Mastering Azure Policy

Understanding Azure Policy and its Usage

• Azure Policy is a tool that enables the enforcement of governance requirements in Azure.
• In the past, resource provisioning in companies required interaction with an operations manager who would evaluate requests and provision resources accordingly.
• With Azure, users can provision resources directly without the need for an operations manager.
• However, there are still requirements and guardrails that need to be enforced, such as regulatory compliance and security measures.
• Azure Policy is used to enforce these requirements and guardrails.
• Azure Policy operates at the level of Azure Resource Manager, where resource provisioning occurs.
• Azure Policy can be applied at different levels, including management groups, subscriptions, and resource groups.
• Multiple policies can be grouped into an initiative for easier assignment and tracking of compliance.
• Azure Policy offers different effects, such as audit, deny, append, modify, and deploy if not exist, to enforce policies.
• Policies can be defined based on conditions and properties of resources.
• Azure provides a policy compliance dashboard to monitor and track policy compliance.
• Policies can be defined for specific categories, such as storage, and can restrict the use of certain SKUs for resources.