Using Azure Log Analytics Alerts for non-compliant Azure Resources

In our previous blog post, we discussed how we can leverage Azure Policy to bring Azure Resources to into compliance with the Organizational configuration standards. We also created a custom Azure Policy and observed its effects on compliance. There are however close to 100 Builtin Azure Policy which are applied at any time under the default initiative. To this, add the number of policies that would be created and applied to manage resources for different departments and to enforce different standards. You’ll be quickly looking at hundreds of Azure Policies and assignments and exclusions and need some help to manage them.
Read More »

Determine Non-Compliance and trigger remediation for Azure Resources

In our previous post, we discussed how we can access compliance data for the Azure Resources. Compliance data can be accessed using various channels such as Azure Portal, Azure CLI, Azure REST APIs and Azure PowerShell. Once the compliance data is available, one should check which resources are non-compliant in accordance to the Azure Policy or Initiative, why they are flagged as non-compliant and what actions could be taken to remediate the same. In this blog post, we are going to discuss the same.
Read More »

Access Compliance Data and Manage Compliance for Azure Resources

In our previous blog post, we discussed how we can write custom Azure Policies in accordance with Organization’s Strategic and Compliance Requirements. We also learned how to apply policies at different scope levels in Azure. While planning, writing and applying compliance requirements in the form of Azure Policies is important, it is equally important to audit existing resources for appropriate configurations and settings, evaluate the results and take certain actions. One needs to be evaluate how many resources are compliant with the defined requirements, what resources are non-compliant, what corrective actions can be taken to bring them in compliance and also remove any false positives.
Read More »

Create and Assign Custom Azure Policies for Azure Governance

In our previous blog post, we discussed on using Azure Policies for Azure Governance and staying compliant with the same. We also discussed how we can use built-in Azure Policies to meet the governance criteria and start easily. However, the relationship between business and IT varies a lot from Organization to Organization. So from time to time, you’ll need to create your own Azure Policies and applying them to a scope. Custom Azure policies allows you to be lot more compliant and a lot more flexible. In this blog post, we are going to discuss the same. Read More »

Governing Azure and Staying Compliant using Azure Policies

Azure Governance includes not only identifying business and compliance standards, planning of the initiatives, defining Organizations goals in clear and standard way, but it also includes the implementation of same. Often times, getting them implemented in the proper and timely manner has long proven the hardest step to complete. There is no easy way to know if the Organizational goals and initiatives are getting implemented, what is not compliant and what actions can be taken to mitigate the drift created. For some sectors like finance industry, if the IT is not able to align to and follow the compliance and regulatory standards, it can become disastrous. Read More »