Browsed by
Month: May 2023

Terraform Module to Restrict App Service Plan SKUs: Inspired by AZAdvertizer

Terraform Module to Restrict App Service Plan SKUs: Inspired by AZAdvertizer

Comments 0 Comment

In Azure, maintaining compliance and minimizing risk is a constant challenge. This is particularly true when managing App Service Plans for a tenant(s), where unrestricted use of all SKUs can introduce risk. This becomes crucial in environments where adherence to specific App Service Plans is a requirement. Alternatively, in a remediation scenario, if your organization lacks governance and has created numerous improperly specified App Service Plans, you can first remediate these, and then deploy and assign this policy definition. To…

Read More Read More

terraform-azurerm-disallow-ragrs-policy: A Terraform Module to Prevent or Audit the Creation of Standard_RAGRS Storage Accounts

terraform-azurerm-disallow-ragrs-policy: A Terraform Module to Prevent or Audit the Creation of Standard_RAGRS Storage Accounts

Comments 0 Comment

As Azure engineers, we need to be prudent in managing our resources. One such resource is storage accounts. The default option when creating a storage account via the Azure portal or CLI is Standard_RAGRS SKU, which is usually overkill. Here, we introduce the terraform-azurerm-disallow-ragrs-policy module that helps enforce cost-effective use of storage by preventing or auditing the creation of Standard_RAGRS storage accounts. Understanding the Standard_RAGRS vs Standard_GRS Dilemma Standard_RAGRS (Read-Access Geographically Redundant Storage) offers geo-replication across two regions, with read-only…

Read More Read More