IN THIS CHAPTER

Implementing taxonomic tags to organize and track Azure resources

Enforcing standardized Azure environments with Azure Policy

Azure governance is how your organization approaches the management of your various Azure resources. For instance, how can you ensure that resources are deployed only to authorized regions? How can you limit resource sizes so you don’t exceed your budget? In this chapter, you see how to use Azure’s core governance tools: taxonomic tags and Azure Policy.

Implementing Taxonomic Tags

The resource group is Azure’s fundamental deployment unit. The idea is that you place all resources that share a life cycle in the same resource group to simplify management and auditing.

Life is rarely that simple, however. It’s just as likely that you’ll have deployments that span resource groups, regions, and even subscriptions. Satisfying your accounting and compliance departments to track these loosely coupled resources can be difficult.

Using taxonomic tags is the answer. In Azure, a tag is a simple key/value pair. As long as a user has write access to a resource, he or she can add existing tags to that resource or create a new tag.

For example, you may have tags to denote various cost centers in your organization, ...