Governance & Manageability (part 1)
Azure Resource Manager
Every resource exist in one and only one resource group which is a logical container that can easily simplify managing multiple resources. Resources in the same resource group generally shares the same life cycle, while you will have full fexibility in choosing your own criteria for grouping resources. For example, you can delegate permissions, identify costs, and audit events for all resources within a group in a single step. You can also remove them by deleting the group in which they can reside.
Role-Based Access Control (RBAC)
Azure Policy
It is a service in Azure that you can use to create, assign, and manage policies that enforces different rules over your resources, so those resources will stay compliant with your corporate standards as well as service level agreement. The main advantages of Azure Policy are:
- Enforcement and Compliance- Turn-on built-in policies or build custom ones for all resource types. Real time policy evaluation as well as enforcement, periodic and on-demand compliance evaluation.
- Apply policies at scale- apply policies to a Management Group with control across your entire organization. Apply multiple policies and aggregate policy state with policy initiative.
- Remediation- Real time remediation, and remediation on existing resources.
Management Groups
- Organizational alignment fro your Azure subscriptions through custom hierarchies and grouping.
- Targeting of policies and spend budgets across subscriptions as well as inheritance down the hierarchies.
- Compliance and cross reporting
All the subscriptions within a management group can automatically inherit the conditions applied to the management group.
Comments
Post a Comment