Companies around the world are responding to their customers’ need to deliver faster with cloud. At the same time compliance is increasingly important to ensure you have consistent standards across the environment or to meet external needs. Historically, introducing necessary control through traditional governance processes slowed down a company’s ability to release new innovations because they were often manual. In some cases, companies didn’t implement strong governance, and, without these important controls in place, speedy development was not always compliant development. Neither of these are ideal outcomes and it’s clear that what customers need is both speed and control.
Today, we are announcing several new Azure capabilities that do just that – offer customers unprecedented speed and control. By providing governance capabilities as part of the Azure platform customers can “shift left” and implement policies and compliance earlier in the development process to accelerate compliant development. With Azure you can create compliant environments from the very beginning instead of waiting for challenges or problems to arise and then bolting on compliance. These services collectively represent the most complete built-in governance offering in any public cloud – and the best part is they are all available to Azure customers at no additional cost.
Overall, Azure Governance services are designed to help our customers:
- Enforce internal standards and guardrails
- Apply consistent security & management
- Setup environments faster
- Meet regulatory compliance requirements
- Release compliant code faster
- Control costs
- Organize resources to match your organization
Last year, we announced the acquisition of Cloudyn, and Azure became the first public cloud with free cost management.
Earlier this summer, we released Azure Policy to help customers create, assign and, manage policies. These policies enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service level agreements. For example, Azure Policy helps ensure that organizations or business teams are using approved resources.
Recently, we announced Azure Management Groups which help customers organize subscriptions into hierarchical groups to enable multi-tenant and cross-organizational governance.
Today we are building upon our commitment to offer the most complete built-in governance capabilities with the following new technologies – all now in public preview:
Azure Blueprints
Azure Blueprints provides a one-click solution for setting up fully governed subscriptions with pre-configured resources, policies, management, security and user access controls, and it’s available in public preview today. Why create a mess and clean it up? With Azure Blueprints you can create compliant environments from the beginning. Here is an example Blueprint:
Azure Cost Management within the Azure Portal
Azure Cost Management is now available directly inside the Azure Portal for Enterprise Agreement customers. We are expanding coverage to direct customers later this year with CSP following that. Azure Cost Management is the evolution of the Cloudyn acquisition. With Azure Cost Management customers can monitor cloud spend, drive organizational accountability, and optimize cloud efficiency.
The new experience requires no onboarding, delivers real-time cost analysis, budgets, and has an overall improved experience. Managing budgets has never been easier with the ability to set thresholds for your subscriptions, get alerted or automate actions using Action groups. Want to integrate this data with your organizations data sets? Scheduled exports let you move your usage and cost into your Azure storage account for added flexibility and integration capability. There is also PowerBI integration and even an API to integrate into your own apps.
Azure Policy integration with Azure DevOps and new remediation capabilities
Azure Policy is now integrated into the Azure DevOps release management experience so that companies can define a set of policies and ensure that code is not deployed until it is compliant. With this new level of up-front policy compliance IT can be assured that policies are being adhered to and open production environments to developers to enable faster innovation. In addition, Azure Policy has been enhanced to enable remediation of non-compliant policies on existing resources.
Azure Resource Graph
Azure Resource Graph helps customers explore their Azure resources at scale for more efficient inventory management. Available directly in the Azure Portal, Bash, Powershell, or CLI, it provides powerful querying and parsing capabilities to gather insights on resources. The queries themselves are using the same Keyword Query Language (KQL) that is shared with Azure Monitor. You can also create policies directly from Azure Resource graph queries.
Here's an example of a Resource Graph query to find VMs with managed disk enabled and has environment tag set to 'prod'”:
With Azure policy, Azure Blueprints, Azure Resource Graph, Azure Cost Management and Azure Management Groups you can take advantage of industry leading, built-in and completely free governance capabilities. Get speed and control with Azure.
See you at Ignite!
I hope to see many of you this week at Ignite, either in person or virtually. We’ve got some great sessions planned, and of course, we’re always excited to hear from our customers about how you are securing and managing your resources in the cloud, and what challenges you face. Please continue sharing your feedback. You can also check out the great new functionality of Azure Governance today.