AZ-104 - Governance and Compliance - Understanding Azure Policy

Control and organize Azure resources with Azure Resource Manager

Understanding Azure Policy

Define Azure Policy
Components of a Policy
Policy Examples

Enforce Compliance and enable auditing

Organization need to implement enterprise-level governance and compliance capabilities.

Prohibit resources

control costs
Restrict service access

Allowed Locations

Geographical compliance

Policy Definition

Defines the evaluation criteria for compliance, and defines the actions that take place. Either audit or deny should be something outside of compliance.

Policy Assignment

The scope at which we will assign our policy. The scope could be a management group, subscription, resource group, or resource.

Initiative Definition

A collection of policies that are tailored to achieving a singular high-level goal together (e.g., ensuring that VMs meet standards).

Policy Definition	Evaluate if a VM is being created with our tag Project:az104. if the VM is missing the tag, then deny creation of the resource.
Policy assignment	Assign the policy at the scope of the resource where the VMs will be created

Azure Entra ID Mindmap

Azure Youtube Videos

AZ-104 - Administration - Azure Resource Manager

AZ-104 - Administration - Azure Portal and Cloud Shell Basics

AZ-104 - Administration - Azure CLI and Powershell

AZ-104 - Administration - Azure ARM Templates

AZ-104 - Governance and Compliance - Managing Subscriptions

AZ-104 - Governance and Compliance - Using management groups

AZ-104 - Governance and Compliance - Understanding Azure Policy

AZ-104 - Governance and Compliance - Tagging Resources

AZ-104 - Governance and Compliance - LAB Add Remove Tags

AZ-104 - Governance and Compliance - Locking and Moving Resources

AZ-104 - Governance and Compliance - Managing Azure Costs

AZ-104 - Governance and Compliance - Building a cloud governance strategy wth Azure tooling

AZ-104 Azure Identity - Conceptualizing Entra ID (Azure Active Directory)

AZ-104 Azure Identity - Managing Tenants

AZ-104 Azure Identity - Creating and Managing Users

AZ-104 Azure Identity - LAB Create and Manage Microsoft Entra ID Users in the Portal

AZ-104 Azure Identity - LAB Perform Bulk Microsof Entra ID Operations in the Portal

AZ-104 Azure Identity - Creating and Managing Groups

AZ-104 Azure Identity - Creating Administrative Units

AZ-104 Azure Identity - Configuring SSPR (self serfice password reset)

AZ-104 Azure Identity - Azure Entra ID Device Management

AZ-104 Azure RBAC - Understanding Roles in Azure

AZ-104 Azure RBAC - Assigning access to resources

AZ-104 Azure RBAC - LAB Using service Principal Identity to List AD Roles

AZ-104 Azure RBAC - Creating custom roles

AZ-104 Azure - Storage Accounts

AZ-104 Azure - Conceptualizing Azure Blog Storage

AZ-104 Azure - Configuring blob object replication

AZ-104 Azure - Configuring Blob Lifecycle Management

AZ-104 - Governance and Compliance - Understanding Azure Policy

Control and organize Azure resources with Azure Resource Manager

Understanding Azure Policy

Prohibit resources

Allowed Locations

Policy Definition

Policy Assignment

Initiative Definition

No Comments