Azure Resource Manager (ARM) Template is a cloud automation API for deploying Azure resources such as VM, database, network and storage services repeatedly with little human interaction.  ARM template is a declarative language, i.e., the final state of the resource is declared in JSON file format outlining WHAT the resource should look like as compared to imperative language where each resource configuration step is outlined step by step in a process that defines HOW it should be build. ARM Template provides the ability to deploy cloud Infrastructure as Code.

ARM template syntax has six parts

  1. Schema: Location of the JavaScript Object Notation (JSON) schema file that describes the version of the template language.
  2. ContentVersion: Template version # used to document significant changes in template release
  3. Parameters: Values that are provided when deployment is executed to customize resource deployment.
  4. Variables: Values that are used as JSON fragments in the template to simplify template language expressions.
  5. Resource: Resource types that are deployed or updated in a resource group or subscription.
  6. Output: Values that are returned after deployment.

PARAMETERS

In this section parameter values such as server name, database name, login credential, network names, location & compute type are listed.

  • Define the database server login account
  • Define SQL Server and database names, server name should be all lower case
  • Define data center region, if you planning to use paired regions as primary and secondary, use allowedValues
  • Define preferred connection type
  • Define a virtual network, in this case we will be using a redefined vnet value using external id
  • Define Private DNS Zones Resource ID for private endpoint
  • Define the desired compute resource for the Azure SQL database service tier need to be deployed either in DTU or vCore.
  • Define the capacity of the database specified above either in DTU # (50, 100, 200) or vCore # (2,4). Refer to Azure SQL service tier for detail capacity (https://docs.microsoft.com/en-us/azure/azure-sql/database/service-tiers-dtu)

VARIABLES

Variables are where you define expressions to generate dynamic values. In this section, we define variables to the database tier such as (Premium, Standard, Basic, General Purpose, and Business Critical) as well as vCore hardware types such as G5, DC, M series etc…

  • Define database edition based on the Edition Parameter defined above
  • Define server external id based on the server name defined in the parameter above
“var_servers_externalid”: “[concat(‘/subscriptions/subscription-id/resourceGroups/resource-group-name/providers/Microsoft.Sql/servers/’,parameters(‘servers_name’)) ]”,

RESOURCES

In this section all the cloud resource will be define based on the parameter and variables values defined above

  • Define SQL Server with local admin & password, TLS version, Public Network Access, and Connection Policy as defined in the parameter
  • Define database properties such as service tier, location, collation etc
  • Define Private End Point
  • Define Private DNS Zone
  • Define Private DNS Zone Groups
  • Define Server level database audit properties
  • Define database level audit properties
  • Define short term backup policy
  • Define long term backup policy
  • Associate AD sysadmin account to the server

DEPLOYMENT

ARM template can be deployed through Azure Portal template, Power shell, CLI command or automated deployment tools such as Ansible and Terraform. For this exercise we will be deploying using Power shell command as below

  • Save the ARM template as JSON file “azuredeployarm.json”
  • In Power shell, connect to the Azure account
    • PS C:> Connect-AzAccount
  • Define a variable for the JSON file
    • PS C:> $templateFile = “C:\azuredeployarm.json”
  • Deploy the ARM template as below, NAME is for Deployment Name, Mode is for deployment mode as either complete or incremental. The default deployment mode is INCREMENTAL where existing resource are preserved and only new changes are deployed, if COMPELETE mode is specified existing resource will be destroyed and new resource will be created.
    • PS C:> New-AzResourceGroupDeployment -Name “ARMTemplate” -ResourceGroupName “XXXXXXXX” -TemplateFile $templateFile -Mode Incremental
  • Verify the deployment output

You can get the full ARM Template for creating Azure SQL database here

Categories: AZURETags: , , , , , , ,