Microsoft Azure (AZ-104): ARM Template
1 min readJun 15, 2021
Apply lock on the website
"resources": [
{
"type": "Microsoft.Web/serverfarms",
"apiVersion": "2020-12-01",
"name": "[parameters('hostingPlanName')]",
"location": "[parameters('location')]",
"sku": {
"tier": "Free",
"name": "f1",
"capacity": 0
},
"properties": {
"targetWorkerCount": 1
}
},
{
"type": "Microsoft.Web/sites",
"apiVersion": "2020-12-01",
"name": "[variables('siteName')]",
"location": "[parameters('location')]",
}Automating Azure Blob Storage access tiers
{
"rules": [
{
"name": "agingRule",
"enabled": true,
"type": "Lifecycle",
"definition": {
"filters": {
"blobTypes": [ "blockBlob" ],
"prefixMatch": [ "container1/foo", "container2/bar" ]
},
"actions": {
"baseBlob": {
"tierToCool": { "daysAfterModificationGreaterThan": 30 },
"tierToArchive": { "daysAfterModificationGreaterThan": 90 }
}
}
}
}
]
}Remember, the format of the prefixMatch is container/folder!!
Deny resource groups missing the CostCenter tag
"if": {
"allOf": [{
"field": "type",
"equals": "Microsoft.Resources/subscriptions/resourceGroups"
},
{
"field": "tags['CostCenter']",
"exists": false
}
]
},
"then": {
"effect": "deny"
} Configure windows server 2016 VM’s storage profile
"storageProfile":{
"imageReference":{
"publisher": "MicrosoftWindowsServer",
"offer": "WindowsServer",
"sku": "2016-Datacenter",
"version": "latest"
}Configure load balancer to use allowed SKUs
"if": {
"allOf": [{
"field": "type",
"equals": "Microsoft.Network/loadbalancers"
},
{
"not":{
"field": "Microsoft.Network/loadbalancers/sku.name",
"in":"[parameters('listofAllowedSKUs')]"
}
]
},
"then": {
"effect": "deny"
}
