Updating and deleting a deployment stack
Deployment stacks enable you to manage your Azure resources using standard processes and templates. As your application changes, so does the resources that make up the application. Adding and removing managed resources is a critical part of lifecycle management.
You completed sprint 1 and the initial deployment of the deposits application using deployment stacks. Now, you need to prepare for sprint 2 introduces new services to the application. You want to learn more about how to update and delete deployment stacks and managed resources.
In this unit, you learn how to update a deployment stack by adding resources to your Bicep file. Additionally, you learn how to delete a deployment stack and its managed resources.
Note
The commands in this unit are shown to illustrate concepts. Don't run the commands yet. You'll practice what you learn here soon.
Updating a deployment stack
As an application evolves, so does its resources. How do we update a deployment stack and its managed resources when new services and features are added? What situations require us to update a deployment stack? Adding a new resource or changing the property of an existing managed resource would require that we update the deployment stack.
Updating a stack means updating the resources defined in our ARM JSON template, Bicep file, or template spec. Once the change is made to the template file, we update the deployment stack using the appropriate command.
Let's say that our deposits application needs to add a new Azure SQL database, and we want the deployment stack to manage the database. To add the new database, we update our Bicep file to define a new Azure SQL server and database.
// Parameters
@description('The location for all resources.')
param location string = 'eastus'
@description('The name of the SQL database.')
param sqlDatabaseName string = 'sqldb-${uniqueString(resourceGroup().id)}'
@description('The password of the admin user.')
param sqlServerAdminUserName string
@description('The name of the admin user.')
@secure()
param sqlServerAdminPassword string
@description('The name of the SQL server.')
param sqlServerName string = 'sql-${uniqueString(resourceGroup().id)}'
@description('The name of the web application.')
param webApplicationName string = 'webapp-${uniqueString(resourceGroup().id)}'
// Variables
@description('The name of the app service plan.')
var appServicePlanName = 'plan-deposits'
// Resource - App Service Plan
resource appServicePlan 'Microsoft.Web/serverfarms@2023-12-01' = {
name: appServicePlanName
location: location
sku: {
name: 'F1'
capacity: 1
}
}
// Resource - Web App
resource webApplication 'Microsoft.Web/sites@2023-12-01' = {
name: webApplicationName
location: location
properties: {
serverFarmId: appServicePlan.id
}
}
// Resource - SQL Server
resource sqlServer 'Microsoft.Sql/servers@2021-11-01' ={
name: sqlServerName
location: location
properties: {
administratorLogin: sqlServerAdminUserName
administratorLoginPassword: sqlServerAdminPassword
}
}
// Resource - SQL Database
resource sqlServerDatabase 'Microsoft.Sql/servers/databases@2021-11-01' = {
parent: sqlServer
name: sqlDatabaseName
location: location
sku: {
name: 'Standard'
tier: 'Standard'
}
}
The highlighted code defines our new Azure SQL database for our deposits application. With our new resource defined, we need to update the deployment stack.
To update a deployment stack using Azure CLI, use the az stack group create command.
az stack group create \
--name stack-deposits \
--resource-group rg-depositsApplication \
--template-file ./main.bicep \
--action-on-unmanage detachAll \
--deny-settings-mode none
Note
Azure CLI does not have a dedicated command to update a deployment stack. Use the create command to update the stack.
When performing an update on the stack, you receive a message stating that the stack already exists in the current subscription. If the value of the action on unmanage parameter changes, the warning alerts you of the new values.
To verify that the stack is managing the new resources, use the az stack group show command.
az stack group show \
--resource-group rg-depositsApplication
--name stack-deposits
{
"actionOnUnmanage": {
"managementGroups": "detach",
"resourceGroups": "detach",
"resources": "detach"
},
"bypassStackOutOfSyncError": null,
"correlationId": ".",
"debugSetting": null,
"deletedResources": [],
"denySettings": {
"applyToChildScopes": false,
"excludedActions": null,
"excludedPrincipals": null,
"mode": "none"
},
"deploymentId": "/subscriptions/././rg-depositsApplication/./Microsoft.Resources/deployments/stack-deposits",
"deploymentScope": null,
"description": null,
"detachedResources": [],
"duration": "PT2M53.2734284S",
"error": null,
"failedResources": [],
"id": "/subscriptions/././rg-depositsApplication/./Microsoft.Resources/deploymentStacks/stack-deposits",
"location": null,
"name": "stack-deposits",
"outputs": null,
"parameters": {
"sqlServerAdminPassword": {
"reference": null,
"type": "securestring",
"value": ""
},
"sqlServerAdminUserName": {
"reference": null,
"type": "string",
"value": "sqladmin"
}
},
"parametersLink": null,
"provisioningState": "succeeded",
"resourceGroup": "rg-depositsApplication",
"resources": [
{
"denyStatus": "none",
"id": "/subscriptions/././rg-depositsApplication/././servers/sql-eque2jlrboltq",
"resourceGroup": "rg-depositsApplication",
"status": "managed"
},
{
"denyStatus": "none",
"id": "/subscriptions/././rg-depositsApplication/././servers/sql-eque2jlrboltq/databases/sqldb-eque2jlrboltq",
"resourceGroup": "rg-depositsApplication",
"status": "managed"
},
{
"denyStatus": "none",
"id": "/subscriptions/././rg-depositsApplication/././serverfarms/plan-deposits",
"resourceGroup": "rg-depositsApplication",
"status": "managed"
},
{
"denyStatus": "none",
"id": "/subscriptions/./resourceGroups/rg-depositsApplication/././sites/webapp-eque2jlrboltq",
"resourceGroup": "rg-depositsApplication",
"status": "managed"
}
],
"systemData": {
"createdAt": "2024-01-01T00:00:01.000000+00:00",
"createdBy": "depositsapplication@contoso.com",
"createdByType": "User",
"lastModifiedAt": "2024-01-01T00:00:01.000000+00:00",
"lastModifiedBy": "depositsapplication@contoso.com",
"lastModifiedByType": "User"
},
"tags": {},
"template": null,
"templateLink": null,
"type": "Microsoft.Resources/deploymentStacks"
}
The highlighted code shows the new Azure SQL server and Azure SQL database as managed by the deployment stack.
To update a deployment stack using Azure PowerShell, use the Set-AzResourceGroupDeploymentStack command.
Set-AzResourceGroupDeploymentStack `
-Name stack-deposits `
-ResourceGroupName rg-depositsApplication `
-TemplateFile ./main.bicep `
-ActionOnUnmanage DetachAll `
-DenySettingsMode None
To verify that the stack is managing the new resources, use the Get-AzResourceGroupDeploymentStack command.
Get-AzResourceGroupDeploymentStack `
-ResourceGroupName rg-depositsApplication `
-Name stack-deposits
Id : /subscriptions/././rg-depositsApplication/././deploymentStacks/stack-deposits
Name : stack-deposits
ProvisioningState : succeeded
resourcesCleanupAction : detach
resourceGroupsCleanupAction : detach
managementGroupsCleanupAction : detach
CorrelationId : .
DenySettingsMode : none
CreationTime(UTC) : 1/01/2024 0:00:01 AM
DeploymentId : /subscriptions/././rg-depositsApplication/././deployments/stack-deposits
Resources : /subscriptions/././rg-depositsApplication/././serverfarms/plan-deposits
/subscriptions/././rg-depositsApplication/././sites/webapp-eque2jlrboltq
/subscriptions/././rg-depositsApplication/././servers/sql-eque2jlrboltq
/subscriptions/././rg-depositsApplication/././servers/sql-eque2jlrboltq/databases/sqldb-eque2jlrboltq
Parameters :
Name Type Value
======================== ========================= ==========
sqlServerAdminUserName string "sqladmin"
sqlServerAdminPassword securestring ""
The highlighted code shows the new Azure SQL server and Azure SQL database as managed by the deployment stack.
In the next module, you work on managing resource lifecycles, including adding, updating, detaching, and deleting managed resources.
Deleting a deployment stack
Reliable resource cleanup is a key feature of deployment stacks. When you delete a deployment stack, you can also delete the managed resources, resource groups, and management groups. Using a single API call eliminates the need to understand dependencies. As with creating and updating deployment stacks, the action on unmanage parameter determines how Azure handles detached resources.
Note
In this module, we are working with resrouce group scoped deployment stacks. In this situation, the resource group is not managed by the stack. The 'delete all' value for the action on unmanage parameter doesn't detele the resource group where the stack exists. It is necessary to delete the resource group after the stack and its resources are deleted.
To delete a deployment stack using Azure CLI, use the az stack group delete command. The --action-on-unmanaged argument determines how Azure handles detached resources, resource groups, and management groups.
az stack group delete \
--name stack-deposits \
--resource-group rg-depositsApplication \
--action-on-unmanage deleteAll
To delete a deployment stack using Azure PowerShell, use the Remove-AzResourceGroupDeploymentStack command. The -ActionOnUnmanage argument determines how Azure handles detached resources, resource groups, and management groups.
Remove-AzResourceGroupDeploymentStack `
-Name stack-deposits `
-ResourceGroupName rg-depositsApplication `
-ActionOnUnmanage -DeleteAll