Flexing your Security Governance with Azure Policy as Code
G’day folks. I recently had the pleasure of presenting a livestream session via Microsoft Reactor Sydney on a subject close to my heart.
It was a great opportunity to share my experience in the subject domain of Security Governance and Azure Policy as Code workflows using Bicep language. And also a good opportunity to receive some questions and feedback in real time from an audience.
I’ve included some links below if you’re interested to dive into this subject a bit more.
Watch
Watch the recorded session from Microsoft Reactor’s livestream event.
Catchup on the latest (Dec 2021) Azure Governance & Deployments news from Microsoft.
Watch a session on managing the logging and security of Azure Key Vaults at-scale with Azure Policy and Microsoft Sentinel.
Watch a session on deploying Azure Policy as Code with Bicep walking through levels 1-2-3 of configuration.
Learn & Discover
Learn about what exactly is Azure Policy from Microsoft Docs.
Learn about how Azure Policy effects work from Microsoft Docs.
Learn about scoping your Azure Policy assignments from Microsoft Docs.
Learn about the Azure Security Benchmark from Microsoft Docs.
Learn about Microsoft Security Best Practices from Microsoft Docs.
Learn about what is Microsoft Defender for Cloud from Microsoft Docs..
Discover how to apply and enforce Zero Trust concepts with Azure Policy from Microsoft Blogs.
Discover how to enable Defender for Cloud plans to protect workflows in Azure from the community.
Discover how to create custom Microsoft Defender for Cloud recommendations with Azure Policy from the community.
Discover how to create custom security recommendations within Microsoft Defender for Cloud from the community.
Discover Security Posture Management with Azure Policy and Microsoft Defender for Cloud from the community.
Find
Find samples of built-in definitions for Azure Policy from Microsoft GitHub.
Find all the best Azure Policy official and community content available across the internet.
Find and adopt working modules and CI/CD pipelines for Azure Policy as Code workflows.
Find the related (this blog post) code used for the Bicep demo on Security Governance with Azure Policy as Code.
Find a list of past security mistakes by CSPs.
Keep Informed
Keep up to date with the latest changes and releases for Azure Governance capabilties (Policies, Aliases, RBAC roles, etc).
Cheers,
Jesse
Leave a comment