Global Azure: Policy as Code with Bicep for Enterprise Scale

2 minute read

GlobalAzure2021

Global Azure is a community event about the Microsoft Azure platform. On April 15-17 the Global Azure community goes online to share, learn, and have community Azure fun together.

This year I was fortunate to have a session accepted for Global Azure 2021 titled: Policy as Code with Bicep for Enterprise Scale

Recently I’ve been diving into Microsoft’s new DSL Bicep and as I’m passionate about Azure Policy I thought why not combine both aspects into a session?

Admittedly, I left my sessionize submission very late and probably just scraped in. Even so it was a wonderful surprise to see my session accepted followed by a frantic scramble to prepare my presentation (YT links below) and code which can be found here https://github.com/globalbao/azure-policy-as-code.

Presentation Structure

I structured my presentation into 3x levels so that beginners could start with a small proof of concept deployment and then scale up in complexity and advanced logic as their comfort levels increased with Bicep and Azure Policy.

More experienced users can jump straight to Level 3 and learn/adopt a Policy as Code workflow with Bicep.

Links to skip to specific content levels in the recorded session are included below!

Level 1

  • Uses built-in policies
  • Uses an initiative and assignment
  • 1x main.bicep
  • Manual CLI deployment

YouTube Video Timestamp 16m 10s

Level 2

  • Uses built-in policies and custom policies
  • Uses multiple initiatives and assignments
  • 1x main.bicep
  • Manual CLI deployment
  • Targeting multiple Azure environments
  • Uses parameter files for environment-specfic values passed during deployment

YouTube Video Timestamp 50m 3s

Level 3

  • Uses built-in policies and custom policies
  • Uses multiple initiatives and assignments
  • Custom policyDefinitionReferenceId for initiatives
  • Custom non-compliance msgs for assignments targeted to the policyDefinitionReferenceId
  • Advanced modules organised per resource type
  • CI/CD workflow automation with GitHub Actions YAML
  • Targeting multiple Azure environments with authentication via GitHub secrets

YouTube Video Timestamp 1h 11m 45s

Kudos

Finally, I’d like to thank Rahul Nath for reaching out to me prior to the session and helping me out with YouTube streaming/gearing tips. Much appreciated Rahul!

This year’s Global Azure event was the biggest yet with over 560 speakers and 530 sessions from across the world! So a big kudos to the organisers and session reviewers who contributed their time to make this happen!

Looking forward to next year’s Global Azure!

Jesse

GlobalAzure2021Sessions

Leave a comment