Skip to main content
SpringerLink
Log in

Policy and Governance of Hybrid and Multi-cloud Infrastructure

  • Chapter
  • First Online:
Azure Arc Systems Management

  • 51 Accesses

Abstract

One way to think about policy is as an enforced objective. To be useful, a technology estate must be shaped to suit its purpose. It is constantly subjected to disruptive forces and requires not only that the initial design targets be met but constant tuning to ensure it continually aligns to its desired state.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 49.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-ad-define

  2. 2.

    https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/hybrid/arc-enabled-servers/eslz-cost-governance#how-much-does-azure-arc-enabled-servers-cost

  3. 3.

    https://azure.microsoft.com/en-in/pricing/calculator/

  4. 4.

    https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/use-azure-policy-flux-2

  5. 5.

    www.akamai.com/blog/security/proposed-new-changes-in-owasp-api-security

  6. 6.

    https://dashboard.shadowserver.org/statistics/combined/map/comparison/

  7. 7.

    https://sysdig.com/blog/detecting-cryptomining-attacks-in-the-wild/

  8. 8.

    www.microsoft.com/licensing/terms/en-US/product/changes/MCA

  9. 9.

    https://techcommunity.microsoft.com/t5/fasttrack-for-azure/azure-policy-for-azure-container-apps-yes-please/ba-p/3775200

  10. 10.

    https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/validation-program#validated-distributions

  11. 11.

    https://falco.org/docs/rules/basic-elements/

  12. 12.

    https://reprints2.forrester.com/#/assets/2/108/RES179872/report

  13. 13.

    www.microsoft.com/en-us/security/blog/2023/09/19/forrester-names-microsoft-a-leader-in-the-2023-zero-trust-platform-providers-wave-report/

  14. 14.

    https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/policy-reference

  15. 15.

    https://learn.microsoft.com/en-us/azure/governance/policy/how-to/remediate-resources?tabs=azure-portal

  16. 16.

    https://learn.microsoft.com/en-us/azure/governance/policy/concepts/definition-structure#resource-manager-modes

  17. 17.

    https://learn.microsoft.com/en-us/azure/governance/policy/overview#maximum-count-of-azure-policy-objects

  18. 18.

    https://learn.microsoft.com/en-us/azure/governance/policy/concepts/definition-structure#policy-functions

  19. 19.

    https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/template-functions

  20. 20.

    https://learn.microsoft.com/en-us/azure/governance/policy/concepts/policy-for-kubernetes#install-azure-policy-extension-for-azure-arc-enabled-kubernetes

  21. 21.

    https://learn.microsoft.com/en-us/azure/governance/policy/concepts/effects

  22. 22.

    https://learn.microsoft.com/en-us/azure/governance/policy/concepts/effects#order-of-evaluation

  23. 23.

    https://learn.microsoft.com/en-us/azure/governance/policy/concepts/effects#manual and https://learn.microsoft.com/en-us/azure/governance/policy/concepts/attestation-structure

  24. 24.

    https://learn.microsoft.com/en-us/azure/governance/policy/concepts/attestation-structure

  25. 25.

    https://learn.microsoft.com/en-us/azure/governance/policy/concepts/policy-as-code

  26. 26.

    https://azure.github.io/enterprise-azure-policy-as-code/

  27. 27.

    https://learn.microsoft.com/en-us/azure/governance/policy/concepts/policy-as-code

  28. 28.

    http://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/initial-access-techniques-in-kubernetes-environments-used-by/ba-p/3697975

  29. 29.

    https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-a-server-to-listen-on-a-specific-tcp-port?view=sql-server-ver16

  30. 30.

    https://learn.microsoft.com/en-us/azure/azure-arc/servers/private-link-security

  31. 31.

    https://blog.aquasec.com/leveraging-kubernetes-rbac-to-backdoor-clusters

  32. 32.

    https://access.redhat.com/articles/7009182

  33. 33.

    https://portal.azure.com/#view/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F50c83470-d2f0-4dda-a716-1938a4825f62

  34. 34.

    https://learn.microsoft.com/en-us/azure/container-instances/container-instances-image-security#monitor-and-scan-container-images

  35. 35.

    https://portal.azure.com/#view/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F090c7b07-b4ed-4561-ad20-e9075f3ccaff

  36. 36.

    https://tinyurl.com/cakpbyk2

  37. 37.

    www.wired.com/story/container-registry-security-chainguard/

  38. 38.

    https://kubernetes.io/docs/reference/issues-security/official-cve-feed/

  39. 39.

    https://unit42.paloaltonetworks.com/kubernetes-privilege-escalation/#acc5816d-8466-4eaa-8349-e7855919a873

  40. 40.

    https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/

  41. 41.

    https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#validatingadmissionwebhook

  42. 42.

    https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/leveraging-defender-for-containers-to-simplify-policy-management/ba-p/3755757

  43. 43.

    https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-containers-introduction?toc=https%3A%2F%2Flearn.microsoft.com%2Fen-us%2Fazure%2Faks%2Ftoc.json&bc=https%3A%2F%2Flearn.microsoft.com%2Fen-us%2Fazure%2Fbread%2Ftoc.json

  44. 44.

    www.crowdstrike.com/blog/exploiting-cve-2021-3490-for-container-escapes/

  45. 45.

    https://ubuntu.com/security/notices/USN-6171-1

  46. 46.

    https://build.microsoft.com/en-US/sessions/e84dd80a-f3bb-4d3d-978e-ffd811e3bfe1?source=sessions

  47. 47.

    https://status.dev.azure.com/_event/392143683/post-mortem

  48. 48.

    https://learn.microsoft.com/en-us/azure/storage/common/redundancy-migration?source=recommendations&tabs=portal

  49. 49.

    https://learn.microsoft.com/en-us/sql/sql-server/azure-arc/assess?view=sql-server-ver16

  50. 50.

    https://github.com/microsoft/sql-server-samples/blob/master/samples/manage/sql-assessment-api/DefaultRuleset.csv

  51. 51.

    https://learn.microsoft.com/en-us/azure/governance/policy/how-to/remediate-resources?tabs=azure-portal#grant-permissions-to-the-managed-identity-through-defined-roles

  52. 52.

    https://developers.redhat.com/articles/2022/12/12/kubernetes-native-inner-loop-development-quarkus#container_based_inner_loop_solutions

  53. 53.

    https://codelabs.developers.google.com/innerloop-dev-cloud-workstations-nodejs#0

  54. 54.

    https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/conceptual-inner-loop-gitops

  55. 55.

    https://learn.microsoft.com/en-us/azure/governance/policy/how-to/programmatically-create

  56. 56.

    https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37968

  57. 57.

    www.progress.com/security/moveit-transfer-and-moveit-cloud-vulnerability

  58. 58.

    www.securityweek.com/evidence-suggests-ransomware-group-knew-about-moveit-zero-day-since-2021/

  59. 59.

    https://federalnewsnetwork.com/cybersecurity/2023/06/energy-department-among-several-federal-agencies-hit-by-moveit-breach/

  60. 60.

    www.oregonlive.com/commuting/2023/06/massive-hack-of-oregon-dmv-system-puts-estimated-35-million-driver-license-and-id-card-info-at-risk-officials-say.html

  61. 61.

    https://techmonitor.ai/technology/cybersecurity/zellis-cyberattack-british-airways-boots-bbc

  62. 62.

    www.mandiant.com/resources/blog/zero-day-moveit-data-theft

  63. 63.

    www.bakerdonelson.com/moveit-transfer-zero-day-vulnerability-what-companies-need-to-know

  64. 64.

    www.whitehouse.gov/wp-content/uploads/2023/03/National-Cybersecurity-Strategy-2023.pdf

  65. 65.

    https://learn.microsoft.com/en-us/azure/cost-management-billing/finops/overview-finops

  66. 66.

    www.linkedin.com/pulse/demystifying-azure-cloud-finops-best-practices-optimizing-tarun-sood/

  67. 67.

    www.trendmicro.com/en_fi/research/22/h/what-exposed-opa-servers-can-tell-you-about-your-applications-.html

  68. 68.

    www.azadvertizer.net/index.html

Author information

Authors and Affiliations

  1. Redwood City, CA, USA

    Ramona Maxwell

Authors
  1. Ramona Maxwell
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to APress Media, LLC, part of Springer Nature

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Maxwell, R. (2024). Policy and Governance of Hybrid and Multi-cloud Infrastructure. In: Azure Arc Systems Management. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-9480-2_7

Download citation

Publish with us

Policies and ethics

Search

Navigation