Maintain Your Standards with Azure Policy

You can use the "Azure Policy" service to monitor the compliance of your Azure resources with your corporate standards and to maintain your corporate standards by applying different rules / actions. For example, if you want all your resources to be defined in a specific Azure Region, you can restrict resource definition in other regions with Azure Policy or require that specific tags are used for each Azure resource you define. Let us look at the details of using Azure Policy:

1. Policies can be implemented at subscription or resource group level; you can apply multiple principles to an Azure resource.

2. Azure Policy service is free of charge.

3. You can view default policies or define a new policy under All Services> Azure Policy> Definitions on the portal.

Some of the built-in policies for Virtual Servers are as follows:

Detect the servers which are missing a specified member in the Administrators group
Detect the servers that do not have the specified application installed
Detect the servers that are not set to a specified time-zone
Detect the servers which are not joined to a specified domain structure
Detect the servers which are not restarted within the specified number of days
Detect the servers which are at pending reboot phase.
Activation of the Azure Monitor
Installation of the Log Analytic Agent

4. Initiative seen on the portal is the grouped version of multiple policies. For example, the initiative below, which checks whether a particular application is installed on the servers, first installs the "* guest configuration extension" on the servers and then reports the status of the relevant application with the help of this extension. https: //docs.microsoft.com/en-us/azure/governance/policy/concepts/guest-configuration Örneğin, belirli bir uygulamanın sunucularda yüklü olup olmadığını kontrol eden aşağıdaki initiative, öncelikle sunuculara “*guest configuration extension” yüklemesi gerçekleştiriyor ardından bu extension yardımıyla ilgili uygulamanın durumunu raporluyor. *https://docs.microsoft.com/en-us/azure/governance/policy/concepts/guest-configuration

5. To assign the policies, we select the "Assign" section at the top left in policy details under All Services> Azure Policy> Definitions.

On this screen, we can assign the policy on the basis of subscription or resource group.
We can enter the parameter of the policy. For example, when you define a policy that detects servers that do not have specified applications installed, we can specify application names in this field.

6. Custom policies can be created in JSON format; It will be easier to edit templates in the github repository or built-in templates in the Azure Portal with an editor rather than writing a policy from scratch.

Hikmet Kapusuzoğlu -Microsoft Platforms Senior Consultant

NAME:

SURNAME:

PHONE:

E-MAIL:

COMPANY:

MESSAGE:

Şirketimize ileteceğiniz her türlü talep, şikayet ve önerilerin değerlendirilmesi ve sonuçlandırılması ile izin vermiş olmanız halinde tarafınıza ticari elektronik ileti gönderilmesi amacıyla kişisel verilerinizin işlenmesine yönelik detaylı bilgilere Müşteri Aydınlatma Metni üzerinden erişebilirsiniz.

Bize iletmiş olduğunuz talep veya şikayetinizde aşağıda sıralanan özel nitelikli kişisel verilerin yer almadığından emin olmanızı rica ederiz:

ırk,
etnik köken,
siyasi düşünce,
felsefi inanç,
kılık ve kıyafet,
dernek, vakıf ya da sendika üyeliği,
sağlık, cinsel hayata ilişkin veriler,
ceza mahkûmiyeti ve güvenlik tedbirleriyle ilgili veriler,
biyometrik ve genetik veriler.

Güvenlik Kodunu Yenile

Maintain Your Standards with Azure Policy

Maintain Your Standards with Azure Policy

Hikmet Kapusuzoğlu -Microsoft Platforms Senior Consultant

How can we help you?