The DevOps Jedi

Taking the cloud by storm one line of code at a time....

Creating A Modern Azure Diagnostics Policy That Generative AI Couldn't - Yet!

2024-07-2315 min readGovernanceDarren Johnson
I have recently been working with an organisation who wanted to improve their security posture in Azure by using Azure Policy to configure Diagnostic Settings for their Azure resources at scale. They wanted to make use of Category Groups to dynamically collect all available logs and metrics and simplify the policy logic so it could be reused across multiple resources. I thought ‘that sounds simple enough as there will be a built in policy that does all that’, but there wasn’t, so I set to work.Continue Reading...

Modifying An Existing Azure Policy

2024-07-1410 min readGovernanceDarren Johnson

There may well come a time when there isn’t a Built In Azure Policy that meets your needs, and you need to either modify an existing policy, or create new a policy from scratch. Creating custom policies should always be a last resort, as the BuiltIn policies Azure provides are kept up to date and version controlled by Microsoft. As soon as you create a custom policy, you are responsible for maintaining it when capability is added or deprecated.

Continue Reading...