Navigation
OperationsUpdated July 3, 2026

Resource Group Management

sopazureresource-groupinfrastructureoperationsepicknowledge-transfer

Azure Resource Group Management

1. Purpose

This SOP outlines the management, maintenance, and operational procedures for the Azure Resource Group used in the Epic Test NPD Prod environments (West US 3, Central US and East US regions).


2. Scope

This document applies to all team members responsible for operating, maintaining, and auditing resources within the specified resource group.


3. Example Resource Group Details

PropertyValue
Resource Group Nameepic-rg
RegionWest US 3 (wus3)
Existingtrue
CanNotDelete Lockfalse
Tags{}

4. Resource Group Lifecycle

a. Creation

  • The resource group already exists (existing: true).
  • Ensure all resources deployed to this group comply with organizational naming and tagging standards.

b. Locks

  • CanNotDelete_Lock: Not enabled (false).
    • Implication: Resources in this group can be deleted if required.
    • Action: Ensure deletion actions are authorized and documented.

c. Tags

  • No tags currently applied in this piece of code.
    • Action: Add tags for environment, owner, cost center, and purpose as per organizational policy.

5. Operational Procedures

a. Resource Management

  • Adding Resources:
    • Deploy only necessary resources for Epic Test NPD workloads.
    • Follow approved deployment pipelines.
  • Deleting Resources:
    • Confirm with owner before deleting any resource.
    • Document deletion activity in change log.
  • Modifying Resources:
    • Make changes via approved change requests.

b. Access Control

  • Assign least privilege access to users.
  • Review access and permissions quarterly.

c. Lock Management

  • Periodically evaluate the need for a delete lock to prevent accidental deletion.
  • If required, enable CanNotDelete lock and update SOP.

d. Tagging

  • Apply tags such as:
    • environment: Test
    • Owner: <owner_name>
    • CostCenter: <cost_center>
    • Purpose: Epic Test NPD
  • Review and update tags quarterly.

6. Monitoring and Compliance

  • Set up Azure Policy to enforce resource standards.
  • Monitor resources for compliance and cost optimization.
  • Perform quarterly reviews.

7. Incident Management

  • Report any unauthorized changes or deletions to the cloud operations manager.
  • Restore deleted resources from backup if possible.
  • Document all incidents and remediation steps.

8. Audit and Review

  • Audit resource group configuration and activity logs quarterly.
  • Review and update SOP annually or as changes occur.

9. Contacts

  • Resource Group Owner: [Add owner name/email]
  • Cloud Operations Team: [Add contact details]

10. Example piece of code

"rgs": {
      "ohemr-rg-east_epic_test-npd-wus3-001": {
        "CanNotDelete_Lock": false,
        "existing": true,
        "tags": {}
      }
    }