Implementing an Azure policy comprises three main parts. We will start with the policy definition, policy assignment and scoping, and policy evaluation. Policy Definition There are many built-in policies, and users can write custom policies. You can see built-in policies by navigating to Azure Portal …
When we discussed management groups, you saw that management groups can be used as a scope for policy assignment and for granting access. Policy scope is defined as the process of determining which subscriptions, resource groups, and resources for which the policy should be enforced. …
Using initiatives, you can chain or combine multiple policies, assign them on a scope, and manage them without hassle. Like policies, you can use the built-in initiatives, or you can produce a custom initiative. The concepts related to policies such as assignment, scoping, definition, and …
Creating a Custom Role Using PowerShell 4. The VM related actions are part of the Microsoft.Compute/virtualMachines namespace. We need to find the operations available for this provider. The operations can be found using the command Get-AzProviderOperation “Microsoft.Compute/virtualMachines/*”. As shown here, you can see the operations …
From the Azure portal, you can add/delete locks by following the instructions in this section. You can also add/delete locks from Azure PowerShell, the Azure CLI, ARM templates, and the REST API. The first step in assigning a lock is to understand which scope you …
Resource tags can be used to logically organize the resources in your environment. Each tag comprises a key-value pair, where you will be adding a name and a corresponding value. For example, if your key or name for the tag is Environment, you could have …
As mentioned earlier, tags can be applied at the subscription, resource group, or resource level. You can always search for Tags in the Azure portal, and the portal will list all tags that are there in your environment, as shown in Figure 2.26. FIGURE 2.26 …
IP addresses can be assigned or allocated in two ways, statically or dynamically. In on-premises, we had a similar concept of fixed IP addresses for our resources; a static IP address is the same logic. With statically assigned IP addresses, the IP addresses do not …
Public IP addresses are associated with a virtual machine NIC, public load balancer, VPN gateways, application gateways, and any other resource that can be accessed from the Internet. Here also we can choose the allocation method to be static or dynamic. However, the availability of …
Network routes or route tables have existed in traditional networks for an exceptionally long time. The routes that are part of the route table decide how to direct a packet to the destination or, in other words, determine which is the next hop the resource …