Finding the right approach to Azure Governance is a common problem that often has more than one right solution, and – unfortunately – this isn’t a challenge where one good solution fits all. Finding the best possible response to governance problems can often be more difficult than it seems.
Many of my Azure customers find themselves in a situation where their spending has spiralled out of control.
These organisations will typically have started with a single – I like to call them “Wild West” – subscription that most technical stakeholders in the organisation have got full access to. Many resources will have been spun up from the marketplace, in a variety of resource groups, and without a clear naming convention. Admins will usually find it very difficult to determine if resources are in use and whether they are rightsized.
Other customers hit a bottleneck where access to Azure is heavily restricted.
These organisations will usually have replicated their on-premises processes for provisioning resources in the cloud. The experience of acquiring new resources will feel tedious and unnaturally slow, preventing teams from adopting the very solutions that would make them more agile in the long run.
So how does one approach the challenge of Azure Governance?
While every organisation needs to find a solution that works for them, there are a few buildings blocks that you can use to find and customise your approach. In this series I will share some of these building blocks.
Azure Governance Building Blocks
- Creating your orgranisation’s source of truth with VSTS and Azure
- Taking Azure ARM templates to the next level
- Orchestrating the roll out of RBAC, policies and tagging
- Using Azure Logs to tie resources to owners
- Understanding our shared responsibility when it comes to disaster recovery, high availability, and geo-replication in Azure PaaS
(any building blocks that are not linked will be coming soon)