Architecture Azure AD Resource Groups

Question

Please, could you tell me the advantages and disadvantages of using the resources of the Stage and Dev environments in a single Resource Group? As information: Access to these resources is common and the life cycle will be 90% the same. What other critical factors can affect this configuration?

Many Thanks

Answer 1

There are not many cons in using 2 resource groups for this IMHO. If those 2 rgs are the only ones in the same subscription you can define RBAC at the subscription level so that is one disavantage taken away. There are many advantages:

• Fine grained access control, seperated by environment.
• Possibility to deploy the resources using ARM/Bicep templates. Even if the life cycle is 90% the same, the 10% can make it hard to use a complete deployement using ARM/Bicep. Also, I strongly recommend a template per environment.
• Apply tags per resource group to create budget/get costs insights

If one of those features listed here might be useful now or in the near future, I wouldn't hesitate to use 2 resource groups.