Browsed by
Tag: Azure Policy

AzNonComplianceReport.ps1: A PowerShell Script to Output a CSV of Non-compliant Resources From Azure Policy

AzNonComplianceReport.ps1: A PowerShell Script to Output a CSV of Non-compliant Resources From Azure Policy

Comments 0 Comment

In Azure, you often have to deal with non-compliant resources and their associated details. You might think Microsoft would provide a native export tool to do this through the Azure portal. However, there is no direct way to export a list of non-compliant resources for a specific tenant, subscription, or policy assignment. That’s why I created the AzNonComplianceReport PowerShell script to generate a list of non-compliant resources that need remediation. How to Use The AzNonComplianceReport is simple to use: Once…

Read More Read More

Terraform Module to Restrict App Service Plan SKUs: Inspired by AZAdvertizer

Terraform Module to Restrict App Service Plan SKUs: Inspired by AZAdvertizer

Comments 0 Comment

In Azure, maintaining compliance and minimizing risk is a constant challenge. This is particularly true when managing App Service Plans for a tenant(s), where unrestricted use of all SKUs can introduce risk. This becomes crucial in environments where adherence to specific App Service Plans is a requirement. Alternatively, in a remediation scenario, if your organization lacks governance and has created numerous improperly specified App Service Plans, you can first remediate these, and then deploy and assign this policy definition. To…

Read More Read More

terraform-azurerm-disallow-ragrs-policy: A Terraform Module to Prevent or Audit the Creation of Standard_RAGRS Storage Accounts

terraform-azurerm-disallow-ragrs-policy: A Terraform Module to Prevent or Audit the Creation of Standard_RAGRS Storage Accounts

Comments 0 Comment

As Azure engineers, we need to be prudent in managing our resources. One such resource is storage accounts. The default option when creating a storage account via the Azure portal or CLI is Standard_RAGRS SKU, which is usually overkill. Here, we introduce the terraform-azurerm-disallow-ragrs-policy module that helps enforce cost-effective use of storage by preventing or auditing the creation of Standard_RAGRS storage accounts. Understanding the Standard_RAGRS vs Standard_GRS Dilemma Standard_RAGRS (Read-Access Geographically Redundant Storage) offers geo-replication across two regions, with read-only…

Read More Read More