Implementing Governance on Azure
As organizations move beyond individual projects and begin to use Azure at scale, they frequently experience a number of common challenges. These include poor resource organization, lack of compliance with best practices, and lack of adequate control over production systems. This can cause a substantial impact in unnecessary costs, team inefficiency, and even customer impact due to live site management mistakes.
To enable cloud adoption at scale, it is crucial that organizations invest in and implement an Azure governance framework that will ensure the value of the cloud can be realized across the organization while at the same time maintaining control, visibility and compliance.
Azure provides a range of powerful tools which can be used to implement governance at scale. In this learning path, you will study each of these tools in depth. This provides the skills needed to implement a robust Azure governance framework.
• Control access to Azure resources using Azure role-based access control (RBAC), including building their own custom roles to implement a true least-privilege security model.
• Enforce compliance with organization policies and regulatory requirements using Azure Policy, including custom policies, compliance reports, and automatic mitigation.
• Deploy Azure governance efficiently and at scale across the organization using Management Groups
• Organize resources using proven best practice methodologies and explore resources at scale using the powerful Azure Resource Graph query language.
• Deploy and managed controlled environments for use by other teams using Azure Blueprints
• Gain insight into Azure costs, provide roll-up reporting, and implement budgets and cost alerts across the organization using Azure Cost Management.
- Duration: 2 Days
- Level: 300
Who this course is designed for
- Cloud Architects
- Security Engineers
What You Will Learn
- Control access to Azure resources using Azure role-based access control (RBAC), including building their own custom roles to implement a true least-privilege security model.
- Enforce compliance with organization policies and regulatory requirements using Azure Policy, including custom policies, compliance reports, and automatic mitigation.
- Deploy Azure governance efficiently and at scale across the organization using Management Groups
- Organize resources using proven best practice methodologies and explore resources at scale using the powerful Azure Resource Graph query language.
- Deploy and managed controlled environments for use by other teams using Azure Blueprints
- Gain insight into Azure costs, provide roll-up reporting, and implement budgets and cost alerts across the organization using Azure Cost Management.
- Azure Fundamentals
Module 1: Introduction to Azure Governance
In this module, students are introduced to key governance concepts and technologies in Azure. Students learn about the Azure governance architecture and the importance of good governance to successful enterprise cloud adoption.
Module 2: Implementing Role Based Access Control
In this module, students are provided a deep dive on how RBAC works, creating custom roles, reviewing the permissions/assignments model.
Module 3: Implementing Azure Policy
In this module, you will deep dive into the Azure Policy service, which is one of the fundamental governance services in Azure. You will learn how to apply Azure Policy to your subscriptions and the wide range of scenarios it supports. You will also deep dive on the policy definition language, so you can fully understand built-in policies and create your own custom policies. You will also learn how to use Azure Policy compliance reports, and how to investigate and remediate non-compliant resources. The course closes with an overview of Azure VM guest policy and overall policy.
Module 4: Organizing and Exploring Azure Resources
Resource organization is critical for organizations using Azure at scale. This module begins by discussing resource organization in Azure, explaining both the technical capability of the platform and best practices you can use to manage resources effectively. The second part of the module focuses on the Azure Resource Graph, showing how you can use this feature to explore your resources in many powerful ways.
Module 5: Implementing Management Groups
Azure Management Groups enable many of Azure’s governance and reporting features to be centrally managed using an organization-wide hierarchy, rather than being managed on each individual subscription. In this class, you will learn how to build a management group hierarchy, and how to use management groups to implement governance and reporting.
Module 6: Implementing Azure Blueprints
Blueprints can be used to create, track and manage pre-built Azure environments. They enable a cloud governance team to define and enforce best practices and compliance while still allowing individual development and operations teams the flexibility to build their own solutions. In this class, students will deep dive into Azure Blueprints, learning how Blueprints are structured, and how to manage the full Blueprint lifecycle.
Module 7: Azure Cost Management and Optimization
Cost management and cost optimization are key concerns of all Azure customers. In this class, students will first learn the principles of how Azure accounts are managed and billed. Next, students learn how a variety of commonly-used IaaS and PaaS resources are priced. This is followed by a deep-dive on cost optimization techniques you can to reduce your bill without impacting your applications. Finally, the module includes a deep-dive on Azure Cost Management, which enables you to track, analyze and forecast your Azure spend to providing accurate cost estimates and reduced billing risk.;