Module 5be - Identity, Governance, Privacy and Compliance - Build a Cloud Governance Strategy, The Cloud Adoption Framework Flashcards
What is the Cloud Adoption Framework for Azure?
Helps you create and implement the business and tech strategies needed to succeed in the Cloud.
It consists of tools, docs and proven practices.
What are the five (5) stages in the Cloud Adoption Framework?
Basically the same strategy for any Change Management:
- Defining strategy
- Make a plan
- Ready your organization
- Adopt the cloud
- Govern and manage your cloud environments
What are the steps for Defining your Strategy for Cloud Adoption?
Basically define the Why, the Outcome, the Cost and the How
- Define and document motivations
- Document business outcomes - from finance, marketing, sales, HR, etc
- Evaluate financial considerations - measure objectives and identify the return expected from the specific investment
- Understanding technical considerations
What are the steps for Making a Plan for Cloud Adoption?
Basically Tech Inventory, Get the Right People, Empower Current People and make the official Adoption Plan
- Digital Estate - take an inventory of existing digital assets and workloads that you plan to migrate
- Initial Organization Alignment - Get the right people involved, technically and from cloud governance standpoints
- Skills readiness plan - build everyone’s skillset
- Cloud adoption plan - layout the specific planning to bring dev, ops, and business teams to realize the shared cloud adoption goal
What are the steps for Readying your Organization for Cloud Adoption?
It’s mostly about your Landing Zone and best practices for its implementation:
- Azure setup guide - review all required setup guides to become familiar with tools and approaches you’ll need
- Azure landing zone - Build out the Subscriptions that support major business areas of your organization.
- Expand landing zone - Refine the landing zone to ensure it meets all your requirements
- Best practices - Start with recommended or proven practices to ensure your migration efforts are scalable and maintainable
Hint: not a web page landing page but similar concept…
What is a Landing Zone?
An environment in the cloud to being hosting your workloads. This includes cloud infrastructure, governance, accounting and security capabilities
For us, this is our Resource Group created by Release Engineering.
What is the first part of the Adopt the Cloud step?
Migrate
- Migrate your first workload
- Migration scenarios - use additional in-depth guides to explore more complex migration scenarios
- Best Practices - Check Azure migration best practices checklist to verify you’re following recommendations
- Process Improvements - Identify ways to make migration scale with less effort
What is the second part of the Adopt the Cloud step?
Innovate
- Business value consensus - Verify investments in new innovation add value and meet customer needs
- Azure innovation guide - use this to accelerate development and build MVPs for your ideas
- Best practices - verify progress maps to recommended best practices BEFORE moving forward
- Feedback loops - check frequently with customers to verify that you’re building what they need
What is the first step for Governing and Managing your Cloud Environments for Cloud Adoption?
As cloud estate changes, as does your governance processes and policies, so you’ll need to create resilient solutions that are constantly optimized. Your first step is Governing, which concentrates on the proper application of Polices for regulatory and security Compliance (which oddly enough follows general SDLC)
- Methodology - consider your solution’s end-state and define an INCREMENTAL approach from first steps to full cloud governance
- Benchmark - use the Governance Benchmark Tool to assess current and future state to understand how to apply the framework
- Initial governance foundation - Create an MVP for your governance plan first steps
- Improve initial governance foundation - Iteratively add governance controls as you progress toward your end state
What is the second step for Governing and Managing your Cloud Environments for Cloud Adoption?
As cloud estate changes, as does your governance processes and policies, so you’ll need to create resilient solutions that are constantly optimized. Your second step is Managing, which is largely about implementing Management Baselines and Business and Operational Commitments:
- Establish a management baseline - Define minimum commitment to operations management
- Define business commitments - document supported workloads to establish commitments and agree on investment for each workload
- Expand management baseline - apply best practices to iterate on initial management baseline
- Advanced operations and design principles - for workloads that require higher level business commitment, perform deep architecture review to optimize and deliver resiliency and reliability
What is a Management Baseline?
The minimum set of tools and processes applied to every asset in an environment
What are the three main aspects to consider when creating and managing Subscriptions?
Billing, Access Control, Subscription Limits
Management Groups can create multiple Billing Reports on a Subscription then use Tagging to further drill down for granularity (T/F)?
False. You can create only one billing report per subscription. Further reporting details can be ascertained through tag filtering
What should you consider for Access Control w.r.t. managing Subscriptions?
When designing your subscription, consider the deployment boundary factor i.e. a Subscription is a deployment boundary for Resources, with each Subscription providing admins the ability to set granular Roles Based Access Control
What are two (2) considerations for Subscription Limits when managing Subscriptions?
Resource Limitations and Management Groups are the “parent”.
They have Resource limitations (ex 25k VMs per Region, certain Regions don’t even have certain services, etc.) and should be considered during your design phase. Note there is ZERO flexibility per subscription to increase these limits.
Also consider Management Groups for managing your Subscriptions i.e. manage access, policies an compliance across multiple Subscriptions.