Govern an Azure instance in your datacenter
Governing hybrid solutions across public and private cloud platforms adds complexity. Because your Azure Stack Hub deployment is your own private instance of Azure running in your datacenter, that complexity is inherently reduced.
The business processes, disciplines, and many of the best practices outlined in the Govern methodology of the Cloud Adoption Framework can still be applied to hybrid governance with Azure Stack Hub. Many cloud-native tools used in the public cloud version of Azure can also be used in your Azure Stack Hub deployment.
Azure Stack Hub governance considerations
The following series of blogs shows how your organization can implement cloud governance concepts for Azure Stack Hub:
- Organizational services such as resource groups, Azure role-based access control (Azure RBAC), change auditing, locks, and tags.
- Security services, including default firewalls, restrictions, VM updates and patch management, and malware status.
- DevOps options, including infrastructure as code, a portal with PowerShell and command-line interface, Azure Application Insights, and integration with Azure DevOps and Jenkins.
Governance toolchain for Azure Stack Hub
For guidance on applying cloud-native governance tools to Azure Stack Hub environments, see:
- Azure Resource Manager templates and Desired State Configuration
- Azure Policy
- Azure role-based access control
For guidance on specific elements of the cloud adoption journey, see: