Azure Resource Management.

Answer 4

The hierarchy levels in Azure Resource Management are:

Management groups (topmost parent)
Subscriptions
Resource groups
Individual Azure resources (children)

Question 5

Can a subscription be part of more than one management group?

Answer 5

No, a subscription can only belong to one management group. However, management groups can have multiple subscriptions assigned to them.

Question 6

How are permissions and roles inherited in Resource Hierarchy?

Answer 6

Permissions and roles assigned at higher levels (like management groups or subscriptions) are automatically inherited by lower-level objects such as resource groups and resources.

Question 7

What happens when a user is assigned an owner role at the management group level?

Answer 7

If a user is assigned an owner role at the management group level, they will have owner access to all resources within the subscriptions, resource groups, and individual resources nested under that management group.

Question 8

Give an example of policy application in Resource Hierarchy.

Answer 8

An example would be applying a policy at the management group level that restricts VM creation to a specific region. This policy would apply to all nested subscriptions, resource groups, and resources within that management group.

Question 9

What is the main takeaway regarding Azure Resource Hierarchy?

Answer 9

The main takeaway is that policies and permissions applied at higher levels cascade down to lower-level objects, ensuring consistent management and access control. Understanding the parent-child relationship and inheritance principle is crucial for effective resource management in Azure.