Flexing your Security Governance with Azure Policy as Code

G’day folks. I recently had the pleasure of presenting a livestream session via Microsoft Reactor Sydney on a subject close to my heart.

It was a great opportunity to share my experience in the subject domain of Security Governance and Azure Policy as Code workflows using Bicep language. And also a good opportunity to receive some questions and feedback in real time from an audience.

I’ve included some links below if you’re interested to dive into this subject a bit more.

Watch

Watch the recorded session from Microsoft Reactor’s livestream event.

• YouTube: Flexing Your Security Governance with Azure Policy As Code

Catchup on the latest (Dec 2021) Azure Governance & Deployments news from Microsoft.

• YouTube: Azure Governance & Deployments Quarterly Customer Panel December 2021

Watch a session on managing the logging and security of Azure Key Vaults at-scale with Azure Policy and Microsoft Sentinel.

• YouTube: Azure Sentinel and Policy as Code from Jesse Loudon and Casey Mullineaux

Watch a session on deploying Azure Policy as Code with Bicep walking through levels 1-2-3 of configuration.

• YouTube: Policy as Code with Bicep for Enterprise Scale

Learn & Discover

Learn about what exactly is Azure Policy from Microsoft Docs.

• Microsoft Docs: What is Azure Policy?

Learn about how Azure Policy effects work from Microsoft Docs.

• Understand Azure Policy effects

Learn about scoping your Azure Policy assignments from Microsoft Docs.

• Understand scope in Azure Policy

Learn about the Azure Security Benchmark from Microsoft Docs.

• Microsoft Docs: Azure Security Benchmark introduction

Learn about Microsoft Security Best Practices from Microsoft Docs.

• Microsoft Docs: What’s inside Microsoft Security Best Practices?

Learn about what is Microsoft Defender for Cloud from Microsoft Docs..

• Microsoft Docs: What is Microsoft Defender for Cloud?

Discover how to apply and enforce Zero Trust concepts with Azure Policy from Microsoft Blogs.

• Microsoft Blogs: Enforcing Policy for Zero Trust with Azure Policy

Discover how to enable Defender for Cloud plans to protect workflows in Azure from the community.

• Community Blog: Automatically Enable and Audit Microsoft Defender for Cloud Enhanced Security Features

Discover how to create custom Microsoft Defender for Cloud recommendations with Azure Policy from the community.

• Community Blog: Create a custom Azure Security Center recommendation with Azure Policy

Discover how to create custom security recommendations within Microsoft Defender for Cloud from the community.

• Community Blog: Custom security recommendation within Microsoft Defender for Cloud

Discover Security Posture Management with Azure Policy and Microsoft Defender for Cloud from the community.

• Community Blog: Security Posture Management with Azure Policy and Microsoft Defender for Cloud

Find

Find samples of built-in definitions for Azure Policy from Microsoft GitHub.

• GitHub: Repository for Azure Policy built-in definitions and samples

Find all the best Azure Policy official and community content available across the internet.

• GitHub: A curated list of AWESOME Azure Policy learning resources and links

Find and adopt working modules and CI/CD pipelines for Azure Policy as Code workflows.

• GitHub: Bicep and Terraform code examples for policy-as-code workflows

Find the related (this blog post) code used for the Bicep demo on Security Governance with Azure Policy as Code.

• GitHub: Bicep Demo Security Governance

Find a list of past security mistakes by CSPs.

• GitHub: List of security mistakes by cloud service providers (AWS, GCP, and Azure)

Keep Informed

Keep up to date with the latest changes and releases for Azure Governance capabilties (Policies, Aliases, RBAC roles, etc).

• Site: AzAdvertizer - Release and change tracking on Azure Governance capabilities

Cheers,

Jesse