HOW TO UTILIZE AZURE POLICY

Azure is a wonderful place. From virtual machines to cognitive services and beyond, it's full of great resources you can use. But when using these services, it's very easy to make mistakes or take nefarious action. It's all too simple to violate security and separation of duties, or create services that burn through cash. To help with this, Microsoft created Azure Policies.

At its most basic level, an Azure Policy is a JSON file, which can perform background actions in Azure. It prevents a user, or group of users, from carrying out destructive actions. It also audits existing resources to ensure they comply with company policies. A Policy can be as simple as auditing the Diagnostic logging setting on a resource, or as complex as deploying a Network Security Group to a Virtual Machine NIC card (if it detects an attached public IP address). A group of Policies is an Initiative. For example, you can create an Initiative, with multiple Policies, to see if your Azure environment complies with PCI DSS.

See the rest of this post at blog.ine.com.