Azure Subscription, Resource Groups, and EGIS Instances
- Diego Cesa de Meira (Unlicensed)
EGIS Instance - A single, self-contained deployment of the Transport Canada EGIS. The set of EGIS instances may include Sandbox, Development, Test, Production Blue, and Production Green.
Azure Resource Group - An Azure resource group is a container for related Azure resources. An EGIS instance comprises a number of related Azure resources (e.g., virtual machines, a virtual network, storage accounts, etc.) unrelated to other EGIS instances. Logically, then, there should be a 1-to-1 correspondence between EGIS instances and Azure resource groups.
Note: There may be some resources that are shared among EGIS instances. For example, the Production Green and Production Blue environments may share a common set of configuration files. In these cases, the shared resources should be contained in shared resource groups.
Azure Subscription - An Azure subscription is a separately-billed container for Azure resource groups with distinct sets of permissions for each user. Different Azure subscriptions should be used for different EGIS instances, depending upon the permissions required for different users. For example, the Sandbox EGIS instance should be the most permissive for the broadest array of authorized users, to allow them to experiment with the Azure environment. The Production Green and Production Blue instances should be the most restrictive, allowing only system administrators and other privileges users the ability to make system configurations.