Documentation: Resource Management & Organization

This document provides further details and context for the Resource Management & Organization section of the Azure Startup Checklist.

  • Define and follow a resource organization strategy

  • Why: A clear hierarchy (Management Groups -> Subscriptions -> Resource Groups) provides structure for applying policies (Azure Policy), managing access (RBAC), organizing costs, and simplifying resource discovery. Without it, environments quickly become chaotic and difficult to manage.
  • How:
    • Management Groups: Group subscriptions based on business units, geographical regions, or application lifecycle environments (e.g., Prod, Dev, Sandbox). Apply policies and RBAC at higher levels for inheritance.
    • Subscriptions: Use subscriptions as a unit of management, billing, and scale. Consider separating Production, Development/Testing, and Shared Services into different subscriptions.
    • Resource Groups: Group resources with a common lifecycle, application boundary, or deployment unit within a subscription. Resources can only exist in one resource group.
  • Resources:

  • Implement a consistent tagging strategy

  • Why: Tags are key-value pairs that add metadata to Azure resources. They are essential for cost allocation, automation, resource filtering, security boundary definition, and operational management. Inconsistent or missing tags make these tasks difficult or impossible.
  • How: Define a mandatory and recommended set of tags for your organization. Common tags include:
    • Environment (e.g., prod, dev, staging, qa)
    • ApplicationName or ServiceName
    • CostCenter or BusinessUnit
    • Owner or Team
    • ProjectCode
    • DataClassification (e.g., confidential, public) Use Azure Policy to enforce tagging requirements (e.g., require specific tags, audit for missing tags).
  • Resources: