100% Free Forever
AI-Powered Learning
Industry Expert Content
Certificates & Badges
Learn At Your Own Pace
Cloud

Azure Resource Manager

By Microsoft

IntermediateService12K learners

Azure Resource Manager (ARM) is the deployment and management layer of Microsoft Azure that lets users create, update, and delete resources through consistent JSON templates, role-based access control, and resource groups.

Definition

Azure Resource Manager (ARM) is the deployment and management layer of Microsoft Azure that lets users create, update, and delete resources through consistent JSON templates, role-based access control, and resource groups.

Overview

Every request made against Azure — whether from the portal, the CLI, PowerShell, or an SDK — passes through Azure Resource Manager. ARM is the control plane that authenticates the request, applies Azure Active Directory permissions and policies, and routes it to the right resource provider, giving Azure a single consistent management API regardless of which tool triggered the action. ARM templates are declarative JSON documents (or the newer Bicep language, which compiles to ARM JSON) that describe a set of resources and their configuration. Resources are organized into resource groups, which act as a logical container for lifecycle management: deleting a resource group deletes everything inside it, which is useful for tearing down entire test environments in one step. ARM also evaluates dependencies between resources automatically, so a virtual network is created before the subnet that needs it, without the author having to sequence operations by hand. Beyond provisioning, ARM enforces governance through Azure Policy and role-based access control (RBAC), letting organizations restrict which resource types or regions a team can use and who can modify them. It plays the same role in Azure that AWS CloudFormation plays in AWS and Google Cloud Deployment Manager plays in GCP — teams working across multiple clouds often use Terraform instead so they can manage all three with one tool.

Key Features

  • Single control plane and consistent API used by the portal, CLI, PowerShell, and SDKs
  • Declarative ARM JSON templates, or Bicep for a more concise authoring syntax
  • Resource groups provide a logical container for lifecycle and permission management
  • Automatic dependency resolution between resources in a deployment
  • Built-in role-based access control (RBAC) and Azure Policy enforcement
  • Tagging support for cost allocation, ownership, and organization at scale
  • Incremental and complete deployment modes for controlling how updates are applied

Use Cases

Deploying multi-resource Azure environments consistently across dev, test, and production
Enforcing organizational guardrails on allowed resource types, SKUs, and regions
Tearing down entire temporary environments by deleting a single resource group
Auditing who changed what through ARM's integration with Azure Activity Log
Standardizing landing zones across subscriptions in a large enterprise
Managing infrastructure as code alongside application code in CI/CD pipelines

Frequently Asked Questions

From the Blog