before we explain what as your policies, let's talk about the problems we would like to solve.
First, we taxes to the cloud development teams can provisioned their own resource is without going through the I T teams.
The I T teams need to provide some oversight and make sure that cloud resource is our provisions according to the standards established in the company.
On the other side,
developers like to provision powerful machines even for testing purposes.
They also forget to turn off resource is when those are not needed.
The cost of those three sources may not be justified, and it may impact the company's bottom line.
Also, every enterprise needs to follow some regulatory or compliance guidelines specific to the industry the enterprise works in.
Hence, enterprises need to provide compliance reporting Tory tours and government bodies
in order to enforce your standards and compliance requirements. I T teams develop documentation that describes the policies and procedures to be used for provisioning configuration and management of cloud resource is,
however, using documentation is error prone and does not care for enforcement function.
This is why enterprises have Fred were ICTY audits to ensure policies are followed
actual policy simplifies the processes of standardization, ghosts, management and compliance. Anillos i t. Teams to provide better governance in the cloud and simplify the audit process.
Actual policy. It's a service in natural that allows you to create a sign and manage policies.
Those policies, and for certain rules and effects over your azure resource is
one example of such a rule is to always use a B size virtual machines for development purposes to reduce the cost.
Another rule can be toe. Always use azure active directory authentication for sequel databases in order to track data access.
Don't throw can be toe. Always talk as your function apse with specific tax to enhance reporting
using actual policies, you can ensure that your cloud resources they compliant with the company or regulatory standards you have established for your enterprise.
We will go into more details in tow policy assignment later on in this model.
But it is worth mentioning that as your policy can be assigned on different levels in national,
you can assign azure policy at management group level, allowing you to have rules that spawned multiple subscriptions.
You can also assign it a Tajol subscription level, allowing you to have rules specific to a single subscription
at resource group level Toe have rules for the resource is in a specific resource group or on individual resource level.
In the next video, we will look at the policy definitions as well Waskow to assign and parliament rise policies.