Module 5bd - Identity, Governance, Privacy and Compliance - Build a Cloud Governance Strategy, Blueprints Flashcards
What is Azure Blueprint? What are they used for?
Blueprints are an orchestration for a defined, repeatable set of governance tools and standard Azure Resources required by your org (ARM Templates, Policies, etc).
Devs can use Blueprints to rapidly build an deploy new environments that comply with previously defined compliance Policies
What kind of Artifacts can you add to an Azure Blueprint?
- RBAC (Role Assignments)
- Policy Assignments
- Azure Resource Manager Templates
- Resource Groups
What are the three (3) general steps for utilizing an Azure Blueprint?
- Create the Azure Blueprint
- Assign the Blueprint
- Track the Blueprint Assignments
How can Azure Blueprints help ensure Resource Locking?
Blueprints let you define a standard set of Azure Resources that could be set as “required”, including requiring Locks
Blueprints when applied will replace any previously removed Resource Lock if defined for that Resource as part of the Blueprint (T/F)?
True. Blueprint will AUTOMATICALLY REPLACE any Resource Lock that was removed~
What are Blueprint Artifacts?
Artifacts are the components contained in a Blueprint
How many parameters can a Blueprint Artifact have?
Artifacts may contain zero or more parameters:
- An example of a zero parameters Policy is the “Deploy thread detection on SQL Servers” Policy
- An example of a one-parameter Artifact is the Policy “Allowed Locations”
What are two ways to specify parameter values to Artifacts in the Blueprint?
Parameter values can be assigned
- At the time of Blueprint Definition (i.e. hard code the value for all Assignments)
OR
- When you assign the Blueprint to a scope (i.e. dynamic assignment). This lets you define flexible Blueprints that can accept relevant configuration parameters specific to the assigned Scope