Our Minimum Viable Cloud (MVC) methodology is core to how we at CTP build produc-
tion-grade public cloud environments with baseline security and automation. Keeping
up with contemporary industry best practices and the latest cloud services from CSPs
are key to delivering a successful cloud foundation. This article will review several recent
announcements and enhancements from Microsoft and explore how they impact future
iterations of one’s Azure infrastructure.
The key announcements and updates discussed in this article can be categorized
according to these aspects of the MVC:
•
Governance: helping accelerate the consistent set of standards and tooling
required to deploy and manage secure Azure environments across multiple
regions and subscriptions.
•
Security: measures and solutions in place that address controls, technology
and governance to deliver a secure cloud and enable compliance with any regula-
tory needs or concerns.
•
Networking: building upon the recommended hub-and-spoke networking
model to enable on-premises-to-Azure connectivity; recent Microsoft announce-
ments help simplify branch office connectivity and globally improve service
delivery.
Azure Governance
1. Management Group and Azure Policies provide a solid approach to govern the
Azure environment without interrupting the work of developers and operations.
Now, the custom or ready-made resource policies, RBAC (role-based access con-
trol) policies and cost management that are applied at the management group
level are inherited across all the subscriptions grouped inside a management group.
Tenant Root Group
Dev and Test Group
Dev and Test Subscription
Production Group
Production Subscription
Figure 1: Azure Hierarchy of Management Groups and Subscriptions
WINTER 2019 | THE DOPPLER | 29