Professional Documents
Culture Documents
Cloud Adoption Framework - Thru Partner Governance Workshop
Cloud Adoption Framework - Thru Partner Governance Workshop
Governance in Azure
Framework
Assess
MVP
Evolve
Next Steps
Partner overview
Partner overviewslide
slide
Business processes and people
readiness are my biggest
adoption blockers. How do I
align with the business to get the
support we need?
Adopt
Define Strategy Plan Ready Migrate
• First workload migration
• Expanded scenarios
• Understand motivations • Digital estate • Azure readiness guide • Best practice validation
• Business outcomes • Initial organization alignment • First landing zone • Process improvements
• Business justification • Skills readiness plan • Expand the blueprint Innovate
• Prioritize project • Cloud adoption plan • Best practice Validation • Innovation guide
• Expanded scenarios
• Best practice validation
• Process improvements
Govern Manage
Methodology • Benchmark Business commitments
initial best practice • operations baseline •
Governance maturity Ops maturity
The major drivers for
IT Governance
Corporate Policy
Governance is a big, intimidating topic.
Establish proper scope by mitigating
tangible risks through corporate policy.
What and Why of governance
• Azure Blueprints
• Azure Policy • Azure Blueprints
• Azure Security Center • Azure Policy • Azure Blueprints
• Security Management • Azure Monitor • RBAC
• Threat protection • Identity • Azure AD
• Encryption • Change Tracking • Azure AD B2B
• Hybrid Identity • DSC • Azure AD B2C
• Azure Networking • Automation • Directory Federation
• Azure Automation • Update Management • Directory Replication
Integrating 3rd Party Tools
Security management
appears to be an important
area of focus for this
customer.
Discussion – Establishing a cloud
governance MVP
How do I get started?
Policy Definitions
1. Environment Factory:
Role-based
Templates
Resource
Manager
Deploy and update
Access
cloud environments in a
repeatable manner using Azure Portal SDK 3rd party
composable artifacts
Management Groups
Subscriptions
Resource Groups
CRUD
Query
Discussion:
• How would you structure the Management Groups based on this discovery?
• How would you divide subscriptions within MGs?
• How would you define resource groups?
• What Resource Governance Tools would you put in place?
[Example]
Governance MVP
A few options to consider
Resource Governance
Create an Azure Blueprint named “Governance-MVP” .
Enforce that users can only authenticate against existing role-based
Resource Organization: access control (RBAC) implementation.
Build only what you need but grow to this Create an Azure Policy to apply or enforce the following:
hierarchy. Resource tagging should require values for Department/Billing Unit,
MG Hierarchy: Business Unit, Geography, Geography, Data Classification, Criticality, SLA, Environment,
Environment Application Archetype, Application, and Application Owner.
Subscription: Per Application Category Publish the “Governance-MVP” blueprint to each management group and
Resource Groups: Per Application assign it to each subscription
We are here to help establish and
evolve cloud governance
How do I get started?
https://aka.ms/adopt/govern
https://aka.ms/adopt/gov/Assess
https://aka.ms/adopt/gov/MVP