Govern an Azure instance in your datacenter

Governing hybrid solutions across public and private cloud platforms adds complexity. Because your Azure Stack Hub deployment is your own private instance of Azure running in your datacenter, that complexity is inherently reduced.

The business processes, disciplines, and many of the best practices outlined in the Govern methodology of the Cloud Adoption Framework can still be applied to hybrid governance with Azure Stack Hub. Many cloud-native tools used in the public cloud version of Azure can also be used in your Azure Stack Hub deployment.

Azure Stack Hub governance considerations

The following series of blogs shows how your organization can implement cloud governance concepts for Azure Stack Hub:

  • Organizational services such as resource groups, Azure role-based access control (Azure RBAC), change auditing, locks, and tags.
  • Security services, including default firewalls, restrictions, VM updates and patch management, and malware status.
  • DevOps options, including infrastructure as code, a portal with PowerShell and command-line interface, Azure Application Insights, and integration with Azure DevOps and Jenkins.

Governance toolchain for Azure Stack Hub

For guidance on applying cloud-native governance tools to Azure Stack Hub environments, see:

Next steps

For guidance on specific elements of the cloud adoption journey, see: