If you need to assess compliance and enforce standards for existing resources in an Azure subscription, what should you use?

Disable ads (and more) with a membership for a one time $4.99 payment

Study for the Microsoft SC-900 Exam. Master key concepts with targeted flashcards and multiple-choice questions, featuring hints and explanations. Get prepared and confident for success!

Using Azure Policy is the best approach for assessing compliance and enforcing standards for existing resources within an Azure subscription. Azure Policy allows you to create, assign, and manage policies that enforce specific rules and effects over your Azure resources. By doing so, you can ensure that those resources adhere to organizational standards and compliance requirements.

Azure Policy evaluates resources at specific intervals and provides compliance reports, identifying resources that do or do not conform to the policies set. This proactive management helps organizations maintain compliance, improve governance, and manage resources efficiently.

To put it in context, Azure Blueprints are more about packaging and deploying resources along with policies and other artifacts, making them suitable for building new environments rather than enforcing compliance on existing ones. The Anomaly Detector service focuses on identifying unusual patterns in the data but does not relate directly to compliance or governing resources. Microsoft Sentinel serves as a security information event management (SIEM) solution that aids in detecting, investigating, and responding to security threats but does not specifically address compliance enforcement for existing resources.

By leveraging Azure Policy, organizations can systematically maintain compliance across their Azure resources and ensure adherence to required standards.