Governance Framework Implementation for Microsoft Azure
Step 1
The Azure introduction framework
- Understanding of Microsoft Azure
- Understanding of Azure Auto manage.
- Understanding of Azure Purview
- Understanding of Azure Synapse analytics, Azure Migrate, Azure Arc
- Understanding of other Azure services
- Understanding of Azure Regions, data centers, networks, virtualization, etc
- Understanding of dashboarding, reporting, and analysis measures of Azure
- Understanding of Azure billing mechanisms, accounts, subscriptions, licensing, EA enrolments, hard/ soft service limits, etc
Step 2
Building the account and billing hierarchy along with setting up of Master accounts
- Build organization hierarchy and account management protocols on Azure
Enterprise → Department(s) → Account(s) → Subscription(s) → Resource Group(s)
- Assign privileged roles to on-premise accounts
- Safely store privileged account credentials
- Define the geographic hierarchy of accounts
Entire Org (Enterprise) → Region such as North America or Colorado (Department) → Account Owner within that geographic region (Account) → Individual Projects (subscription)
- Understand and implement resource groups, build subscriptions, build management groups, etc
- Partner with the third party for managed Azure services and carrying out necessary configurations and integrations
- Drive DevOps adoption through hierarchies
Step 3
Implement Azure RBAC (Role-based Access Controls) and Azure resource policies
- Use RBAC permissions to allow management of VMs, Virtual networks, SQL databases
- Use RBAC to allow applications to access resources in the resource group
- Use Azure resource manager templates for assigning Azure roles and enabling deployment
- Leverage Azure RBAC permissions to control deployments
- Lock subscription, resource group, or resource for your critical assets
- Implement organizational policies by leveraging resource group policies
Step 4
Tagging of your Azure Assets
- Implement tagging of your Azure assets
- Access, export, filter, validate and employ analytics for audit logs
- Validate the auditing process and enable alerting
- Implement Azure audit tools along with third-party tools for auditing costs
Step 5
Draw out Virtual network strategy
Plan a virtual network strategy for azure, including plans for traffic routing, traffic filtering, peering, permission controls for virtual networks, service endpoints, subnets, network interfaces, application, and network security groups, etc
English (United States) 
English (UK) 
English (Canada) 
English (India) 
English (Australia) 
English (New Zealand) 
English (South Africa) 
French 
German 
Spanish 
