Automation approach for policy management

SwathiDhanwada-MSFT 18,546 Reputation points

What is the automation approach to manage each policy definition instead from Azure portal or through various SDKs so that it's more easily manageable and repeatable at enterprise scale?

[Note: As we migrate from MSDN, this question has been posted by an Azure Cloud Engineer as a frequently asked question.]

Source: Azure Docs

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
828 questions
0 comments No comments
{count} votes

Accepted answer
  1. tbgangav-MSFT 10,416 Reputation points

    Hi Swathi,

    Two of the predominant approaches to managing systems at scale in the cloud are:

    Infrastructure as Code: The practice of treating the content that defines your environments, everything from Resource Manager templates to Azure Policy definitions to Azure Blueprints, as source code.

    DevOps: The union of people, process, and products to enable continuous delivery of value to our end users.

    Policy as Code is the combination of these ideas. Essentially, keep your policy definitions in source control and whenever a change is made, test and validate that change. However, that shouldn't be the extent of policies involvement with Infrastructure as Code or DevOps.

    The validation step should also be a component of other continuous integration or continuous deployment workflows. Examples include deploying an application environment or virtual infrastructure. By making Azure Policy validation an early component of the build and deployment process the application and operations teams discover if their changes are non-complaint, long before it's too late and they're attempting to deploy in production.

    For more information, please refer this document.

    0 comments No comments

0 additional answers

Sort by: Most helpful