Azure Governance

Governance provides mechanisms and processes to maintain control over your applications and resources in Azure. It involves planning your initiatives and setting strategic priorities. Governance in Azure is one aspect of Azure Management, and there are many Azure Governance terms as it pertains to policy and cost management. MessageOps has gathered these terms and defined each one to help you understand each aspect of Governance.

Microsoft Azure Adoption FrameworkThe Cloud Adoption Framework (CAF) is the one Microsoft approach to cloud adoption in Azure, consolidating and sharing best practices from Microsoft employees, partners, and customers. The framework gives customers a set of tools, guidance, and narratives that help shape technology, business, and people strategies for driving desired business outcomes during their adoption effort. This guidance aligns to the following phases of the cloud adoption lifecycle, ensuring easy access to the right guidance at the right time.

MVPMVP stands for Minimum Viable Product. MVP is a version of a product with just enough features to satisfy base set of requirements while allowing rapid deployment and scalability over the life cycle.

Management GroupContainers that help manage access, policy, and compliance across multiple subscriptions.

Azure SubscriptionThe container where your created resources are created. Billing is per subscription.

Resource GroupAn approach to group a collection of assets in a logical group for easy or even automatic provisioning, monitoring and access control, and for more effective management of cost.

ARM TemplatesAzure Resource Management (ARM) Templates; the template is code (JSON file) that defines the infrastructure and configuration specifying the resources to deploy and the properties of those resources.

Azure PoliciesAzure Policy evaluates resources in Azure by comparing the properties of those resources to business rules, defined as code know as policy definitions.

Azure Policy InitiativeA collection of policy definitions that are tailored towards achieving a singular overarching goal. Initiative definitions simplify managing and assigning policy definitions. Sometimes called a policySet.

Our GlidePath™ services for Cloud Governance take the complicated out of creating a Governance program and helps you take flight on your Azure journey

Champion Azure Governance MVP Standard Policy Initiatives – Based on Microsoft built-in standard policies, Champion defined collection of policy definitions that are tailored towards achieving a singular overarching goal.

Azure BlueprintsA package for creating specific sets of standards and requirements that govern the implementation of Azure services, security, and design.

Role Based Access Control (RBAC)Is a system that provides fine-grained access management of Azure resources.

Azure MonitorsAzure monitors allow the collection of granular performance and utilization data, activity and diagnostic logs, and notifications from Azure resources.

Tagging – You apply tags to your Azure resources, resource groups, and subscriptions to logically organize them into a taxonomy. Each tag consists of a name and a value pair. For example, you can apply the name “Environment” and the value “Production” to all the resources in production.

Security Baseline – Baseline policies are a set of predefined policies that help protect organizations against many common attacks.

Resource Consistency – The Resource Consistency discipline ensures resources are consistently configured in such a way that they can be discoverable by IT operations, are included in recovery solutions, and can be onboarded into repeatable operations processes.

Identity Baseline – Identity is increasingly considered the primary security perimeter in the cloud, which is a shift from the traditional focus on network security. Identity services provide the core mechanisms supporting access control and organization within IT environments, and the Identity Baseline discipline complements the Security Baseline discipline by consistently applying authentication and authorization requirements across cloud adoption efforts.

Deployment AccelerationThis discipline includes deployment, configuration alignment, and script reusability. This could be through manual activities or fully automated DevOps activities. In either case, the policies would remain largely the same.

Landing Zone – The principle purpose of the landing zone is to ensure that when an application lands in the cloud, that the required “plumbing/Governance” or other utilities are already in place.

Resource Group – A resource group is a container that holds related resources for an Azure solution. The resource group can include all the resources for the solution, or only those resources that you want to manage as a group. You decide how you want to allocate resources to resource groups based on what makes the most sense for your organization.

Gliding you on your Azure Journey

MessageOps has developed a process,GlidePath™ services for Cloud Governance, that is based 100% on the Azure Cloud Adoption Framework. Our GlidePath services will jumpstart your governance MVP and get you up and running quickly—all while ensuring that you have a scalable, secure, cost-managed Azure environment.

Was this article helpful?