Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

ARM template deployment and "Atlas resource group"

Copper Contributor

While creating a Purview account I can assign it to any resource group, but I see that after performing scans a new resource group is created with a Event Hub namespace and a Storage account. These seem to be related to Atlas hooks and entities.

 

Is there a way to control the name of this auto-generated resource group? I was thinking I may be able to control this via an ARM template-based deployment. Would this be possible?

 

Also, where can I find the ARM template reference for Purview?

6 Replies
I have the same question. The auto-generated resource group does not meet the tagging policy at my organization, so I can't create the Purview account due to validation failure. Is there a way to use an existing resource group instead? Or specify tags to be applied to the auto-generated resource group?

@dougspadotto We will be exposing a property, in the coming weeks, where the managed resource group name will be configurable at Account create time.
I am tracking down our documentation team to find where we host our ARM template in the meantime here is our swagger documentation, and an example of the create payload. This JSON example can also be used in ARM
azure-rest-api-specs/Accounts_CreateOrUpdate.json at master · Azure/azure-rest-api-specs (github.com...

@WilliamSzostak-LM you can assign tags to your manages resources (the resource group, Storage account, and Eventhub namespace) by setting tags on your Purview account and they will propagate to these resources. You can set these tags both at create time or by updating them using the Azure Portal. This should solve your issue with the offending tagging policy.

Thank you, @annoakes, that worked!

@annoakes Will there be any option to customize the VNET settings on those managed resource groups? As per their policy , many customers wouldn't accept those services to be configured as public.

Hi @annoakes , is the arm template with customized storage account and event hub namespace name already? Where can I find it. Thanks. :)