In Azure, cost management is one of the key areas to be focused on managing the resources. The un-noticed, un-audited subscription sometimes leads high billing for resources.

Few key resources in a small or medium scale infrastructure, which leads to higher cost are listed. Please note, this list will evolve over the time.

• Data ingestion in log-analytics.
• Virtual machine size.
• Storage account redundancy setting.
• Network watcher log ingestion.
• Application Gateway – SKU selection.

These are considered to be cost consuming resource parameters, which are not needed in lower environments like DEV.

In practical scenario sometimes we give access to developers or non-technical people, in Azure with little high privileges. This some times leads to updating few Azure resources which results in high cost.

Two ways through which we can restrict the resource configurations

• By restricting access to the users or groups, other than infra team.
• Creating custom azure policies, which restricts users or any programs to provision Azure resources with cost consuming configurations.

The first one is pretty straight forward, however the second one is little tricky and there is no out-of-the box policies available in Azure. Most the of the policies has to be custom defined.

The resources to be focused with the reasons and few sample policies definitions are available @ https://github.com/onesight-tech/azure