This is the Lesson 2 of the "Azure Governance - Free training" serie.
This document describes Azure Locks and lists all key items you should now when designing your Azure Lock Hierarchy.
Finally, the document describes all methods/tools (GUI & CLI) you can use to create and apply Azure Locks to your Subscriptions, Resource Groups and Azure Resources.
This is the Lesson 4 of the "Azure Governance - Free training" serie.
This document presents Azure Policy in-depth and lists all key items you should now when designing your Azure Policy Model.
Finally, the document describes all methods/tools (GUI & CLI) you can use to create, manage and assign Policy (Definition and Initiative Definition) to your Azure environment.
Creating and using a Custom Policies is also detailed on this document.
Azure Role Based Access Control with an use case and explanation about various concepts like Global Administrators, Role Assignments, Account Administrators, Azure Roles, Custom Roles for both Azure AD and Azure Subscriptions
here's where Microsoft has invested, across these areas: identity and access management, apps and data security, network security, threat protection, and security management.
We’ve put a tremendous amount of investment into these areas and the way it shows up is across a pretty broad array of product areas and features.
Our Identity and Access Management tools enable you to take an identity-based approach to security, and establish truly conditional access policies
Our App and Data Security help you protect your apps and your data as it moves around—both inside and outside your organization
Azure includes a robust networking infrastructure with built-in security controls for your application and service connectivity.
Our Threat Protection capabilities are built in and fully integrated, so you can strengthen both pre-breach protection with deep capabilities across e-mail, collaboration services, and end points including hardware based protection; and post-breach detection that includes memory and kernel based protection and response with automation.
And our Security Management tools give you the visibility and more importantly the guidance to manage policy centrally
On-board services quickly, drive compliance against internal and external policies, and unlock developer agility with Azure's built-in governance services. Azure Policy will help you govern your Azure resources with simplicity, enforce policies and audit compliance, and monitor compliance continuously. Join Joseph Chan, principal group PM, who is behind all things Azure Policy.
This is the Lesson 4 of the "Azure Governance - Free training" serie.
This document presents Azure Policy in-depth and lists all key items you should now when designing your Azure Policy Model.
Finally, the document describes all methods/tools (GUI & CLI) you can use to create, manage and assign Policy (Definition and Initiative Definition) to your Azure environment.
Creating and using a Custom Policies is also detailed on this document.
Azure Role Based Access Control with an use case and explanation about various concepts like Global Administrators, Role Assignments, Account Administrators, Azure Roles, Custom Roles for both Azure AD and Azure Subscriptions
here's where Microsoft has invested, across these areas: identity and access management, apps and data security, network security, threat protection, and security management.
We’ve put a tremendous amount of investment into these areas and the way it shows up is across a pretty broad array of product areas and features.
Our Identity and Access Management tools enable you to take an identity-based approach to security, and establish truly conditional access policies
Our App and Data Security help you protect your apps and your data as it moves around—both inside and outside your organization
Azure includes a robust networking infrastructure with built-in security controls for your application and service connectivity.
Our Threat Protection capabilities are built in and fully integrated, so you can strengthen both pre-breach protection with deep capabilities across e-mail, collaboration services, and end points including hardware based protection; and post-breach detection that includes memory and kernel based protection and response with automation.
And our Security Management tools give you the visibility and more importantly the guidance to manage policy centrally
On-board services quickly, drive compliance against internal and external policies, and unlock developer agility with Azure's built-in governance services. Azure Policy will help you govern your Azure resources with simplicity, enforce policies and audit compliance, and monitor compliance continuously. Join Joseph Chan, principal group PM, who is behind all things Azure Policy.
This is the Part 1 of the Azure Active Directory Topic. In this session I introduce the Azure AD and talk about what it is, how it differentiates with on-premises Active Directory Domain Services (AD DS). Further, in this session I provide demos on how to create Azure AD Users from the Azure Portal, associate Custom domains with the Azure AD tenant and the Azure AD PowerShell module. As a bonus, I also talk about and demo how to create additional Azure AD directory within the subscription.
What is Microsoft Azure?
What is Azure used for?
Why do businesses want to use someone else's hardware?
What are the advantages of virtualization?
Is Azure secure?
How does Azure stack up against the competition?
To help you make an informed decision about whether Azure is right for your business.
This presentation walks through the Security and Compliance functionality to customers leveraging Azure as a compute environment. It includes deep-dive references to detailed information on each topic presented.
Today, the development and operations landscape has shifted to a more collaborative model merging the two (DevOps). Developers need to know much more about the operational components of their software - especially around network programming, services development, and continuous deployment. Likewise, the developer's IT counterpart needs to know much more about development - especially around infrastructure automation (Chef/Puppet), automated testing, and continuous deployment.
In the event of a disaster, you need to be able to recover lost data quickly to ensure business continuity. For critical applications, keeping your time to recover and data loss to a minimum and optimizing your overall capital expense can be challenging. This session presents AWS features and services along with disaster recovery architectures that you can leverage when building highly available and disaster-resilient strategies.
am going to introduce you to Azure Bastion in Microsoft Azure and teach you how to create your first Azure bastion host, connect to a virtual machine and work a virtual machine session.
Watch on YouTube
------------------------
https://youtu.be/8-_JPzdWe1I
In this presentation, you learn
---------------------------------------
- What is Azure Bastion and what is trying to achieve?
- How to create an Azure Bastion host.
- How to connect to a VM using Azure Bastion
- How to work with a virtual machine Session
View the full blog post here with all scripts
https://blog.ahasayen.com/introducing-azure-bastion/
Connect with me
----------------------------
About me: https://me.ahasayen.com
Blog: https://blog.ahasayen.com
Twitter: https://twitter.com/ammarhasayen
LinkedIn: https://www.linkedin.com/in/ammarhasayen
Instagram: https://www.instagram.com/ammarhasayen
SlideShare: https://www.slideshare.net/ammarhasayen
View my Pluralsight course : Implementing Azure AD Privileged Identity Management
https://www.pluralsight.com/courses/microsoft-azure-privileged-identity-management-implementing
With this support you would be able to have the basic of Azure and you will have the necessary knowledge to take the AZ900 Microsoft Azure Fundamentals Exam.
This support is a summary from the path Azure fundamentals in Microsoft Learn: https://docs.microsoft.com/en-us/learn/paths/azure-fundamentals/.
This slide deck provides the basics of Azure App Service. This presentation was presented by Harikharan Krishnaraju, Developer Support Escalation Engineer, Microsoft during the TechMeet360 event organized by BizTalk360, held on December 17, 2016 at Coimbatore.
This is the Lesson 3 of the "Azure Governance - Free training" serie.
This document presents Azure Tags in-depth and lists all key items you should now when designing your Azure Tags model.
Finally, the document describes all methods/tools (GUI & CLI) you can use to create and apply Azure Tags to your Azure environment.
This is the Part 1 of the Azure Active Directory Topic. In this session I introduce the Azure AD and talk about what it is, how it differentiates with on-premises Active Directory Domain Services (AD DS). Further, in this session I provide demos on how to create Azure AD Users from the Azure Portal, associate Custom domains with the Azure AD tenant and the Azure AD PowerShell module. As a bonus, I also talk about and demo how to create additional Azure AD directory within the subscription.
What is Microsoft Azure?
What is Azure used for?
Why do businesses want to use someone else's hardware?
What are the advantages of virtualization?
Is Azure secure?
How does Azure stack up against the competition?
To help you make an informed decision about whether Azure is right for your business.
This presentation walks through the Security and Compliance functionality to customers leveraging Azure as a compute environment. It includes deep-dive references to detailed information on each topic presented.
Today, the development and operations landscape has shifted to a more collaborative model merging the two (DevOps). Developers need to know much more about the operational components of their software - especially around network programming, services development, and continuous deployment. Likewise, the developer's IT counterpart needs to know much more about development - especially around infrastructure automation (Chef/Puppet), automated testing, and continuous deployment.
In the event of a disaster, you need to be able to recover lost data quickly to ensure business continuity. For critical applications, keeping your time to recover and data loss to a minimum and optimizing your overall capital expense can be challenging. This session presents AWS features and services along with disaster recovery architectures that you can leverage when building highly available and disaster-resilient strategies.
am going to introduce you to Azure Bastion in Microsoft Azure and teach you how to create your first Azure bastion host, connect to a virtual machine and work a virtual machine session.
Watch on YouTube
------------------------
https://youtu.be/8-_JPzdWe1I
In this presentation, you learn
---------------------------------------
- What is Azure Bastion and what is trying to achieve?
- How to create an Azure Bastion host.
- How to connect to a VM using Azure Bastion
- How to work with a virtual machine Session
View the full blog post here with all scripts
https://blog.ahasayen.com/introducing-azure-bastion/
Connect with me
----------------------------
About me: https://me.ahasayen.com
Blog: https://blog.ahasayen.com
Twitter: https://twitter.com/ammarhasayen
LinkedIn: https://www.linkedin.com/in/ammarhasayen
Instagram: https://www.instagram.com/ammarhasayen
SlideShare: https://www.slideshare.net/ammarhasayen
View my Pluralsight course : Implementing Azure AD Privileged Identity Management
https://www.pluralsight.com/courses/microsoft-azure-privileged-identity-management-implementing
With this support you would be able to have the basic of Azure and you will have the necessary knowledge to take the AZ900 Microsoft Azure Fundamentals Exam.
This support is a summary from the path Azure fundamentals in Microsoft Learn: https://docs.microsoft.com/en-us/learn/paths/azure-fundamentals/.
This slide deck provides the basics of Azure App Service. This presentation was presented by Harikharan Krishnaraju, Developer Support Escalation Engineer, Microsoft during the TechMeet360 event organized by BizTalk360, held on December 17, 2016 at Coimbatore.
This is the Lesson 3 of the "Azure Governance - Free training" serie.
This document presents Azure Tags in-depth and lists all key items you should now when designing your Azure Tags model.
Finally, the document describes all methods/tools (GUI & CLI) you can use to create and apply Azure Tags to your Azure environment.
The systems administrator role is perhaps one of the oldest in computer technology. However in this modern cloud computing world some of them will evolve into Cloud Administrators. As for those admins? It could be a case of how more things change, the more they stay the same. In their new role as an Azure Administrator they will be responsible for implementing, monitoring and maintaining Azure resources and use a complete new skill set. In this session you will learn 7 habits every new Azure admin must have. You will not only learn about Azure Cost Management, and Azure Governance, but also which tools you can use to connect securely to your Azure resources. So join us in this session to learn some tips, tricks and things you should keep in mind in this new job role.
Cloud Sobriety for Life Science IT Leadership (2018 Edition)Chris Dagdigian
Candid/blunt AWS advice for research IT and life science IT leadership. Hard lessons learned from many years of AWS consulting. Contact dag@bioteam.net if you want a PDF copy of this presentation
People are deploying servers in cloud environments faster than ever before but most are still not doing so in a safe and secure manner. Too few server instances are hardened as a part of the provisioning process; often leaving the technological doors wide open for potential service disruption by malicious threat agents — such as malware, automated attack tools and human attackers. This talk will explain how Chef can be used to automate the creation and maintenance of secure server baselines as a foundation for securely operating in cloud environments.
Chef as a One-Stop Solution on Microsoft AzureKarsten Müller
We are using Chef as a One-Stop Solution on Microsoft Azure. Based on Azure DevOps as our CI/CD pipeline we are using Chef Cookbooks to provision infrastructure, deploy and configure software. We are doing compliance testing with Inspec too and are happily using Automate to represent the results.
So you have deployed your web app to Azure. Now, how do you make it more secure and compliant?
In this fast-paced talk we will run through an overview of some of the Azure technologies that you can use to better protect your web applications in Azure - all depending on your required security level, of course. The talk will set out a framework for you to consider which protections you want to put in place and provide you with the awareness of the tools at your disposal.
https://www.lytzen.name/talks/Securing_web_apps_in_azure.html
Azure Low Lands 2019 - Building secure cloud applications with Azure Key VaultTom Kerkhove
It is not a secret that it is hard to manage sensitive information. Azure Key Vault allows you to securely store this kind of information ranging from secrets & certificates to cryptographic keys.
Great! But how do you use it? How do I authenticate with it and how do I build robust applications with it?
Come join me and I'll walk you through the challenges and give you some recommendations.
Microsoft’s cloud, called Windows Azure, offers IaaS soloutions, but also, much more interesting, a PaaS solution for hosting of .Net, Java, Python, NodeJS and of course PHP sites. This presentation will go through some of the interesting services of Azure, what you can do with, and how you deploy to Azure. I will talk about cron jobs, auto scale, SSL, continuous deployment and much more.
Core strategies to develop defense in depth in AWSShane Peden
Information security guidance and strategies for securing cloud infrastructure in Amazon Web Services, presented by risk3sixty LLC and Afonza. Atlanta based cyber risk management.
This document helps you designing your Azure Naming Convention model.
It includes :
> Naming standards rules and restrictions
> Azure Naming Convention Best Practices
> All informations you should you know to successfully create your Azure naming convention model.
Azure Identity (AD,ADFS 2.0,AAD,ADB2C,OAuth,OpenID,PingID,AD Custom Policies) ,
Azure PaaS (Azure Functions, Serverless computing, Azure Comsos DB, Webhooks, API Apps, Logic Apps, Kudu, Azure Websites), Azure Functions, Lamda Function, Event Functions, Serverless architecture, Implementing azure functions on GIT HUB comment feature, Why Azure Functions, Azure Virtual Machines, Azure Cloud Services, Azure Web Apps & WebJobs, Service Fabric, Consumption Plans, Billing Model, Benefits of Azure Functions, What is serverless, Implementing bigger solutions into smaller azure functions, Microservices, Use cases, Function App, Implementation storing unstructured data using Azure functions into Cosmos DB, Cosmos DB, Custom Azure functions, Azure Cosmos DB, IOTS, Document DB, Doc DB, How to setup a Jenkins build server and automatically trigger code from Visual studio online,Azure App Service, App service Environment, Azure Stack, Managing Azure App services, Azure Powershell, Azure CLI, REST APIS, Azure Portal, Templates, Kudu Console access, Run GIT Commands on Kudu Console, Locking Azure Resources, Configuring Custom Domains, Adding Extensions to Azure Web App/Websites, App service Deployment options, Data Services in Azure , Azure SQL, Azure SQL server, Azure SQL database vs SQL server in a Azure VM, SQL Tiers, DTU, Data Transactional Unit, Planning & provisioning azure SQL databases,Migrating SQL Databases, Azure SQL Server, SQL server transactional replication, Deploy database to Microsoft Azure Database Wizard, DAC package, DAC, SQL compatibility issues, Migrating SQL with downtime, DMA, Data Migration Assistant, Database Snapshot, Migrating SQL without downtime, DTU, Data Transactional Unit, Recommendations for best performance during SQL Import Process, Transactional Replication, T-SQL, Task to implement what ever you learnt till now,
We all know Azure is a powerful platform but many aren’t aware of the little features lurking in the corners than can transform you from an Azure Acolyte to full blown Azure Ninja. In this whirlwind session we’ll cover tips on everything from UI Customization to CLI’s lurking in unexpected places and from free tools and services to mysterious repositories of wisdom and enlightenment.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
2. Contoso Ltd.
About me
Microsoft MVP
• Windows Expert-IT Pro (2014-2015)
• Cloud and Datacenter Management (2016)
• Enterprise Mobility /RDS (2017)
• CDCM /Azure (2018)
Founder
@BecomeITExpert.com
Co-Founder
@K&K Group
Think {Cloud /DevOps /Security}
IT Author (+10 eBooks)
• RDS 2012 R2 and 2016 Pocket Consultant
• RDS & OS Security & Hardening guide
• Azure CLI 2.0 Pocket Consultant
• GPO, PowerShell, AppLocker …
Lead Cloud Architect /Az Expert
• Working for several large companies
and international group including
Thales, Areva, Rabobank, Gemalto,
Vinci, CE, BP…etc
IT Blogger
• hichamkadiri.wordpress.com
• AskTheCloudExpert.wordpress.com
• ~2millions views ☺
/hicham_kadiri
/in/hichamkadiri
TechNet Contributor (Top 0,5%)
• MTFC (Microsoft Technical French Contributor)
• MCC (Microsoft Community Contributor)
Hicham KADIRI (aka #HK)
3. Document Objectives
• Reminder about Azure Governance
• Explains the importance of Locks in
the Microsoft Azure environment
• Keys items You Should Know
• Azure Locks vs Azure RBAC
• Required rights for Azure Locks
• Azure GUI & CLI Tools you can use
to create and Apply Azure Locks
• DEMO : HowTo Lock your Azure
Subscriptions, RG and Resources
7. Contoso Ltd.
Microsoft Azure Locks
What is it and Why it’s important ?
• Azure Locks are an amazing way to protect your
subscriptions, resource groups and Azure resources.
• They ensure that what we have implemented
is not changed, or worse, accidentally deleted.
Important Note
Azure Lock does not replace Azure RBAC. Cf next Slide !
#HK
9. Contoso Ltd.
Microsoft Azure Locks
What You Should Know : Lockable Objects
• You can Lock :
• Subscription
• Resource Group
• Resource
#HK
10. Contoso Ltd.
Microsoft Azure Locks
What You Should Know : Lock Types
• There are two Lock Types :
• CanNotDelete
▪ You can “Read & Modify” the Resource
▪ You can’t Delete the Resource
• Read-Only
▪ You can Read Resource Properties/Infos
▪ You can’t Delete or Modify Resource
▪ Important Note:
▪ Could have undesired results !
#HK
11. Contoso Ltd.
Microsoft Azure Locks
What You Should Know : Inheritance
• When you apply a lock at a parent scope, all resources within that scope
inherit the same lock. Even resources you add later inherit the lock from
the parent. The most restrictive lock in the inheritance takes precedence.
#HK
Resource Group inherits Locks from Subscriptions
Resource (eg : Azure VM) inherits Locks from Subscriptions
and Resource Groups
14. Contoso Ltd.
Microsoft Azure Locks
Required “Rights”
• To create or delete management locks, you must have access to the following
actions :
• Microsoft.Authorization/*
• Or Microsoft.Authorization/Locks/*
Note
Of the built-in roles, only Owner and User Access Administrator are granted those
actions.
#HK
16. Contoso Ltd.
Difference between
Azure Locks vs Azure RBAC
• Azure Role-Based Access Control (RBAC) helps you manage who has access to
Azure resources, what they can do with those resources, and what areas they have
access to. Azure RBAC helps you manage access for users, groups, service
principals.
• Unlike Role-Based Access Control, you use Azure Locks to apply a restriction across
all users and roles.
• Useful Link
• Visit the following link to read more about Azure RBAC :
https://docs.microsoft.com/bs-latn-ba/azure/role-based-access-control/
#HK
18. Contoso Ltd.
Azure GUI & CLI Tools you can use
To create and apply Azure Locks
• Azure Locks can be created and applied using different GUI & CLI Tools :
• GUI :
▪ Azure Portal
• CLI
▪ Windows PowerShell (using AzureRM Module)
▪ Azure CLI 2.0
#HK
21. Contoso Ltd.
HowTo #1
Lock your Az Subscriptions, RG and Resources via Azure Portal
• Connect to Azure Portal
• https://portal.azure.com
• Go to Subscriptions blade and select
the Subscription you want to Lock
• Then click on “Resource Locks”
• Click “Add” and add your Azure Lock
• You have to enter the following infos :
▪ Lock Name
▪ Lock Type :
▪ Delete
▪ Read-only
▪ Notes (Lock Description)
#HK
22. Contoso Ltd.
Important Note
Lock your Az Subscriptions, RG and Resources via Azure Portal
• If you want to create and apply Locks to Resource Groups or a specific Azure Resource, just Select
your RG ou Azure Resource to lock and then, click on “Locks”. Finally click “Add” and enter the
following infos :
• Lock Name
• Lock Type
▪ Delete
▪ Read-Only
• Lock Notes (description)
#HK
24. Contoso Ltd.
Important Note
Lock your Az Subscriptions, RG and Resources via Azure Portal
• The New-AzureRmResourceLock Cmd-let is used to create a new Azure Lock.
• In the following example, a new Lock will be created and applied to hk-confident-rg resource group
#HK
25. Contoso Ltd.
Important Note
Lock your Az Subscriptions, RG and Resources via AzureRM Module
• If you want to create and apply Locks to a specific Azure Resource, you have to add –ResourceType
parameter
• In the following example, a new Azure Lock will be created and applied to “hk-prod-website”
resource. This is an Azure WebSite, a “Microsoft.web/sites” resource type is specified/used :
#HK
New-AzureRmResourceLock -LockName « hk-prod-website-lock"
-LockLevel CanNotDelete -LockNotes "This Lock prevents accidental
deletion of HK-Web-Prod-WebSite resource" -ResourceName « hk-
prod-website" -ResourceType "microsoft.web/sites"
27. Contoso Ltd.
HowTo #3
Lock your Az Subscriptions, RG and Resources via Azure CLI
• The Az Lock Create Command is used to create a new Azure Lock.
• In the following example, a new Lock will be created and applied to hk-confident-rg
resource group
#HK
28. Contoso Ltd.
Do you have any Azure
Project (Design/Architecture/Migration)?
If yes, feel free to contact us
Your Contacts
Hicham KADIRI
Lead Cloud Architect /Azure Advisor & Microsoft MVP
hicham.kadiri@k-nd-k-group.com
+33 (0)6 52 97 72 84
Mohsine CHOUGDALI
Key Account Manager
mohsine.chougdali@k-nd-k-group.com
+33 6 66 26 55 15
A K&K Group Company