Azure Network Watcher

NetworkWatcherRG, everyone who works with Azure has probably seen this resource group after creating a Virtual Network. The resource group stands out for not conforming to any naming convention, not even Microsoft’s recommended convention which just makes it stand out even more, and most people I guess just learn to live with it as one of the vagaries of working in someone else’s environment.

Now I can be pretty anal about names, and this has always struck me as very annoying so I decided to see if its possible to do something about it, and the resources that are contained within the resource group, ideally I would be able to create a Network watcher in any location and any resource group that matched the naming convention I choose to be working with at the time. Guess what it is possible, and very easy as long as you do this before a VNet is created, or you end up performing a cleaning task and then recreating which is not ideal.

In ARM the solution is to do something like

in a template and then deploy this to any resource group you want. When you then go create a VNET in the same region, Azure detects the presence of a Network Watcher and does not recreate a new resource.  So with a  bit of planning you can at least clear up one funny resource group name.

I did think we might be able to do this as a deployIfNotExists Policy, however this would not work.  The reason is if a Network Watcher does not exist in the right region then Azure creates it during the creation of the VNet, very helpful, so as a deployIfNotExists Policy can take upto 15minutes to evaluate and take action the resource would already of been created in the default resource group which is what I was trying to avoid.

ARM and Bicep versions can be found in my Azure GitHub repository at - drewkg/Azure (github.com)