Using Terraform to Manage Azure DevOps Projects

This is the 1st part in the series of blog posts on managing Azure DevOps using Terraform. You can find the series index here. While using Terraform as part of CI/CD pipelines (or Azure Pipelines) to provide Azure Resources is fun and common, it came across my mind if we can manage Azure DevOps itself using Terraform. So I searched for the providers and seems like Microsoft very recently announced the release of Azure DevOps Provider 0.0.1 for Terraform. Even though the version seems to be very beta, its good enough to dive-in, learn something and also standardize Azure DevOps management. This also takes away one more manual work from DevOps side and we can use standard Infrastructure-as-Code approach to manage our work using already familiar and known approaches.

Read More »

Create and Manage Blueprints using Azure Portal

In previous post, we have defined what are Azure Blueprints and how they are important to deploy Azure Environments with a set of compliance and standards packaged together into a single definition. In this post, we are going to go through Blueprint lifecycle making use of Azure Portal. Like many resources within Azure, a blueprint in Azure Blueprints has a typical and natural lifecycle. They’re created, deployed, and finally deleted when no longer needed or relevant. Blueprints supports standard lifecycle operations. It then builds upon them to provide additional levels of status that support common continuous
Read More »

Work with Azure Blueprints to design and deploy Governed Azure Environments

Traditionally, Blueprints are used by architects and engineers to design and build new things. Blueprints are used to ensure that final product are built up to very specifications as laid out and are in the compliance with certain standards and requirements.

Azure Blueprints are used in the same way as traditional blueprints. Using Azure Blueprints, cloud architects and IT groups can design and deploy azure resources repeatedly that adhere to organizational standards, requirements and patterns. By leveraging Azure Blueprints, cloud architects can quickly build and deploy new environments that are always compliant ready. Using Azure Blueprints, teams can deploy new Azure Environments, with a set of built-in Azure Resources, with a trust that they are deploying in accordance with standards and compliance.
Read More »

Using Azure Log Analytics Alerts for non-compliant Azure Resources

In our previous blog post, we discussed how we can leverage Azure Policy to bring Azure Resources to into compliance with the Organizational configuration standards. We also created a custom Azure Policy and observed its effects on compliance. There are however close to 100 Builtin Azure Policy which are applied at any time under the default initiative. To this, add the number of policies that would be created and applied to manage resources for different departments and to enforce different standards. You’ll be quickly looking at hundreds of Azure Policies and assignments and exclusions and need some help to manage them.
Read More »

Determine Non-Compliance and trigger remediation for Azure Resources

In our previous post, we discussed how we can access compliance data for the Azure Resources. Compliance data can be accessed using various channels such as Azure Portal, Azure CLI, Azure REST APIs and Azure PowerShell. Once the compliance data is available, one should check which resources are non-compliant in accordance to the Azure Policy or Initiative, why they are flagged as non-compliant and what actions could be taken to remediate the same. In this blog post, we are going to discuss the same.
Read More »

Access Compliance Data and Manage Compliance for Azure Resources

In our previous blog post, we discussed how we can write custom Azure Policies in accordance with Organization’s Strategic and Compliance Requirements. We also learned how to apply policies at different scope levels in Azure. While planning, writing and applying compliance requirements in the form of Azure Policies is important, it is equally important to audit existing resources for appropriate configurations and settings, evaluate the results and take certain actions. One needs to be evaluate how many resources are compliant with the defined requirements, what resources are non-compliant, what corrective actions can be taken to bring them in compliance and also remove any false positives.
Read More »

Create and Assign Custom Azure Policies for Azure Governance

In our previous blog post, we discussed on using Azure Policies for Azure Governance and staying compliant with the same. We also discussed how we can use built-in Azure Policies to meet the governance criteria and start easily. However, the relationship between business and IT varies a lot from Organization to Organization. So from time to time, you’ll need to create your own Azure Policies and applying them to a scope. Custom Azure policies allows you to be lot more compliant and a lot more flexible. In this blog post, we are going to discuss the same. Read More »

Governing Azure and Staying Compliant using Azure Policies

Azure Governance includes not only identifying business and compliance standards, planning of the initiatives, defining Organizations goals in clear and standard way, but it also includes the implementation of same. Often times, getting them implemented in the proper and timely manner has long proven the hardest step to complete. There is no easy way to know if the Organizational goals and initiatives are getting implemented, what is not compliant and what actions can be taken to mitigate the drift created. For some sectors like finance industry, if the IT is not able to align to and follow the compliance and regulatory standards, it can become disastrous. Read More »