Throughout our course, we've created and assigned several policies and initiatives.
Let's look how we can retrieve the data, the compliance data from those policies and initiatives. I will switch to the Port o first and we'll look at the reporting capabilities there.
So let's look how we can retrieve the compliance date in the portal. The easiest way to do that is to go to the policy section,
and you can see all the policies and initiatives that you have applied across your scops.
If you click on view all,
let's explore a little bit about dolls.
The first thing is I applied. Although some of the key vote policies toe a resource group in my subscription, as you can see there quite a few here that are not compliant.
You can also see your overall compliance core the non compliant initiatives The noncompliant policies in the non compliant resource is you can filter by each one of them.
Let's go and explore one of our key vote
policies. Let's say the manage minimum key sides for our say certificates.
If I click on that policy,
I will see details about the specific policy. It is related toe the key vote
and if I click on it,
I can go deeper and see exactly which certificates are non compliant.
I have also applied our custom initiative to one of the
A resource groups.
If I click on it, I will see that most of the things that we specified in these initiatives are not fold for the specific resource group.
Let's say all the resource types, I have seven Resource is that at non compliant
us to remember We said that actually, we will have only
storage accounts in this resource group. But we have other things like, for example, websites set of our farm sense on.
If we go back our custom initiative,
we can also see that the resource names are non compliant. Surprisingly, there also re sources that are created in the resource group that are not compliant with the tax.
One thing you can do is you can take a look
the reason for non compliance. So if you click on the specific resource, you can go and say non compliance reason and you will get more details about the non compliance.
In this particular case, the current value is
cyber, very easy policy Test one,
and we required six
letters for the last component of the name. That is the reason why these resource is not compliant with the policy
using Asher Porto to view the information in the policy. Compliance is nice, but maybe not everybody has access to the azure portal or the policy service there.
Sometimes you also want to export data policy data or compliance data and integrated with other external governance tools.
Asher gives you that functionality.
You can use actual CLI or power shell to export the information from azure policy.
If you don't are easy policy,
ST least you will receive information about
all the policies that are applied in your subscriptions with details of their compliance so you can take this information and send it to your GRC to and integrated with it.
You can also symbolize the policies
by calling a C policy state summarized, so you'll get a summary of your compliance state.
You can manage individual events if you say easy policy
event, and you can least all the events that are related to the policy or you can quickly just for specific events
using azure sea ally and power shell you can do all these and integrate Asher policy with external gear C tools.
As you can see, Asher gives you a lot of flexibility. How to retrieve policy data and report on your compliance.