Walkthrough using Azure Policy to audit and enforce compliance

azpolicyUse Azure Policy to manage and enforce your standards for governance and compliance and to assess that compliance at scale. When you implement Azure Policy, you are effectively adding guard-rails for your users. But you also have a way to audit your organization compliance against a particular policy.

In this walkthrough, you will learn the implications of using a Policy in Azure. For this walkthrough, you will use Azure CLI to create a storage account that will not be compliant, but allowing its contents to be accessed using HTTP. Then you will add a Policy that requires HTTPS, and see how you can audit existing, non-compliant resource. You will audit the resource using the portal and using PowerShell script. Then you will create another non-compliant resource and see how Azure blocks the resource during creation.

Continue reading “Walkthrough using Azure Policy to audit and enforce compliance”

Setting up Management Group for production in enterprise

org1Once you have set up your first subscription, you can set up your Management Group.

In Azure, management groups are a way to group your subscriptions. When you apply policies and governance to your management group, all of the subscriptions within a management group automatically inherit the conditions applied. Enterprises want management groups as a way to scale your operations no matter how many subscriptions you may have.

For example, you may want to restrict the regions available for your resources to those within a particular region. A policy that reflects that can be applied to a management group and will automatically be applied to all management groups, all subscriptions, and all resources under that management group.

Continue reading “Setting up Management Group for production in enterprise”

Setting up Log Analytics workspace for production in enterprise

icon_1.0.1195.1535Operations and security are central in any cloud deployment. It should be top of mind in each of your cloud deployments.

Enabling your operations team to find and fix errors, to build practices around scaling your data are essential to having a successful Azure data center.

Log Analytics provides a unified way to show what is happening across your Azure data center.

In this article learn how to set up Log Analytics to receive data from multiple Azure subscriptions, on premises virtual machines or other clouds. And learn to configure your Log Analytics workspace, set up role-based-access-control, and how to incorporate Log Analytics best practices. In addition, you will also learn how to get started with some important queries.

Continue reading “Setting up Log Analytics workspace for production in enterprise”

Setting up your enterprise Azure subscription administrators

azureadministratorpngMicrosoft makes it easy to get started using Azure — sign up for a free subscription and get started. The tutorial show you how to use the portal to create virtual machines, storage, backups. All good.

And then it comes time to take your applications into production. You may realize that you need to show auditors your security methods. And you want to be sure to protect your customer data. Or you may have cloud sprawl and want to control costs.

And you have had a good conversations about your requirements. What then?

This article shows you how to get your subscription up and running using some important best practices for your administrators. It shows how to set up Security Center and how to set up policies that can be used to help your security team validate that you are using best practices.

Continue reading “Setting up your enterprise Azure subscription administrators”