Stay on top of the Azure Governance game

Stay on top of the Azure Governance game

Do you also feel that there is an exponential growth of resources in your cloud environments?

In my job, I have had to plan, design, architect, and develop solutions for the cloud ecosystem. When it is time to operate and maintain them, it gets a bit trickier if you have many departments. Demands will vary by department, and requirements on the technology you use might look different in other parts of the organization.

A key thing I've learned over the years is that you need a proper governance plan. It would help if you allowed the business to thrive. Operations and your security teams should be enabled to stay on top of the game.

Here are a few simple tips to help understand what is going on in your Azure environment.
 

Azure Resource Graph

The built-in capabilities in Azure for querying resources are extensive. Azure Resource Graph provides us with a way to use Kusto Query Language (KQL) queries to ask Azure about the state of our Azure resources.

Use cases, for me, include:

  • Extended audits and reviews
  • Cross-subscription resource insights
  • Determine the impact of an Azure Policy action before rolling out
  • Continuously discover changes to resources
  • Visualize your inventory

Read more about the Azure Resource Graph and how it can help: Using the Azure Resource Graph to improve your Azure Governance game.
 

Custom recommendations in Azure Security Center

Getting insights from more than one angle helps. With Azure Security Center, we can stay on top of many industry-standard regulations. We can enforce and ensure we have good security posture and good data sovereignty (laws and regulations of where data resides and is stored).

Great functionality in the Azure Security Center that I've been making use of a lot is creating custom recommendations with Azure Policies. If the rules we need to play by do not exist, we can roll out custom recommendations.

Read more about creating a custom Azure Security Center recommendation with Azure Policy.
 

The Security Development Lifecycle (SDL) process

Continuously rolling out new resources doesn't have to be a bad thing. But do you know what they are and what they do? Perhaps they comply with Azure Policies and all recommendations in Azure Security Center. However, that does not mean that they are trustworthy or okay to roll out.

To add another layer of control in an ever-growing landscape of technology and rapid changes in development and deployments, a Security Development Lifecycle, or SDL, can help a lot.

I have a few key points.

  • Security should be an organization-wide responsibility.
  • Introducing DevSecOps will naturally help your ops (operations), hence strengthening your governance early in the game.
  • Security breaches often happen from poorly configured resources or third-party code. I would rather have them mitigated during this process than find out in production.

Read more about embracing a Security Development Lifecycle (SDL) for Azure.
 

Over to you!

Do you ever consider the governance aspect of your cloud journey, or is that someone else's department? How does it work in your organization?







This email was sent to you
why did I get this?    unsubscribe from this list    update subscription preferences
zimmergren.net · Solursgatan 28 · Bunkeflostrand 21847 · Sweden

Older messages

Digest from Zimmergren - September 30, 2020

Sunday, September 5, 2021

Here's a curated summary of recent popular posts, and other interesting things to note. A summary - September 2020 Since you subscribed to updates from my blog, here's a curated summary of the

Digest from Zimmergren - October 31, 2020

Sunday, September 5, 2021

Here's a curated summary of recent popular posts, and other interesting things to note. A summary - October 2020 Since you subscribed to updates from my blog, here's a curated summary of the

You Might Also Like

Charted | Global Economic Confidence in 2025, by Country 🌎

Wednesday, December 25, 2024

While emerging markets in Asia have the strongest confidence in the global economy looking ahead, European countries are most pessimistic. View Online | Subscribe | Download Our App FEATURED STORY

Top Tech Deals 🎅 Sony Headphones, iPhone Cases, 4K Projector, and More!

Wednesday, December 25, 2024

The season of giving is upon us. How-To Geek Logo December 25, 2024 Top Tech Deals: Sony Headphones, iPhone Cases, 4K Projector, and More! The season of giving is upon us. Happy Holidays! If you're

Why the Race to AGI is Humanitys Defining Moment

Wednesday, December 25, 2024

Top Tech Content sent at Noon! Boost Your Article on HackerNoon for $159.99! Read this email in your browser How are you, @newsletterest1? 🪐 What's happening in tech today, December 25, 2024? The

Iran's Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao Malware

Wednesday, December 25, 2024

THN Daily Updates Newsletter cover The Data Science Handbook, 2nd Edition ($60.00 Value) FREE for a Limited Time Practical, accessible guide to becoming a data scientist, updated to include the latest

Software Testing Weekly - Issue 251

Wednesday, December 25, 2024

GitHub Copilot is free! 🤖 View on the Web Archives ISSUE 251 December 25th 2024 COMMENT Welcome to the 251st issue! In case you missed it — GitHub Copilot is free! The free version works with Visual

Daily Coding Problem: Problem #1647 [Medium]

Tuesday, December 24, 2024

Daily Coding Problem Good morning! Here's your coding interview problem for today. This problem was asked by Square. In front of you is a row of N coins, with values v 1 , v 1 , ..., v n . You are

Sentiment Analysis, Topological Sort, Web Security, and More

Tuesday, December 24, 2024

Exploring Modern Sentiment Analysis Approaches in Python #661 – DECEMBER 24, 2024 VIEW IN BROWSER The PyCoder's Weekly Logo Exploring Modern Sentiment Analysis Approaches in Python What are the

🤫 Do Not Disturb Mode Is My Secret to Sanity — 8 Gadgets I Want To See Nintendo Make

Tuesday, December 24, 2024

Also: The Best Christmas Movies to Watch on Netflix, and More! How-To Geek Logo December 24, 2024 Did You Know Their association with the Christmas season might make you think poinsettias hail from a

😱 AzureEdge.net DNS Retiring Jan. 2025, 🚀 Microsoft Phi-4 AI Outperforms, 🔒 Microsoft Secure Future Initiative

Tuesday, December 24, 2024

Blog | Advertise | View Online Your trusted source for Cloud, AI and DevOps guidance with industry expert Chris Pietschmann! Phi-4: Microsoft's New Small Language Model Outperforms Giants in AI

Mapped | The Top Health Insurance Companies by State 🏥

Tuesday, December 24, 2024

In 13 US states, a single company dominates the health insurance market, holding at least half of the total market share. View Online | Subscribe | Download Our App Presented by: Global X ETFs Power