Reputation: 351
Is there an equivalent to these AWS services in Azure?
I'm trying to implement several security services for both Azure and AWS, and I'm now struggling to find the equivalent of certain AWS services in the Azure pool of services (as the info is not present in the Azure documentation). Is there anything equivalent to:
- AWS Config
- AWS CloudWatch Events (I can't find how to customise alerts in Azure)
- AWS CloudTrail (or are the management events recorded by default?)
Thanks in advance for the help!
(Important: this doesn't aim at evaluating a provider vs. another, but simply to help understanding how services translate from one to the other)
Upvotes: 8
Views: 21210
Answers (2)
Reputation: 344
These are kind of "rough" pointers since even though the services are basically comparisons to the ones available in AWS, some differences still exist.
For AWS Config, I would recommend Azure Policy https://learn.microsoft.com/azure/azure-policy/azure-policy-introduction
"Azure Policy is a service in Azure that you use to create, assign and, manage policy definitions. Policy definitions enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service level agreements. Azure Policy runs an evaluation of your resources, scanning for those not compliant with the policy definitions you have."
For CloudTrail, Log Analytics is pretty similar (sort of) https://learn.microsoft.com/azure/log-analytics/
"Log Analytics is part of Microsoft Azure's overall monitoring solution. Log Analytics monitors cloud and on-premises environments to maintain availability and performance. Get insight across workloads and systems to maintain availability and performance. Learn how to collect, analyze, and act on data with our quickstarts, tutorials and samples."
Basically with Log Analytics, you aggregate logs to your Log Analytics workspace, and onboard several available solutions which provide you insight on your resources, based on the logs that are being ingested. If you are more interested in the management plane alerts (like which user is doing what on your Azure subscriptions), I recommend getting familiar with Azure Activity Log and Azure Monitor:
For CloudWatch Events, see above and take a look at these
https://learn.microsoft.com/azure/monitoring-and-diagnostics/monitoring-get-started https://learn.microsoft.com/azure/log-analytics/log-analytics-activity
Basically, Activity Log is the service that gathers all actions happening inside an Azure subscription, whether human generated or not.
Hope these help.
Upvotes: 9
Reputation: 96
You might want to have a look at the following links:
https://azure.microsoft.com/services/security-compliance/
https://azure.microsoft.com/services/event-grid/
The logic might differ a bit but, more or less, should help doing what does AWS services do
Upvotes: 0
Related Questions
- AWS equivalent for Azure Resourcegroup
- AWS equivalent of Azure Service Fabric Cluster
- Similar thing in Azure like ebextensions in AWS
- Is there anything like AWS Direct Connect in Azure?
- what is equivalent of a windows service on azure?
- What Amazon Web Services are most similar to these Azure Web Services
- Is there any Azure service similar to AWS systems manager(SSM)?
- Does AWS has anything similar to Azure Service Bus Relay?
- AWS Dedicated instance equivalent in Azure
- Which Azure services are PaaS?