Azure Advisor
Azure Advisor is an included, no-cost service that provides advice on optimizing your Azure resources. It provides personalized and actionable best practice recommendations based on usage analysis and can be accessed directly within the portal.
There is a great deal of emphasis placed on using Azure Advisor and taking actions based on the recommendations. As such, Azure Advisor will be displayed when you log in to the Azure portal, as shown in the following screenshot:
Figure 6.8 – Azure Advisor prompt
Azure Advisor recommendations are available across the following categories; the URLs point to the complete list of recommendations available for each category:
- Cost: Recommendations provided for optimizing and reducing costs: https://docs.microsoft.com/azure/advisor/advisor-cost-recommendations.
- Security: Recommendations provided to protect against vulnerabilities and threats: https://docs.microsoft.com/azure/advisor/advisor-security-recommendations.
- Reliability (formerly High Availability): Recommendations provided for the availability, resilience, and continuity of your workloads: https://docs.microsoft.com/azure/advisor/advisor-high-availability-recommendations.
- Operational Excellence: Recommendations provided for implementing best practices, resources manageability, service health, and governance: https://docs.microsoft.com/azure/advisor/advisor-operational-excellence-recommendations.
- Performance: Recommendations provided for optimizing a workload’s responsiveness to demand: https://docs.microsoft.com/azure/advisor/advisor-performance-recommendations.
The following screenshot shows the Azure Advisor | Overview blade, which displays these recommendations in a dashboard view:
Figure 6.9 – Azure Advisor recommendations
There is a Tips & tricks section at the bottom of the overview blade that helps you get the most out of Azure Advisor. You can also download the recommendations in PDF and Excel format.
Azure Advisor recommendations are based on the approach of notifying users of aspects that are not implemented rather than things that are implemented; for example, Azure Advisor will generate a list of the following:
- VMs that are not protected by a Network Security Group (NSG)
- VMs that do not have backup enabled, updates applied, a premium SSD when capable, and so on
- Storage accounts that do not have soft delete enabled, and so on
You can click on each recommendation category to get more information on the recommendations and the actions that can be taken.
Once any security recommendations have been implemented, you will see that the organization’s Secure Score will have increased. However, there is no requirement that any recommendations must be implemented to be supported by Microsoft, only that they should be implemented. There is also no timescale as to when and if you decide to implement these recommendations; they can be dismissed or postponed.
This section looked at Azure Advisor as a recommendation engine to aid in optimizing your Azure environments. The following section looks at Azure Monitor, which can help you gain visibility and insights into all the resources that are created in your Azure environments.