A guide to designing and implementing a tagging strategy for Azure Update Manager to organize and automate patch management.
A 30-day plan for Azure administrators to clean up, reset, and improve governance in a messy Azure environment using native tools.
Explains how to use Azure Policy to automate onboarding of Azure Subscriptions for cross-tenant management via Azure Lighthouse.
Open-source IaC pattern for deploying and managing Azure Policy at scale using Azure DevOps or GitHub Actions.
Explains Microsoft Azure Sovereign Landing Zones (SLZ), a framework for building compliant, controlled cloud foundations for regulated and sovereign workloads.
Explains the mystery of hidden tags in Azure, how they work, and their use cases for automation and management.
Explains how to automate Azure Lighthouse delegation at the management group level using Azure Policy for scalable, consistent multi-tenant management.
Learn how to use Azure Arc and Azure Policy to audit and enable the Windows Recovery Environment (WinRE) on Windows Servers for improved recovery and resilience.
Explains how to use Azure Policy to automatically enable Virtual Network Flow Logs across many VNets for security and troubleshooting.
Explains Azure Policy for automated cloud governance, covering policy definitions, assignments, and enforcement effects like deny and audit.
Explains how Azure Arc provides unified management for hybrid and multi-cloud environments, bringing on-prem and other cloud resources into Azure's control plane.
A practical guide to managing Azure Policy using PowerShell for automation, repeatability, and governance in existing Azure environments.
AzPolicyTest PowerShell module updated to v2.8.0 with new tests for Azure Policy resource type exclusions and effect validation.
A technical guide on creating Azure Policy exemptions at the Management Group level using Terraform, including a workaround for a common ID format error.
Explains how to implement sovereign controls in Azure using policies for data residency, encryption, and confidential computing.
Explains a critical Azure Policy limitation where databases created via SSMS on SQL Managed Instance bypass policy enforcement, posing security risks.
Creating custom Azure Policies to secure Azure Monitor Action Groups by restricting notifications and actions to authorized targets.
An updated Azure Policy definition for Storage Account minimum TLS version that supports TLS 1.3, addressing current tooling limitations.
Introduces the Azure Policy Restrictions REST API for checking policy constraints on resources, with a PowerShell helper function.
Azure Resource Graph now includes Policy Exemptions data, enabling cloud-scale queries and analysis with KQL examples provided.
