Forum Discussion

ShihanSuhail's avatar
ShihanSuhail
Copper Contributor
Aug 12, 2021

Is it ok to remove azure default initiative and use the azure benchmark?

Hi All,

 

We have an issue using both initiatives from the security center since both show the same recommendations. 

 

So we got the idea to use the azure benchmark as a policy initiative. WDYT?

  • pazdedav's avatar
    pazdedav
    Aug 17, 2021
    Initiatives are great for applying and managing policies at scale and I always recommend my customers to group policies based on the "intent". The way you group your policies to initiatives has also an impact on reporting (how you see your compliance in the Compliance blade/view).

    You should think about your Azure environment and what "standard" you want to apply where and how easy it is to eventually add/remove policies from initiatives, change assignments, etc.
    • ShihanSuhail's avatar
      ShihanSuhail
      Copper Contributor
      Do u think it better to separate the initiative such as 1 initiative based on ASB only for k8s. and another for infrastructure. WDYT?
      • pazdedav's avatar
        pazdedav
        Steel Contributor
        Initiatives are great for applying and managing policies at scale and I always recommend my customers to group policies based on the "intent". The way you group your policies to initiatives has also an impact on reporting (how you see your compliance in the Compliance blade/view).

        You should think about your Azure environment and what "standard" you want to apply where and how easy it is to eventually add/remove policies from initiatives, change assignments, etc.

Resources