Azure Tutorials Series - Azure Policy | Blueprints

-

 In previous article we learnt about Azure Encryption, Key Value, Azure Storage Encryption and lot of other related terms. In this article we will learn about Azure Policy, Difference between Azure Policy and RBAC, How to create a policy, Azure Blueprints, Azure Blueprints vs Azure Resource Manager Templates and lastly Azure Blueprints versus Azure Policy. 

Azure Policy & Azure Blueprints

  • Ensure whether the standards are maintained and followed.

Azure Policy

  • Enforces rules or policies for specified or all resources
  • Makes sure all existing resources follows it and all the new deployment shall also follow it
  • Such that infrastructure remains compliant, for an example, all the virtual machines in your organization has 8 GB RAM at least, or even allows to select the location of the resources.
  • Can immediately deny the creation of a new resource if it is non-compliant with the policy.
  • Can stop the update of old resource if it is against the policy.
  • Azure Policy can add restrictions on
    • Storage accounts SKUs
    • Virtual machine instance types
    • Rules related to tagging of resource and groups
  • Represented in JSON format.
  • No prompt is thrown for the user consent.
  • Before creating, make sure you decide the scope of the policy, it may apply from management group to resource group.
  • Note- Policy is inherited by the child nodes. Exception is also allowed, for example, you may want to apply policy to entire subscription but not a particular resource group, it is equally possible.
  • Create or update any resource through Azure Resource Manager is evaluated through policy first
  • Few of the Policy status are
    • Deny
    • Disabled
    • Append
    • Audit, AuditIfNotExists
    • DeployIfNotExists

Azure Policy

Azure Policy vs RBAC

  • RBAC focuses on user actions at different scopes, whereas Azure policy focuses on resource properties.
  • Unlike RBAC, Azure policy is a default allow and explicit deny system.

Azure Blueprints

  • Azure Blueprints is a declarative way to orchestrating deployment of 
    • Role assignments
    • Policy assignments
    • Azure Resource Manager Templates
    • Resource groups
  • Useful in DevOps - makes automation easier
  • Suppose you want to move the blueprint files to Azure, you should then be using Azure Storage Explorer to copy the files.


 



Comments

Post a Comment

Popular posts from this blog

Azure Tutorials Series - Azure Networking

-
Image
In this article, we will learn about Azure networking concepts such as architecture, microservices, virtual networks, VPNs, subnet, VPN gateways and most importantly Network Security Group(NSG). All these terms are to be understood if you appearing for AZ900 Microsoft Azure Fundamentals exam. Azure Networking In previous articles we have learnt about Micro- services and how they work, these are alos loosely coupled architecture. Some of the features includes Independent components interact with each other with the help of queues Can be updated and deployed independently Highly scalable Supports Asynchronous messaging N-tier Architecture Supports loosely coupled architecture Application divided into multiple tiers such that higher tier can access lower tier but not vice versa Tiers are re-usable and can be updated or replaced easily without any hassle. Three-tier in general Web Tier(front end) Application tier(back end) Data tier(Storage) Virtual Network Isolated network shared by few g
Read more

Coforge Interview Questions | Automation Testing profile

-
Image
In this article we will cover recent Coforge Interview questions asked for testing profile.  Date of Interview - 19th December 2020 Mode of Interview - Web conference through TEAMS Interviewer - Rahul Sharma Round - L1 Coforge Interview Questions | Automation testing profile Round L1 Tell me about your project I have been working as a QA for XYZ company from 5.4 years, during this tenure,  I have learnt about Manual testing, Selenium, Database testing, TestNg, framework designing and API testing. What is a webdriver? A webdriver is a an automation framework that allows executing our tests in different browsers. It also supports headless execution using HtmlUnit driver. What are hooks? @Before and @After are called Hooks, they are used before and after any test scenario. How would you like your automation framework to be designed? How can you use data properties in Test NG framework? Explain Access specifiers? Access modifiers define the visibility of the class. There are four different
Read more

Testing in CI/CD

-
If you are part of testing fraternity you would have heard CI/CD numerous times by now. It's the talk of the software testing town. In this article, we will cover the basics of CI/CD, what actually it is and how it is implemented in software testing. What is continuous integration? In simple terms, development teams can integrate their code into a shared repository. This helps in maintaining code quality and identifying potential issues with the local version of the code at an early stage. What is continuous delivery? Everything that is being continuously merged by the development team, is continuously deployed to the live environment. Continuous delivery is often coined as ‘Continuous Deployment’ as well. Since most developers work in parallel, continuously integrating their code into one repository would mean that the master branch is continuously updated with new features. In order to ensure that there is no compromise in the code quality with so many changes
Read more