1 hour 5 minutes
before we explain what as your policies are.
Let's talk about the problems we would like to solve
first, with access to the cloud development teams can provisioned, their own resource is without going through the I T teams.
The I T teams need to provide some oversight to make sure that Cloud Resource is are provisioned according to the standards established within the company.
On the other side, developers like to provision powerful machines even for testing purposes.
They also forget to turn off. Resource is when those air not needed.
The cost of those resource is may not be justified, and it may impact the company's bottom line.
Also, every enterprise needs to follow some regulatory or compliance guidelines specific to the industry The enterprise works in.
Therefore, enterprises need to provide compliance reporting toe auditors and government bodies
in order to enforce those standards and compliance requirements. I T teams developed documentation that describes the policies and procedures used for provisioning
configuration and management of cloud resource is,
using documentation is error prone and doesn't have an enforcement function.
This is why enterprises conf laver I t audits to ensure policies were followed
as your policy simplifies the processes of standardization, cost management and compliance, and allows I t teams to provide better governance in the cloud and simplify the audit process
as your policy is a service in azure that allows you to create a sign and manage policies.
Those policies enforced certain rules and effects over your azure resource is
one example of such a rule is to use B sides virtual machines for development purposes in order to reduce the cost.
Another rule can be to use azure active directory authentication for SQL databases in order to track data access.
You can always stack as your function apse with specific tags to enhance reporting
and using azure policies. You can ensure that your cloud resource is they compliant with the company or regulatory standards you have established for your enterprise.
We will go into more detail on policy assignment later in this module.
It is worth mentioning that as your policy can be assigned on different levels in azure,
you can assign as your policy at the management group level, allowing you to have rules that spanned multiple subscriptions.
You can also assign it at the azure subscription level, allowing you to have rules specific to a single subscription,
and lastly, the resource group level is used to create rules for the resource is in a specific group or at an individual resource level.
In the next video, we will look at the policy definitions as well as how to assign parameter rised policies.