šŸ”„ Check out my documented journey on how to set up Configuration Manager (MECM) and my updated notes on the Azure AZ-104 Exam! šŸ”„
Posts
Microsoft
Azure
AZ-900
AZ-900 Certification Notes
Acloudguru
chapter11
Chapter 11 - Governance

AZ-900 Certification Notes

Chapter 11 - Governance

Governance validates that your organization can achieve its goals through effective and efficient use of IT.

What's a policy?

A policy is a set of rules, rules to make sure that standards and agreements within your corporation are followed and that resources are compliant with these policies.

Role-Based Access Control (RBAC)

  • Define User Access
    • You can define specific user access to individual resources
  • Minimum Access
    • RBAC can enable minimum access necessary to resources. This ensures only users with valid access can manage resources
  • Target Specific Use Cases
    • Be very explicit about uses and access. For example, allow an application access to certain resources or allow a user to manage resources in a resource group

Role-Base Access Control - Role Assignment

  • Security Principal
    • An object representing an entity such as a user or group, which can access the resource
  • Role Definition
    • A collection of permissions such as read, write, and delete
  • Scope
    • The resources the access applies to. Specify which role can access a resource or resource group

Locks

  • Assigning
    • Assign a lock to a subscription, resource group, or resource
  • Types
    • A lock can be of two types. Delete, where you can't delete the locked object. Read-Only, where you can't make any changes to the object
  • Locked Means Locked
    • A lock needs to be removed before the locked actions can be performed again

Azure Blueprints

Blueprints are templates for creating Azure resources.

  • Rules and regulations
    • Brand New Azure
      • Use Blueprints
        • Resource templates
        • Role Based Access Control (RBAC)
        • Policies
        • Samples for common regulations

Cloud Adoption Framework

  • Collection of Documents
    • Lots of resources to guide you through the cloud adoption process
  • Guidance
    • Help to define strategies for adoption, planning the move, "being ready" for the cloud, adoption reasons, governance practices, and managing a living, breathing cloud architecture
  • Governance
    • Key to the cloud adoption process is governance of the process. The Cloud Adoption Framework is a big step in that process

Exam Tips

Governance keeps you complaint and out of trouble.

  • Azure Policy ensures that policies applied to resources are compliant
  • A policy is a set of rules to ensure complaint resources
  • Role Based Access Control (RBAC) ensures user compliance through assigning a role to a user. A role is a combination of security principal, role definition and scope
  • Locks make sure that subscriptions, resource groups or resources are either not modified or not deleted
  • Blueprints are templates for creating standard Azure environments
  • The Azure Advisor for Security Assistance is part of the Security Center
Chapter 10.11 - Security QuizChapter 11.2 - Azure Monitor