How To: Add or Remove Azure Resource Groups

After you have created an Azure environment, you can remove resource groups by editing the environment settings, as long as at least one resource group remains selected. However, to add resource groups after the environment has been created, you must use the Fugue API.

The Fugue API allows you to update an environment in order to add, remove, or change the resource groups. To do so, you would use the PATCH method to send a request to the following path, substituting your own environment ID for {environment_id}:

https://api.riskmanager.fugue.co/v0/environments/{environment_id}

The request body is where you indicate which resource groups you want Fugue to scan or enforce. For example, if your environment only scans the dev-eastus resource group but you want to add prod-centralus and NetworkWatcherRG, your request body might look like this:

{
    "provider": "azure",
    "provider_options": {
        "azure": {
            "survey_resource_groups": [
                "dev-eastus",
                "prod-centralus",
                "NetworkWatcherRG"
            ]
        }
    }
}

The resources you list in the "survey_resource_groups" array replace whatever resources were previously selected. So in this case, to continue scanning dev-eastus, you would include it in the array.

Updating Selected Resource Groups with curl

To use curl to update an environment using the example above, you would use the following command:

curl -X PATCH \
https://api.riskmanager.fugue.co/v0/environments/75e7e69a-0af4-4561-9763-000000000000 \
-u $CLIENT_ID:$CLIENT_SECRET \
-d '{
    "provider": "azure",
    "provider_options": {
        "azure": {
            "survey_resource_groups": [
                "dev-eastus",
                "prod-centralus",
                "NetworkWatcherRG"
            ]
        }
    }
}'

When the command succeeds, the API returns a JSON document including the details of the updated environment.

To learn more about updating an environment with the API, see Updating an Environment. For more information about using curl, see API Tools. To see the full Swagger documentation, see the API Reference. Or, for general instructions, see the API User Guide.

Updating Selected Resource Groups with Postman

To use Postman to update an environment using the example above, select the PATCH - Updates an environment request from the Fugue API Postman collection, then enter the environment_id path variable on the “Params” tab:

_images/PostmanUpdateAzureParams.png

Next, select the “Body” tab and paste your request body into the text box:

_images/PostmanUpdateAzureBody.png

Here’s the request body we used for the example curl command:

{
    "provider": "azure",
    "provider_options": {
        "azure": {
            "survey_resource_groups": [
                "dev-eastus",
                "prod-centralus",
                "NetworkWatcherRG"
            ]
        }
    }
}

When you’re ready, hit the “Send” button, and when the request succeeds you’ll see a 200 OK status and a JSON document including the details of the updated environment.

To learn more about updating an environment with the API, see Updating an Environment. For more information about using Postman, see API Tools. To see the full Swagger documentation, see the API Reference. Or, for general instructions, see the API User Guide.