Create and Assign Custom Azure Policies for Azure Governance

In our previous blog post, we discussed on using Azure Policies for Azure Governance and staying compliant with the same. We also discussed how we can use built-in Azure Policies to meet the governance criteria and start easily. However, the relationship between business and IT varies a lot from Organization to Organization. So from time to time, you’ll need to create your own Azure Policies and applying them to a scope. Custom Azure policies allows you to be lot more compliant and a lot more flexible. In this blog post, we are going to discuss the same. Continue reading “Create and Assign Custom Azure Policies for Azure Governance”

Governing Azure and Staying Compliant using Azure Policies

Azure Governance includes not only identifying business and compliance standards, planning of the initiatives, defining Organizations goals in clear and standard way, but it also includes the implementation of same. Often times, getting them implemented in the proper and timely manner has long proven the hardest step to complete. There is no easy way to know if the Organizational goals and initiatives are getting implemented, what is not compliant and what actions can be taken to mitigate the drift created. For some sectors like finance industry, if the IT is not able to align to and follow the compliance and regulatory standards, it can become disastrous. Continue reading “Governing Azure and Staying Compliant using Azure Policies”

Organize your Azure Resources across Subscriptions using Management Groups

If you are responsible for managing multiple Azure subscriptions, you would have notice that there are lot of issues maintaining consistency in resource deployment, organization and management across subscriptions. This is primarily because different subscriptions are designed to target different needs such as products or departments and therefore the Azure Resources being used by different set of people everywhere. To help with bringing consistency across subscriptions, one can use recently launched Azure Management Groups. Azure Management Groups helps to apply governance controls based on access controls, policies and compliance.
Continue reading “Organize your Azure Resources across Subscriptions using Management Groups”

Setup and Configure Azure Bastion to Securely connect to Azure Virtual Machines

Last week, Microsoft Azure Team has calmly announced the preview release of one of the exciting features known as Azure Bastion. The concept of using an Bastion Host is nothing new, where one would configure one of the Virtual Machines as Bastion or HopBox and then connect to other private virtual machines configured in the virtual network. This would help providing some security as instead of securely managing all of the virtual machines in an given network, you would need to securely connect and manage only Bastion Host, which is having Public IP address assigned for the connections. However, the onus of configuring all the required networking setup, installing and configuring ssh and rdp protocols, timely patching and hardening of the Bastion Host still lies with the Azure/AWS Administrator. Continue reading “Setup and Configure Azure Bastion to Securely connect to Azure Virtual Machines”

Run Azure DevOps Private Agents in Kubernetes Clusters

Since in last post, we discussed on how to run Azure Pipelines agents as docker containers and configure them accordingly, the next step would be to run them on the Kubernetes platform. This kubernetes cluster can be on-premise and/or cloud and could be self managed or managed by the cloud service provider itself.

One of the reasons you may want to run them on Kubernetes is because you want better utilization of your kubernetes cluster. Another reason might be to leverage your existing knowledge of the kubernetes platform and work on it. Another reason would be to not use Microsoft hosted agents, as by default you would get only 1800 minutes of agent time to utilize, for free accounts.
Continue reading “Run Azure DevOps Private Agents in Kubernetes Clusters”