Azure Management Groups are a powerful tool for organizing and managing your Azure resources. They allow you to create a hierarchical structure that can be used to apply consistent policies, access controls, and governance across multiple Azure subscriptions.

In this guide, we’ll walk through the process of creating a new management group using the Azure Portal. Management groups are containers that help you manage access, policy, and compliance across multiple Azure subscriptions. By creating these containers, you can build an effective and efficient hierarchy that can be used with Azure Policy and Azure Role-Based Access Controls (RBAC).

Getting Started

Before we dive in, there are a few prerequisites to keep in mind:

  • If you don’t have an Azure subscription, you’ll need to create a free Azure account before you begin.
  • Any Azure AD user in the tenant can create a management group without the management group write permission, as long as hierarchy protection is not enabled. The new management group will become a child of the Root Management Group or the default management group, and the creator will be given an “Owner” role assignment.

Creating a Management Group

  1. Log into the Azure Portal.
  2. Navigate to the “Management + governance” section and select “Management Groups”.
  3. Click the “+ Add management group” button to create a new management group.
  4. In the “Create management group” pane, leave “Create new” selected and fill in the management group ID field:
    • The management group ID is the directory-unique identifier that will be used to submit commands on this management group. This identifier cannot be edited after creation, as it is used throughout the Azure system to identify the group.
    • The display name field is the name that will be displayed within the Azure Portal. This can be changed at any time.
  5. Click “Save” to create the new management group.

Cleaning Up

To remove the management group you created, follow these steps:

  1. Navigate back to the “Management Groups” section in the Azure Portal.
  2. Locate the management group you created and select it.
  3. Click the “Details” button next to the name, then select “Delete” and confirm the prompt.

Next Steps

Now that you’ve created your first management group, you can start organizing your Azure resources into a hierarchical structure. To learn more about managing your resource hierarchy with management groups, check out the Manage your resources with management groups guide.

Source: Quickstart: Create a management group with portal