Azure Insights: Policy for server auditing; Infrastructure as Code; Application Insights logging; Logic Apps

Azure pros share their insights on Policy for server auditing, Infrastructure as Code, Application Insights logging, and Logic Apps.

Auditing servers with Azure Policy

Microsoft senior cloud advocate Thomas Maurer explored how users can extend Azure Policy to guest operating systems of Azure VMs. Before auditing, users must setup a VM extension and enable system identity management. An extension isn't required for Arc connected machines because it is a part of the Arc Connected Machine agent. Within Azure portal, users can assign policy, select a policy definition to implement, and set parameters for Guest Configuration policies. After clicking Review + create, it takes a few minutes for the compliance view to show up.

He shared a command to deploy the extension at scale. He wrote:

If you want to get an overview of your compliance state, you can go to the Compliance page, and you will get an overview of the different assignments and their compliance state. You can also have a more detailed look at the initiative or policy and the definition. You cannot just use the built-in policies and initiatives, you can also write your own.

Microsoft offers built-in definitions, but users can also create their own policy definitions  with JSON definitions. 

The case for Infrastructure as Code

Thomas Thornton discussed Infrastructure as Code (IaC) as a way to eliminate inconsistencies, deploy more rapidly, and boost productivity. IaC offers source control by code reviewing pull requests, testing changes, and build validation configurations.