Version: Next

Phase 04: Security & Governance

DOCUMENT CATEGORY: Runbook SCOPE: Security and governance configuration PURPOSE: Apply security controls, policies, and compliance baselines

Status: Active

Overview

This stage configures security controls, compliance policies, and governance for the Azure Local environment. These configurations ensure the cluster meets security requirements and organizational compliance standards.

Prerequisites

Azure Local cluster deployed and Arc-enabled
Monitoring configured (Stage 18)
Log Analytics workspace available

Steps

Step	Title	Description
1	Enable Defender for Cloud	Enable Microsoft Defender for Cloud protection
2	Apply Azure Policy Initiatives	Apply governance policies and initiatives
3	Configure Security Baselines	Configure security baseline settings
4	Enable Security Logging	Configure security event logging
5	Configure Azure Update Manager	Configure patch management and update orchestration

Stage Completion Criteria

Defender for Cloud enabled for cluster resources
Azure Policy initiatives assigned
Security baselines configured
Security logging enabled and forwarding to Log Analytics
Azure Update Manager configured with maintenance schedules

Previous	Up	Next
Phase 19: Backup & DR	Operational Foundations	Phase 21: Licensing & Telemetry

Overview​

Prerequisites​

Steps​

Stage Completion Criteria​

Navigation​

Overview

Prerequisites

Steps

Stage Completion Criteria

Navigation