Build Secure Applications with Azure Policy and Service Groups

Microsoft Events presents an Ignite 2025 session featuring Jodi Boone and Kemley Nieva, exploring how Azure Policy and Service Groups can automate security governance and compliance across cloud applications.

Build Secure Applications with Azure Policy and Service Groups

Session Speakers: Jodi Boone, Kemley Nieva
Event: Microsoft Ignite 2025
Session ID: BRK169

Overview

Building secure cloud applications requires not only technical controls but also consistent governance and automated compliance. This session teaches how to leverage Azure Policy to enforce organizational standards, automate remediation of non-compliant resources, and confidently maintain compliance at scale within Azure environments.

Key Topics

• Azure Policy Enforcement:
  • Define and enforce rules for resource configurations.
  • Continuous compliance checks and automated remediation.
  • In-guest configuration management for deeper policy coverage.
• Service Groups:
  • Group related resources or applications for easier policy management.
  • Apply policies at different levels of hierarchy (applications, environments, resource types).
  • Aggregate multiple resources for flexible policy application.
  • Service Groups now publicly available with multi-deployment support.
• Automation and AI Integration:
  • Copilot automates resource tagging and service group membership assignments.
  • Intelligent Governance: Leverage LLMs (Large Language Models) to assist in creating robust Azure Policy definitions.
• Security Management Across Workloads:
  • Secure Windows, Linux, and database workloads with consistent governance tools.
  • Real-world examples from Microsoft’s own internal governance practices.
  • Learn about the Secure Future Initiative and ‘Secure by Default’ principles.

Session Flow Highlights

• Session Overview (0:00): Introduction to building secure apps with Azure Policy & Service Groups
• Key Features of Service Groups (3:08): Hierarchy, flexibility, aggregation
• Copilot Automates Resource Tagging (9:14): Streamlined service group membership
• Service Groups Availability (11:46): Public launch and multiple deployment support
• Securing Applications & Policy Use Cases (12:40): In-depth on Azure Policy use
• In-Guest Configuration Management (21:45): Policy enforcement inside VMs
• Intelligent Governance with LLMs (28:40): AI-assisted policy creation
• Microsoft’s Governance Practices & Secure by Default (35:04 - 35:49)

Additional Resources

• Microsoft Ignite Session Details
• Session Materials and Learning Paths

Conclusion

By leveraging Azure Policy and Service Groups—enhanced with Copilot automation and LLM-based policy definitions—organizations can significantly strengthen their cloud security posture and maintain compliance with less manual effort.

---

Session delivered in English as an intermediate-level breakout. For further learning and on-demand sessions, visit Microsoft Ignite online.