Understanding the Azure Hierarchy: From Tenant to Resource Groups

Chidinma OzoemenaChidinma Ozoemena
3 min read

When working with Azure, it’s essential to understand the hierarchy for organizing and managing resources effectively. Here’s a detailed breakdown:

1️⃣ Tenant:

  • Definition: The tenant is the top-level organization that encompasses everything in your Azure environment. It is essentially your Azure Active Directory (Azure AD) instance.

  • Purpose: A tenant serves as the security boundary for your organization, containing user accounts, groups, and all related resources.

  • Multiple Subscriptions: A single tenant can have multiple subscriptions under it, which helps in organizing and managing resources for different projects or departments.

    Real-Life Example: Think of the tenant as the main corporate account for a company. This account will have separate subscriptions for different branches or departments, such as HR, IT, and Marketing, all managed under the same tenant.

2️⃣ Environment:

  • Definition: Environments are sub-divisions within a tenant that separate stages like Development, Testing, and Production. They are often referred to by names such as Live Environment or Prod.

  • Purpose: Environments help maintain secure and controlled workflows by ensuring that different stages of development do not interfere with each other. They also help manage configuration settings, security policies, and compliance requirements specific to each stage.

    Real-Life Example: Imagine a software development team. They create separate environments to test their code before it goes live. The Development environment is where developers write and test new features. The Testing environment is where QA engineers test the features for bugs. Finally, the Production environment is the live version that end-users interact with.

3️⃣ Subscription:

  • Definition: A subscription is a billing entity and resource access boundary in Azure. It defines and controls access to resources and services, and it is where billing and usage details are tracked.

  • Purpose: Subscriptions help in managing budgets and access controls. Different projects or departments can have their own subscriptions to keep their resources and costs separate.

  • Access Controls: Each subscription can have specific access controls, allowing administrators to grant or restrict permissions to various users and groups.

    Real-Life Example: A company might have different subscriptions for various teams or projects. For instance, the Marketing team might have a subscription for their analytics tools, while the IT department has a separate subscription for their infrastructure needs. This way, each team can manage their own resources and budget independently.

Visualizing the Hierarchy

Here’s a simplified visualization of the Azure hierarchy:

Tenant (Azure AD Instance)
   ├── Environment (Dev)
   │     ├── Subscription (Project A)
   │     └── Subscription (Project B)
   ├── Environment (Test)
   │     ├── Subscription (Project A)
   │     └── Subscription (Project B)
   └── Environment (Prod)
         ├── Subscription (Project A)
         └── Subscription (Project B)

Conclusion

Understanding the Azure hierarchy is crucial for effectively managing and organizing your cloud resources. By leveraging tenants, environments, and subscriptions, you can ensure secure, efficient, and cost-effective operations.

0
Subscribe to my newsletter

Read articles from Chidinma Ozoemena directly inside your inbox. Subscribe to the newsletter, and don't miss out.

AzurehierarchiesCloudCloud Computing

Written by

Chidinma Ozoemena
Chidinma Ozoemena

Hey there! 😊 I’m a Cloud Security & DevOps Engineer who loves tinkering with Azure, GCP, and AWS. Always eager to learn and share, I’m here to make the cloud a safer place