Module 2 – Configure Azure Policy Flashcards
What is Azure policies
It is a service that allows you to enforce ad audit compliance with organizational standards and requirements across your azure resources.
Provides a way to define and implement rules and restrictions for resources.
You can use policies to enforce rules on your resources to meet corporate compliance standards and service level agreements.
The Azure Policy compliance page shows non-compliant initiatives, non-compliant policies, and non-compliant resources. Checking the page is useful after a policy is created and scoped
Implement Azure Policies
- A service to create , assign and manage policies
- runs evaluations and scans for non compliant resources
Advantages and Key features of azure policies
Key features of Azure policies
1. Policy definitions - expresses what to evaluate and what action to take.
Example you can set a policy that enforces the sue of specific virtual machine sizes or require resources to be tagged with articular metadata.
- **Initiatives ** - is a set of policy definitions grouped to keep track your compliance state.
- Assignments - when you assign a policy , you are applying a policy or initiative to a specific scope of resources , such management group , resource group or subscription.
- Compliance - evaluates resources in the azure environment for compliance with assigned policies. The compliance data is available for reporting and auditing
-
Remediation - For polices with the “deployIfNotExits” effect , azure policy can automatically remediate resources to bring them to compliance.
Remediation is the process of fixing non compliant resources
Enforcement and compliance
Aplly polices at scale
remediation
Create Azure Policies
Step 1 - Create policy definitions
expresses a condition to evaluate and the actions to perform when condition is met. You can use built in policy definitions or create you own custom ones.
Step 2 - Create an initiative definition
is a set of policy definitions that help track your resource compliance for a larger goal
Step 3 - Scope the initiative definition
You can limit the scope of the initiative to a specific management group , resource manager and subscription.
Step 4 - Determine compliance
You can evaluate the state of compliance for all your resources. Individual resources , resource groups and subscriptions within a scope can be exempted from having the policy rules affect it.