Azure Policy has a unique feature compared to other competitors when it comes to evaluating Azure Resources. As Azure Policy is built along Azure Resource Manager (ARM) policies are in effect right away. This means if you have policy that blocks location and you try to deploy to that location a resource you will not be able to. The effect is enforced no matter if you use ARM Template Deployments, Portal, PowerShell, CLI, SDK or just plain old REST API. Of course on existing resources the policies are evaluated once 24 hours but you can of course trigger on-demand evaluation scan. The time that the scan will run depends on how many resources the policy will need to evaluate. Obviously policies that evaluate many resources (such as policies for tags or locations) will take longer (also dependable on the number of resources for the applied scope).
I have been away from blogging for a while as I needed to dedicate some more time to my family but now I am back with new blog post. Today’s topic we will focus on two Azure Monitor features – Resource Health and Log Analytics. Resource Health is may be not so known feature of Azure Monitor. The service will basically track the health of your resources for specific known issues. Think of it like something between Service Health which monitors health for specific services rather resources on higher level and Log Analytics/Application Insights which allows you to monitor on lower level. Using all of them you can achieve end-to-end monitoring. There are a number of resources that are supported by resource health with a number of issues that are monitored. My advise is if you do not have any monitoring on an Azure resource you should at least create resource health alerts for it. Even if you have monitoring I would still advise to use resource health as it will alert you on things that you probably cannot or your are not checking with your monitoring.
One of my blog readers has asked me about policy for sending Azure Activity logs to Log Analytics. As I have written before this is now possible via diagnostic settings at subscription level and thus is easier to make this into policy.
In case you couldn’t catch the Inside Azure Management Virtual Summit live we have now uploaded the recordings. You can check them out at Inside Azure Management YouTube channel. Enjoy the free content.
As you know we recently have released the fourth edition of Inside Azure Management book. What is better then free book? – A free book and free virtual summit. Yes that is right we are organizing a free virtual summit titled Inside Azure Management. I must say the actual organization is mainly led by Peter Zerger so once again I would like to thank him for his efforts. The virtual summit will take place on 23rd of July. If you want to register you can check the official web site of the event. You will find some interesting sessions and speakers that you might not see so much on other events. I will be delivering a session titled "Exploring Configuration Management in Azure" which will focus on showing you the different configuration management options within Azure with focus on Azure Policy and Azure Resource Manager Deployments.
It is also important to say that if you like the summit and you want to help people you can check one of the causes we are supporting with this event.
Enjoy the summit!!!