Azure Governance and Azure Policy

In this video we will explain and demo Azure governance using Management Groups, RBAC (Role Based Access Control) and Azure Policy.

Consider the scenario where we have a company with multiple subscriptions. We currently have no control or visability over any subscriptions and we need to control this.

Azure Governance


How do you manage the subscriptions?

How do you keep track and control the subscriptions in your environment?

How do you stop the development team creating large VM and resources in different regions?

We only want a team to create the VMs and compute in a particular country so we can make sure our cloud resources don’t get deployed to the wrong region or country.

This keeps your data and compute in your chosen country for data sovereignty and compliance purposes.

Azure governance is based around a set of tools for the IT department to ascert control over Azure subscriptions in your organisation.

Its inefficient to manage these separately, applying admin and permissions to each Azure subscription, so we use management groups to give us a hierarchy where we can manage each subscription under this hierarchy and apply policy and RBAC controls to limit permissions.

In this video we are going to cover the following:

  • Creation of management groups from scratch matching a diagram for production.
  • Adding production subscription to management group hierarchy
  • Review Role Based Access Controls, inheritance and permissions
  • Azure policy (applied to production management Group)
  • Applying policy to restrict Virtual Machine size SKU limit
  • Applying policy to restrict location where resources are deployed
  • Testing Azure Policy
  • Policy compliance
  • Blue Prints (ISO 270001)
 

About cloudinspired

Cloud Inspired authors have over 30 years experience within the IT industry, providing expertise and knowledge on infrastructure, hybrid, public and private clouds platforms. Detailed easy to follow technical videos, training and tutorial guides are provided by subject matter experts covering various technologies including Azure, IaaS, SaaS, PaaS and Microsoft 365. This website focuses mainly on the Microsoft 365 and Azure Cloud platform and provides easy to follow step by step technical guides, diagrams, cloud certifications and tutorials. The aim is to deliver articles and videos on Microsoft 365 and Azure Cloud from start to finish on many different Azure services and certifications, building and increasing the viewers knowledge in a short, logical, easy to understand format quickly getting to the point of the subject matter! Check out the YouTube channel for a full list of published Cloud Inspired videos and lets get inspired about Cloud!

View all posts by cloudinspired →

Leave a Reply

Your email address will not be published. Required fields are marked *