Azure Managed Application
Azure Managed Application is not widely used, just to create it we must use ARM templates. Sometimes it is a must when you want to deploy a solution via Azure Marketplace. Managed Application is simply a set of Azure Resources that usually can not be managed/modify by the person who deploys it but by the creator. So it is a very useful way to distribute an application across your organization or via mentioned Azure Marketplace. You can start with this simple code:
#mf@fast-sms.net
$Subscribtion=”ed4838b9-2782-4ada-xxxx”
$tenant=”50ea0418-683d-4007-87fb-xxxx”az login –tenant $tenant
az account set -s $Subscribtionaz group create –name ManagedApp –location eastus
az storage account create –name mfmanagedapp –resource-group ManagedApp –location eastus –sku Standard_LRS –kind StorageV2
az storage container create –account-name mfmanagedapp –name appcontaineroracle –public-access blob
az storage blob upload –account-name mfmanagedapp –container-name appcontaineroracle –name “app.zip” –file “app.zip”
$groupid=$(az ad group show –group group_in_azure_ad –query objectId –output tsv)
$ownerid=$(az role definition list –name user_in_azure_ad –query [].name –output tsv)
az group create –name appDefinitionGroup –location westcentralus
$blob=$(az storage blob url –account-name mfmanagedapp –container-name appcontaineroracle –name app.zip –output tsv)
$blob
$groupid
$owneridaz managedapp definition create –name “ManagedStorageMF” –location “westcentralus” –resource-group appDefinitionGroup –lock-level ReadOnly –display-name “Managed Storage Account MF” –description “Managed Azure Storage Account MF” –authorizations “groupid:ownerid” –package-file-uri “$blob”
There is guid of group and user who will be able to manage this Managed Application.
After that you will see this app in Service catalog managed application definitions:
After that, you can deploy this managed application.
Here is an example of an application with simply Storage Account as a resource only, but you can include every resource from azure in Manage Application. If you delete deployed application the resource group that you deploy managed application will be deleted.
Please be aware that in this example the definition of Managed Application is in app.zip – that first must be uploaded to the blob storage account. Sometimes we need to know which storage account contains the definition, unfortunately, it is not visible in the portal even if you export deployment or arm definition. Fortunately, there is an API that can provide some information about this:
https://docs.microsoft.com/en-us/rest/api/managedapplications/application-definitions/get
There is an example:
{
“isEnabled”: true,
“lockLevel”: “ReadOnly”,
“displayName”: “Managed Storage Account MF”,
“description”: “Managed Azure Storage Account MF”,
“artifacts”: [
{
“name”: “ApplicationResourceTemplate”,
“type”: “Template”,
“uri”: “https://prdsapplianceprodcy01.blob.core.windows.net/applicationdefinitions/022E0_ED4838B927824ADAAD25E6C1AD689428_63FE57E899BE630776D4FAA7260442F0FAE75C86FFEA70D351AD1AA35C65199E/c1b0010866364bb4979fe7bc36bef4ce/applicationResourceTemplate.json”
},
{
“name”: “CreateUiDefinition”,
“type”: “Custom”,
“uri”: “https://management.azure.com/subscriptions/ /resourceGroups/appDefinitionGroup/providers/Microsoft.Solutions/applicationDefinitions/ManagedStorageMF/applicationArtifacts/CreateUiDefinition?api-version=2017-09-01”
},
{
“name”: “MainTemplateParameters”,
“type”: “Custom”,
“uri”: “https://management.azure.com/subscriptions/ /resourceGroups/appDefinitionGroup/providers/Microsoft.Solutions/applicationDefinitions/ManagedStorageMF/applicationArtifacts/MainTemplateParameters?api-version=2017-09-01”
}
]
},
“id”: “/subscriptions/ /resourceGroups/appDefinitionGroup/providers/Microsoft.Solutions/applicationDefinitions/ManagedStorageMF”,
“name”: “ManagedStorageMF”,
“type”: “Microsoft.Solutions/applicationDefinitions”,
“location”: “westcentralus”
}