Standard Azure Policies

00:00

In this video, we will look at the standard azure policies and initiatives.

00:05

I'll switch to my browser and show you where you can find those policies and initiatives.

00:10

Here I am in Azure Portal.

00:12

As we said, as your policy is a service in Azure,

00:16

in order to get to it, you need to click on all services and search for policy.

00:23

I have already bookmarked this on my left hand navigation.

00:28

As you can see,

00:30

when I go to Azure policy, I can even see some default policies that are applied.

00:35

The reason that I see those here are because I have Azure Security Center configured for my subscription

00:41

now, as your security center already applied certain policies,

00:45

and I could get a dashboard to see what my compliance with those policies is.

00:49

As you can see, right now, I have a 97% compliance.

00:54

If you go on the left and click on definitions,

00:57

you'll see a list of all the policies that are available in your scope.

01:03

Those definitions include initiatives and policies and those air from all types. Like built in and custom,

01:11

you can use the boxes on top to filter by those

01:15

Now let's see if I want Thio Onley. See initiatives I can filter by initiatives.

01:21

If I want to see custom,

01:23

I can feel to write custom.

01:25

I don't have any custom policies right now about

01:30

Let's go back to all types and look at what definitions and policies are available.

01:37

There is a list of hundreds and hundreds of policies and initiatives that are available in Azure.

01:44

For example,

01:45

if your organization needs to follow the PC I compliance there most probably is a policy about P C I.

01:55

If you filter, you will see that there is actually an initiative that contains 39 policies, and it targets a PC I audit.

02:04

You could also click on this initiative, and you can see what is included in it.

02:08

Those are all the policies that are included in this initiative.

02:14

Most of the time, those policies map to the controls that PC I requires.

02:20

Let's go look at some other policies and initiatives.

02:23

Let's say you're interested in isso to 7001

02:29

There is a policy initiative also available for that.

02:32

It contains 58 policies.

02:36

Let's say you wanna follow CIA's benchmark recommendations for Azure.

02:42

There is an initiative that includes 83 policies that target the CSCE benchmark.

02:50

There are are back policies. For example,

02:53

you can go and apply a policy to track the usage of custom are back rules.

03:02

Also, if there's a policy that enforces are back on kubernetes services,

03:09

there are also policies that target virtual machines.

03:13

Let's say VMS

03:15

there are quite a few of those not on Lee policies, but initiatives.

03:19

We have many initiatives that target Windows machines as well as Linux machines.

03:24

Also initiatives that targets benchmarks and so on.

03:32

There are policies related to the SQL Server.

03:37

If you search by SQL, you will see that there are many policies that could be applied to SQL servers like, for example, encryption authorization, authentication and so on and so on.

03:51

Microsoft Documentation has a list of the available policies on their documentation website.

03:58

If you go in search for built in policies in Azure, you will land on their documentation and you can see all the policies that are available.

04:05

You can also click on the link to get hub

04:10

and see how this policy is also defined.

04:13

You can take those and modify them if you actually need some specific rules in your policies.

04:20

The same is true also for initiatives

04:25

on the Microsoft documentation. There is a list of initiatives that are built in initiatives that you can go and look at.

04:32

You can click on the link and find the actual initiative definition on Get Hub.