SlideShare una empresa de Scribd logo

TenT-Day08.pptx

Descargar como PPTX, PDF
J
JohanMyburgh15

Ten Tuesdays

Tecnología
1 de 12
Day 8 – Governance and Compliance Johan Myburgh 10Tuesdays To Azure Fundamentals https://aka.ms/AZ900LM https://aka.ms/AZ900EP08LM
Johan Myburgh Azure Technical Trainer (ATT) @ Microsoft UK Cloud Solution Architect Passionate about people and sharing knowledge jomyburg@microsoft.com @sayedimac aka.ms/johan
Day 8 Governance and Compliance • Why governance? • Azure Policy • Azure RBAC • Blueprints • Locks
Why Governance • Ensures environment runs the way it is indented to run • Rules for operating environment • Build into your process • Sprawl • Consistency • Size, SKU, Region, etc. • Cost • Security • Loose canons Without it…
Azure Policies Granular rules you can apply to structure Evaluate/Report or stop deployments JSON definitions Group together as Initiatives
50% off Exam Vouchers To qualify:  Scan the QR code and fill out the form  Add 17969 as the event ID  You must attend 5 out of the 7 remaining sessions to be eligible for the voucher  Please note this offer is only valid until 31st March 2023
Role Based Access Control (RBAC) Role Based Access Control Who? Security principal User Group Service principal Role assignment Contributor "Actions": [ "*" ], "NotActions": [ "Auth/*/Delete", "Auth/*/Write", "Auth/elevate" ] Marketing group Pharma-sales Resource group What? Role definition Owner Contributor Reader … Backup Operator Security Reader Contributor Reader Support Tickets Virtual Machine Operator Where? Scope Management group Subscription Resource group Resource
Blueprints Design templates of: Resources Policies Roles (RBAC) Resource Groups / Structure Achieve Compliance • Blueprints are versioned (small changes) • Maintains relationship between design (Blueprint) and resources • Track and Audit deployments
Resource Locks Locks down structure / resources when complete Ensure no simple mistakes slip in Should be part of your process • 2 Types • Delete Lock • Read-only Lock (includes delete)
Summary • Bigger your Azure footprint, the more important this becomes • Policies – Rules • RBAC – Permissions • Blueprints – includes all and resources • Locks • Read-only / Delete
Questions?
Merci धन्यवाद ᠪᠠᠶᠠᠷᠯᠠᠯ᠎ ᠠ᠃ Grazie አመሰግናለሁ

Recomendados

TenT-Day06.pptx
TenT-Day06.pptxTenT-Day06.pptx
TenT-Day06.pptx
JohanMyburgh15
 
TenT-Day06.pptx
TenT-Day06.pptxTenT-Day06.pptx
TenT-Day06.pptx
Johan Myburgh
 
TenT-Day07.pptx
TenT-Day07.pptxTenT-Day07.pptx
TenT-Day07.pptx
Johan Myburgh
 
TenT-Day10.pptx
TenT-Day10.pptxTenT-Day10.pptx
TenT-Day10.pptx
JohanMyburgh15
 
TenT-Day10.pptx
TenT-Day10.pptxTenT-Day10.pptx
TenT-Day10.pptx
Johan Myburgh
 
What’s Next For Your Azure Certification Journey
What’s Next For Your Azure Certification JourneyWhat’s Next For Your Azure Certification Journey
What’s Next For Your Azure Certification Journey
Global Knowledge Training
 
Microsoft Cloud Adoption Framework for Azure: Governance Conversation
Microsoft Cloud Adoption Framework for Azure: Governance ConversationMicrosoft Cloud Adoption Framework for Azure: Governance Conversation
Microsoft Cloud Adoption Framework for Azure: Governance Conversation
Nicholas Vossburg
 
Automated Security & Continuous Compliance on Microsoft Azure
Automated Security & Continuous Compliance on Microsoft AzureAutomated Security & Continuous Compliance on Microsoft Azure
Automated Security & Continuous Compliance on Microsoft Azure
2nd Watch
 

Recomendados

TenT-Day06.pptx
TenT-Day06.pptxTenT-Day06.pptx
TenT-Day06.pptx
JohanMyburgh15
 
TenT-Day06.pptx
TenT-Day06.pptxTenT-Day06.pptx
TenT-Day06.pptx
Johan Myburgh
 
TenT-Day07.pptx
TenT-Day07.pptxTenT-Day07.pptx
TenT-Day07.pptx
Johan Myburgh
 
TenT-Day10.pptx
TenT-Day10.pptxTenT-Day10.pptx
TenT-Day10.pptx
JohanMyburgh15
 
TenT-Day10.pptx
TenT-Day10.pptxTenT-Day10.pptx
TenT-Day10.pptx
Johan Myburgh
 
What’s Next For Your Azure Certification Journey
What’s Next For Your Azure Certification JourneyWhat’s Next For Your Azure Certification Journey
What’s Next For Your Azure Certification Journey
Global Knowledge Training
 
Microsoft Cloud Adoption Framework for Azure: Governance Conversation
Microsoft Cloud Adoption Framework for Azure: Governance ConversationMicrosoft Cloud Adoption Framework for Azure: Governance Conversation
Microsoft Cloud Adoption Framework for Azure: Governance Conversation
Nicholas Vossburg
 
Automated Security & Continuous Compliance on Microsoft Azure
Automated Security & Continuous Compliance on Microsoft AzureAutomated Security & Continuous Compliance on Microsoft Azure
Automated Security & Continuous Compliance on Microsoft Azure
2nd Watch
 
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
NCCOMMS
 
Certification on Azure
Certification on AzureCertification on Azure
Certification on Azure
SaiKiran745726
 
AZ-104 Microsoft Azure cloud Administration
AZ-104 Microsoft Azure cloud AdministrationAZ-104 Microsoft Azure cloud Administration
AZ-104 Microsoft Azure cloud Administration
AbdulalimBhnsawy
 
Building a Secure and Compliant Azure Virtual Data Center
Building a Secure and Compliant Azure Virtual Data CenterBuilding a Secure and Compliant Azure Virtual Data Center
Building a Secure and Compliant Azure Virtual Data Center
Patrick Sklodowski
 
Dont let governance risk and compliance be a roll of the device | Modern Wor...
Dont let governance risk and compliance be a roll of the device | Modern Wor... Dont let governance risk and compliance be a roll of the device | Modern Wor...
Dont let governance risk and compliance be a roll of the device | Modern Wor...
Nikki Chapple
 
Top Learnings from Azure Security (1).pdf
Top Learnings from Azure Security (1).pdfTop Learnings from Azure Security (1).pdf
Top Learnings from Azure Security (1).pdf
infosec train
 
The Microsoft Well Architected Framework For Data Analytics
The Microsoft Well Architected Framework For Data AnalyticsThe Microsoft Well Architected Framework For Data Analytics
The Microsoft Well Architected Framework For Data Analytics
Stephanie Locke
 
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance Workshop
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance WorkshopMicrosoft Cloud Adoption Framework for Azure: Thru Partner Governance Workshop
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance Workshop
Nicholas Vossburg
 
Microsoft Cloud Adoption Framework
Microsoft Cloud Adoption FrameworkMicrosoft Cloud Adoption Framework
Microsoft Cloud Adoption Framework
ssuserdb85d71
 
How is az 303 different from az-304
How is az 303 different from az-304How is az 303 different from az-304
How is az 303 different from az-304
ShivamSharma909
 
Interview Questions for Microsoft Azure Architect Technologies AZ-303.pptx
Interview Questions for Microsoft Azure Architect Technologies AZ-303.pptxInterview Questions for Microsoft Azure Architect Technologies AZ-303.pptx
Interview Questions for Microsoft Azure Architect Technologies AZ-303.pptx
infosec train
 
Interview Questions for Microsoft Azure Architect Technologies AZ-303.pptx
Interview Questions for Microsoft Azure Architect Technologies AZ-303.pptxInterview Questions for Microsoft Azure Architect Technologies AZ-303.pptx
Interview Questions for Microsoft Azure Architect Technologies AZ-303.pptx
Infosectrain3
 
Getting Started with Azure Sentinel
Getting Started with Azure SentinelGetting Started with Azure Sentinel
Getting Started with Azure Sentinel
Samik Roy
 
Certification on-azure
Certification on-azureCertification on-azure
Certification on-azure
HimanshuPise1
 
Getting Started: What Should My Enterprise Do in the First 90 Days?
Getting Started: What Should My Enterprise Do in the First 90 Days?Getting Started: What Should My Enterprise Do in the First 90 Days?
Getting Started: What Should My Enterprise Do in the First 90 Days?
Amazon Web Services
 
Microsoft Azure New Certification Training roadmap
Microsoft Azure New Certification Training roadmapMicrosoft Azure New Certification Training roadmap
Microsoft Azure New Certification Training roadmap
Synergetics Learning and Cloud Consulting
 
DSPL Managed Services 09_05_22.pptx
DSPL Managed Services 09_05_22.pptxDSPL Managed Services 09_05_22.pptx
DSPL Managed Services 09_05_22.pptx
MukulGupta868997
 
Should healthcare abandon the cloud final
Should healthcare abandon the cloud finalShould healthcare abandon the cloud final
Should healthcare abandon the cloud final
sapenov
 
Microsoft Azure Overview | Cloud Computing Tutorial with Azure | Azure Traini...
Microsoft Azure Overview | Cloud Computing Tutorial with Azure | Azure Traini...Microsoft Azure Overview | Cloud Computing Tutorial with Azure | Azure Traini...
Microsoft Azure Overview | Cloud Computing Tutorial with Azure | Azure Traini...
Edureka!
 
The nature of Clouds - G-talks - 22.11.2019
The nature of Clouds - G-talks - 22.11.2019 The nature of Clouds - G-talks - 22.11.2019
The nature of Clouds - G-talks - 22.11.2019
Nazariy Hazdun
 
TenT-Day02.pptx
TenT-Day02.pptxTenT-Day02.pptx
TenT-Day02.pptx
JohanMyburgh15
 
TenT-Day09.pptx
TenT-Day09.pptxTenT-Day09.pptx
TenT-Day09.pptx
JohanMyburgh15
 

Más contenido relacionado

Similar a TenT-Day08.pptx

Dont let governance risk and compliance be a roll of the device | Modern Wor...
Dont let governance risk and compliance be a roll of the device | Modern Wor... Dont let governance risk and compliance be a roll of the device | Modern Wor...
Dont let governance risk and compliance be a roll of the device | Modern Wor...
Nikki Chapple
 
Should healthcare abandon the cloud final
Should healthcare abandon the cloud finalShould healthcare abandon the cloud final
Should healthcare abandon the cloud final
sapenov
 

Similar a TenT-Day08.pptx (20)

O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
 
Certification on Azure
Certification on AzureCertification on Azure
Certification on Azure
 
AZ-104 Microsoft Azure cloud Administration
AZ-104 Microsoft Azure cloud AdministrationAZ-104 Microsoft Azure cloud Administration
AZ-104 Microsoft Azure cloud Administration
 
Building a Secure and Compliant Azure Virtual Data Center
Building a Secure and Compliant Azure Virtual Data CenterBuilding a Secure and Compliant Azure Virtual Data Center
Building a Secure and Compliant Azure Virtual Data Center
 
Dont let governance risk and compliance be a roll of the device | Modern Wor...
Dont let governance risk and compliance be a roll of the device | Modern Wor... Dont let governance risk and compliance be a roll of the device | Modern Wor...
Dont let governance risk and compliance be a roll of the device | Modern Wor...
 
Top Learnings from Azure Security (1).pdf
Top Learnings from Azure Security (1).pdfTop Learnings from Azure Security (1).pdf
Top Learnings from Azure Security (1).pdf
 
The Microsoft Well Architected Framework For Data Analytics
The Microsoft Well Architected Framework For Data AnalyticsThe Microsoft Well Architected Framework For Data Analytics
The Microsoft Well Architected Framework For Data Analytics
 
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance Workshop
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance WorkshopMicrosoft Cloud Adoption Framework for Azure: Thru Partner Governance Workshop
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance Workshop
 
Microsoft Cloud Adoption Framework
Microsoft Cloud Adoption FrameworkMicrosoft Cloud Adoption Framework
Microsoft Cloud Adoption Framework
 
How is az 303 different from az-304
How is az 303 different from az-304How is az 303 different from az-304
How is az 303 different from az-304
 
Interview Questions for Microsoft Azure Architect Technologies AZ-303.pptx
Interview Questions for Microsoft Azure Architect Technologies AZ-303.pptxInterview Questions for Microsoft Azure Architect Technologies AZ-303.pptx
Interview Questions for Microsoft Azure Architect Technologies AZ-303.pptx
 
Interview Questions for Microsoft Azure Architect Technologies AZ-303.pptx
Interview Questions for Microsoft Azure Architect Technologies AZ-303.pptxInterview Questions for Microsoft Azure Architect Technologies AZ-303.pptx
Interview Questions for Microsoft Azure Architect Technologies AZ-303.pptx
 
Getting Started with Azure Sentinel
Getting Started with Azure SentinelGetting Started with Azure Sentinel
Getting Started with Azure Sentinel
 
Certification on-azure
Certification on-azureCertification on-azure
Certification on-azure
 
Getting Started: What Should My Enterprise Do in the First 90 Days?
Getting Started: What Should My Enterprise Do in the First 90 Days?Getting Started: What Should My Enterprise Do in the First 90 Days?
Getting Started: What Should My Enterprise Do in the First 90 Days?
 
Microsoft Azure New Certification Training roadmap
Microsoft Azure New Certification Training roadmapMicrosoft Azure New Certification Training roadmap
Microsoft Azure New Certification Training roadmap
 
DSPL Managed Services 09_05_22.pptx
DSPL Managed Services 09_05_22.pptxDSPL Managed Services 09_05_22.pptx
DSPL Managed Services 09_05_22.pptx
 
Should healthcare abandon the cloud final
Should healthcare abandon the cloud finalShould healthcare abandon the cloud final
Should healthcare abandon the cloud final
 
Microsoft Azure Overview | Cloud Computing Tutorial with Azure | Azure Traini...
Microsoft Azure Overview | Cloud Computing Tutorial with Azure | Azure Traini...Microsoft Azure Overview | Cloud Computing Tutorial with Azure | Azure Traini...
Microsoft Azure Overview | Cloud Computing Tutorial with Azure | Azure Traini...
 
The nature of Clouds - G-talks - 22.11.2019
The nature of Clouds - G-talks - 22.11.2019 The nature of Clouds - G-talks - 22.11.2019
The nature of Clouds - G-talks - 22.11.2019
 

Más de JohanMyburgh15

Más de JohanMyburgh15 (6)

TenT-Day02.pptx
TenT-Day02.pptxTenT-Day02.pptx
TenT-Day02.pptx
 
TenT-Day09.pptx
TenT-Day09.pptxTenT-Day09.pptx
TenT-Day09.pptx
 
TenT-Day04.pptx
TenT-Day04.pptxTenT-Day04.pptx
TenT-Day04.pptx
 
TenT-Day05.pptx
TenT-Day05.pptxTenT-Day05.pptx
TenT-Day05.pptx
 
TenT-Day03.pptx
TenT-Day03.pptxTenT-Day03.pptx
TenT-Day03.pptx
 
TenT-Day01.pptx
TenT-Day01.pptxTenT-Day01.pptx
TenT-Day01.pptx
 

Último

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 

Último (20)

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 

TenT-Day08.pptx

  • 1. Day 8 – Governance and Compliance Johan Myburgh 10Tuesdays To Azure Fundamentals https://aka.ms/AZ900LM https://aka.ms/AZ900EP08LM
  • 2. Johan Myburgh Azure Technical Trainer (ATT) @ Microsoft UK Cloud Solution Architect Passionate about people and sharing knowledge jomyburg@microsoft.com @sayedimac aka.ms/johan
  • 3. Day 8 Governance and Compliance • Why governance? • Azure Policy • Azure RBAC • Blueprints • Locks
  • 4. Why Governance • Ensures environment runs the way it is indented to run • Rules for operating environment • Build into your process • Sprawl • Consistency • Size, SKU, Region, etc. • Cost • Security • Loose canons Without it…
  • 5. Azure Policies Granular rules you can apply to structure Evaluate/Report or stop deployments JSON definitions Group together as Initiatives
  • 6. 50% off Exam Vouchers To qualify:  Scan the QR code and fill out the form  Add 17969 as the event ID  You must attend 5 out of the 7 remaining sessions to be eligible for the voucher  Please note this offer is only valid until 31st March 2023
  • 7. Role Based Access Control (RBAC) Role Based Access Control Who? Security principal User Group Service principal Role assignment Contributor "Actions": [ "*" ], "NotActions": [ "Auth/*/Delete", "Auth/*/Write", "Auth/elevate" ] Marketing group Pharma-sales Resource group What? Role definition Owner Contributor Reader … Backup Operator Security Reader Contributor Reader Support Tickets Virtual Machine Operator Where? Scope Management group Subscription Resource group Resource
  • 8. Blueprints Design templates of: Resources Policies Roles (RBAC) Resource Groups / Structure Achieve Compliance • Blueprints are versioned (small changes) • Maintains relationship between design (Blueprint) and resources • Track and Audit deployments
  • 9. Resource Locks Locks down structure / resources when complete Ensure no simple mistakes slip in Should be part of your process • 2 Types • Delete Lock • Read-only Lock (includes delete)
  • 10. Summary • Bigger your Azure footprint, the more important this becomes • Policies – Rules • RBAC – Permissions • Blueprints – includes all and resources • Locks • Read-only / Delete

Notas del editor

  1. Role assignments Policy assignments Azure Resource Manager templates Resource groups
  2. Fast IDentity Online (FIDO) standards based passwordless auth Standalone security key or key built-in
  3. Fast IDentity Online (FIDO) standards based passwordless auth Standalone security key or key built-in
  4. Fast IDentity Online (FIDO) standards based passwordless auth Standalone security key or key built-in
  5. Fast IDentity Online (FIDO) standards based passwordless auth Standalone security key or key built-in
  6. Thank the attendees, customer point-of-contact (PoC), and Microsoft PoC. Stage additional follow through on Parking lot items via Microsoft contacts.