7 Errors and 5 Concepts to Follow When Implementing the Azure Cloud
Cloud Governance is the Answer
You’ve received access to your Azure subscription and your team (you included) can’t wait to jump right in. Developers, architects and operations all want access and want to create their own environments to play with so moving to the cloud is an exciting time for most.
Business leadership keeps hearing how the cloud enables businesses to be more agile, efficient and cost effective. However, without proper governance can lead to unforeseen issues and decrease the benefits the cloud is supposed to bring.
The paradigm shift to cloud technologies introduces new approaches for implementing technology solutions. Businesses already have a strong foundation and processes for managing their on-premises infrastructure and application development. However, this foundation does not directly apply to the cloud which can cause some pretty costly problems.
7 Common Business Mistakes When Moving to the Cloud
Here are the most common mistakes that businesses make when embarking on their cloud journey. Proper planning and governance will prevent these:
- The subscription owner role is granted to IT administrators and developers
- Users are granted access resources explicitly, not using groups
- Developers create resource groups and resources without approvals
- No naming conventions
- Resources are not tagged, and it becomes difficult to trace back its origins and purpose
- Subscription monthly costs go over budget
- Resources are publicly accessible
This list can keep going on and on, but I think you get the idea. These all have direct impacts to the business, including cost and security from the start. The key is not to wait until you get a surprise on your monthly Azure bill or until “cloud sprawl” makes your account too much to handle.
Even Microsoft recognizes that businesses can get into trouble by simply jumping into the cloud. Their goal is to help ensure that Azure provides long-term value and as a result are jumping in to the governance and cost containment conversation. The key thing is that a little bit of planning at the start will save a lot of time and money in the future.
5 Azure Cloud Governance Concepts to Follow
Microsoft Azure provides management concepts and services to help you govern your subscription. They should complement other governance strategies such as corporate policies, processes and tools.
- Set Governance Milestones
- Create a journey with key milestones relating to governance visible to all.
- Before the first cycle begins, a baseline or minimum viable product should be established. It will quickly invoke governance strategies to address those obvious risks based on existing corporate policies, processes, tools and any challenges faced so far.
- Once established, the governance evolution will begin as journey moves forward.
- Make this a living journey. Create new milestones when the initial project plan is complete and as new business initiatives and risks are introduced.
- The cycle can continue indefinitely as your business evolves and adapts newer technologies.
- Implement Management Groups
- Build hierarchy to efficiently manage multiple subscriptions within the same Azure AD Tenant.
- Apply policies and role-based access control for subscriptions with automatic inheritance.
- Have a Governance Policy
- Enforce different rules and effects over your resources.
- Real time deployment and daily evaluation to ensure your resources stay compliant.
- Build and Follow a Blueprint
- Centralizes a repeatable set of Azure resources that adheres of organization standards, patterns and requirements.
- Designed to help with environment setup and stamps out environments as needed.
- A Blueprint can contain resource group creations, role assignments, policy assignments and ARM templates.
- Share a Resource Graph
- Provides administrators to rapidly query resources across subscriptions and management groups.
- Explore resources based on governance requirements and converting these results to policy definitions.
Follow these 5 concepts and you’ll be off to a great start to proper Azure cloud governance.
Adopting cloud technologies without proper governance will lead to unforeseen issues. These issues will be both difficult and potentially costly to fix later in the journey.
Start early and establish a baseline as you start your journey to the cloud. Doing this now rather than later will lead to a more controlled environment, eliminate unwanted business risks and better govern your investment. Microsoft provides a lot of concepts, services and tools to assist with enforcing governance. Establishing a Cloud Governance or Cloud Custodian team to analyse, plan and deploy will pay-off big time and provide your business with an advantage it needs.