Lets learn something new

Cloud, Cybersecurity, DevOps, AI

Azure

Microsoft Azure Deployment Stack: Overview Using Bicep

ByArnav Sharma

Jan 16, 2024 #azure
Microsoft Azure Deployment Stack

Last Updated on August 7, 2025 by Arnav Sharma

The Azure Deployment Stack, currently in public preview, is revolutionizing how we manage collections of Azure resources. This innovative feature in Azure Resource Manager, accessible through Bicep, Azure CLI, and Azure PowerShell, simplifies the life cycle management of Azure resources, making it an indispensable tool for developers and IT professionals.

What is an Azure Deployment Stack?

An Azure Deployment Stack is a type of Azure resource that allows for the management of a group of Azure resources as a single unit. When a Bicep file or an ARM JSON template is submitted to a deployment stack, it defines the resources managed by the stack. This feature is particularly useful for creating, updating, and deleting resources in a coordinated manner.

Creating and Managing Deployment Stacks

To create a deployment stack, you can use Azure CLI, Azure PowerShell, or the Azure portal, along with Bicep files. These files are transpiled into ARM JSON templates, which are then deployed as a deployment object by the stack. The deployment stack offers capabilities beyond traditional deployment resources, serving as a superset of those capabilities.

Creating a Deployment Stack

Suppose you need to provision test VMs for various application teams across different resource group scopes. A deployment stack can be used to create these test environments and update the test VM configurations through subsequent updates to the stack. After the project, the managed resources can be easily removed by specifying the appropriate delete flag, streamlining the environment cleanup process.

Benefits of Using Deployment Stacks

  1. Simplified Resource Management: Deployment stacks simplify the provisioning and management of resources across different scopes.
  2. Preventing Undesired Modifications: They help in preventing undesired modifications to managed resources through deny settings.
  3. Efficient Cleanup: Deployment stacks enable efficient environment cleanup by employing delete flags during updates.

Key Features and Operations

  • Resource Type: The resource type for deployment stacks is Microsoft.Resources/deploymentStacks.
  • Scope: Deployment stacks can be created at resource group, subscription, or management group scope.
  • Deny Settings: These settings prevent unauthorized deletion or modification of managed resources.
  • Update and Deletion: Deployment stacks allow for easy updating and deletion of resources, managed by specifying the appropriate flags.

Detaching and Deleting Resources

A key feature of deployment stacks is the ability to detach or delete resources. If a resource previously included in the template is removed, it will either be detached or deleted based on the specified actionOnUnmanage behavior.

Bicep and Deployment Stack

Example: Creating a Deployment Stack with Bicep for an Azure Storage Account

Step 1: Create a Bicep File

First, we need to create a Bicep file that defines the Azure resources we want to manage with our deployment stack. Let’s call this file storage.bicep.

 
resource storageAccount 'Microsoft.Storage/storageAccounts@2021-04-01' = {
name: 'mystorageaccount${uniqueString(resourceGroup().id)}'
location: resourceGroup().location
kind: 'StorageV2'
sku: {
name: 'Standard_LRS'
}
properties: {
supportsHttpsTrafficOnly: true
}
}

This Bicep file defines a storage account with a unique name, located in the same region as the resource group, and using the Standard_LRS SKU.

Step 2: Deploy the Bicep File to Create a Deployment Stack

To deploy this Bicep file and create a deployment stack, you can use Azure CLI or Azure PowerShell. Here’s how you can do it with Azure PowerShell:

New-AzResourceGroupDeploymentStack `
-Name "MyDeploymentStack" `
-ResourceGroupName "MyResourceGroup" `
-TemplateFile "./storage.bicep" `
-DenySettingsMode "none"

This command creates a new deployment stack named “MyDeploymentStack” in the specified resource group “MyResourceGroup” using the storage.bicep file.

Step 3: Verify the Deployment

After creating the deployment stack, you can verify that the storage account has been deployed successfully:

Get-AzStorageAccount -ResourceGroupName "MyResourceGroup"

This command lists the storage accounts in “MyResourceGroup”, and you should see the newly created storage account as part of the output.

Step 4: Update the Deployment Stack

If you need to update the deployment stack, for instance, to change the SKU of the storage account, you would modify the Bicep file and then update the stack:

Set-AzResourceGroupDeploymentStack `
-Name "MyDeploymentStack" `
-ResourceGroupName "MyResourceGroup" `
-TemplateFile "./storage.bicep" `
-DenySettingsMode "none"

Step 5: Delete the Deployment Stack

To delete the deployment stack and its associated resources, you can use the following command:

Remove-AzResourceGroupDeploymentStack `
-Name "MyDeploymentStack" `
-ResourceGroupName "MyResourceGroup" `
[-DeleteAll/-DeleteResourceGroups/-DeleteResources]

This command will remove the deployment stack and, depending on the flags used, can also delete the resources managed by the stack.

Related Post

Azure

Microsoft Azure October 2025 Outage Explained

Nov 3, 2025 Arnav Sharma
Azure

The Rising Threat to Azure Blob Storage

Oct 31, 2025 Arnav Sharma
Azure

Mastering Azure Landing Zones

Oct 21, 2025 Arnav Sharma

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You missed

Azure

Microsoft Azure October 2025 Outage Explained

November 3, 2025 Arnav Sharma
Azure

The Rising Threat to Azure Blob Storage

October 31, 2025 Arnav Sharma
Cybersecurity General

A Guide to VPN Types

October 26, 2025 Arnav Sharma
Azure

Mastering Azure Landing Zones

October 21, 2025 Arnav Sharma