Five Tips to preventing oversized or unapproved Azure resource creation

Microsoft Azure provides a powerful set of services to help developers build and deploy their apps. Azure makes it so easy to use that you can inadvertently provision resources that are oversized for their workloads. With a little up-front planning and proper governance policies in place you can set guard rails in place that prevent high cost resources from being provisioned.

These sorts of controls can be accomplished by establishing cloud spending plans, allocating cloud budgets, monitoring and enforcing cloud budgets, detecting costly anomalies, and adjusting the cloud governance plan when actual spending is misaligned. Let’s focus on 5 particularly useful ways you can lower your costs now.

Tip #1 - Control spending on single resource

Many of the resources you’ll provision in Azure have various tiered configurations and service plans. Take for example a virtual machine. There are 6 levels of sku’s representing various configurations optimized for memory intensive, cpu intensive, storage optimized and gpu driven workloads. The cost for these configurations can vary from $0.005/hour to upwards of $1.19 /hour. If you don’t need the high-end performance VMs you can set an Azure Policy “Allowed virtual machine SKUs“ that prohibits developers from provisioning VM SKUs that aren’t allowed.

Tip #2 - Budget control

With budgets, you can account for the Azure services you consume or subscribe to during a specific period. They help you inform others about their spending to proactively manage costs, and to monitor how spending progresses over time. You can apply a budget to the scope of your choice (management group, subscription, resource group, etc). Budgets are also setup with cost thresholds and alerting to let you know when your approaching limits you set on spending.

Tip #3 - Enforce spending based on resource location

Azure Policy provides a definition “Allowed Locations” to set the region your resources are created in. n some cases there are differences in cost depending on the region you choose. For example, a D2 v3 VM created in East US region has a monthly cost of $137.24, while in the North Central US region it costs $140.16.

Tip #4 - Enforce accounting metadata on resources

A tagging strategy includes business and operational details as components of metadata tags. Use Azure Policy to enforce the rules and conventions you put in place. At a minimum, require tags for owner, cost center, business unit, environment (dev, qa, prod) and criticality for disaster recovery.

Tip #5 - Detect spending anomalies

Azure Cost Management shows usage-based costs consumed by your Azure resources. This feature allows you to setup budgets and alerts that can notify you when spending exceeds thresholds you define. It’s a good idea to routinely check for trends and outliers on the cost analysis reports in order to proactively address spending anomalies.

For organizations interested in proactively preventing oversized or unapproved Azure resources provisioning, adopting automated policy controls as part of a larger Azure governance strategy is a smart choice. InCycle can accelerate your adoption effort by implementing proven cloud governance and automated policy-driven solutions for your organization. Download our Azure Governance Playbook today to learn more..