Part 8: Optimization & Tools
Source: John Savill's Azure Master Class v3 - Part 3: Governance
Video Timestamps: 1:51:00 - 2:11:50
AZ-104 Relevance: ⭐⭐⭐⭐ HIGH - Advisor, Resource Graph, Reservations
Cost Optimization Options
Azure Reservations
Pre-pay for resources to get significant discounts (up to 72% off).
| Term | Discount |
|---|---|
| 1 year | ~30-40% off |
| 3 years | ~50-72% off |
Best for: Predictable, steady-state workloads.
Available for: VMs, SQL, Cosmos DB, Storage, App Service, and more.
Azure Savings Plan
Flexible commitment-based discount (alternative to reservations).
| Type | Commits To |
|---|---|
| Compute Savings Plan | $/hour across compute services |
Difference from Reservations:
- Reservations: Specific SKU, specific region
- Savings Plan: Any compute, any region (more flexible)
Azure Hybrid Benefit
Use existing Windows Server or SQL Server licenses.
| License | Saves |
|---|---|
| Windows Server | Up to 40% on VMs |
| SQL Server | Up to 55% on Azure SQL |
Requires Software Assurance or subscription licenses.
Azure Advisor
Free built-in advisor giving recommendations across five pillars.
Cost Recommendations
| Recommendation | Example |
|---|---|
| Right-size VMs | "Resize D4 to D2" |
| Shutdown idle | "VM idle for 7 days" |
| Use reservations | "Save 40% with RI" |
| Delete unused | "Unattached disk" |
Portal → Advisor → Cost
How to Use
- Review recommendations regularly
- Click recommendation → see affected resources
- Apply or dismiss with reason
Deployment Stacks (Preview)
Group of resources managed as a single unit.
Traditional Deployment vs Stacks
| Aspect | Traditional ARM/Bicep | Deployment Stacks |
|---|---|---|
| Remove from template | Orphaned in Azure | Auto-deleted |
| Permissions | At resource level | At stack level |
| Deny settings | No | Yes |
Stack Features
| Feature | Benefit |
|---|---|
| Deny settings | Prevent changes outside the stack |
| Delete behavior | Control what happens when resource removed from template |
| Scope protection | Lock down managed resources |
Delete Behaviors
| Setting | When Resource Removed from Template |
|---|---|
| Detach | Orphan (keep but unmanage) |
| Delete | Delete resource |
Resource Graph
Query engine for Azure resources at scale.
Why Resource Graph?
| Traditional (ARM) | Resource Graph |
|---|---|
| Query per subscription | Query ALL subscriptions at once |
| Slow for large environments | Fast indexed queries |
| Limited filtering | Full Kusto Query Language |
Query Language (KQL)
resources
| where type == "microsoft.compute/virtualmachines"
| where location == "eastus"
| project name, resourceGroup, properties.hardwareProfile.vmSizeCommon Queries
| Query | Finds |
|---|---|
| VMs by region | All VMs in specific location |
| Unattached disks | Orphaned disks |
| Resources by tag | Resources missing required tags |
| Public IPs | Resources with public exposure |
Portal → Resource Graph Explorer
Change Analysis
See what changed in your resources over time.
How It Works
- Tracks configuration changes
- Shows timeline of modifications
- Helps troubleshoot "what changed?"
Portal → Monitor → Change Analysis
What It Shows
| Info | Example |
|---|---|
| What changed | NSG rule added |
| When | Feb 1, 2024 3:45 PM |
| Who | user@domain.com |
| Old vs new | Side-by-side diff |
Troubleshooting: "App stopped working Tuesday" → Check Change Analysis for Tuesday changes.
Cloud Adoption Framework (CAF)
Microsoft's methodology for cloud adoption.
Key CAF Resources
| Resource | Purpose |
|---|---|
| Landing Zones | Pre-built architecture patterns |
| Naming conventions | Standard naming guidance |
| Tagging strategy | Tag recommendations |
| Governance guide | Policy/RBAC templates |
URL: aka.ms/caf
Well-Architected Framework (WAF)
Design framework for building robust solutions.
Five Pillars
| Pillar | Focus |
|---|---|
| Reliability | Resilience, recovery |
| Security | Protect data, systems |
| Cost Optimization | Manage costs |
| Operational Excellence | Operations, monitoring |
| Performance Efficiency | Scale, responsiveness |
Well-Architected Review
Portal → Advisor → Well-Architected Review
Assess your workloads against WAF pillars.
Resource Visualizations
Resource Visualizer (Preview)
Portal → Resource Group → Resource visualizer
Shows graphical view of resources and their relationships:
- VM connected to NIC connected to VNet
- Dependencies at a glance
Topology View (Network)
Portal → Network Watcher → Topology
Network-focused visualization:
- VNets, subnets, NICs
- NSG attachments
- Traffic flow
Summary: Governance Tools
| Tool | Purpose |
|---|---|
| Azure Advisor | Recommendations |
| Resource Graph | Query resources at scale |
| Change Analysis | Track what changed |
| Deployment Stacks | Manage resource groups as units |
| CAF | Adoption methodology |
| WAF | Architecture best practices |
Mental Model
Advisor = Doctor Checkup 🩺
- Examines your environment
- Gives recommendations by category
- You decide which to follow
Resource Graph = Google for Azure 🔍
- Search across ALL your resources instantly
- Complex queries possible
- Find needles in haystacks
Deployment Stacks = Moving Box 📦
- Everything in the box moves together
- Take something out of template → remove from box
- Protects contents from outside changes
AZ-104 Exam Tips
| Topic | Key Point |
|---|---|
| Reservations | 1 or 3 year, specific SKU/region |
| Savings Plan | Flexible, any compute, any region |
| Hybrid Benefit | Existing licenses → Azure discount |
| Advisor | 5 pillars (Reliability, Security, Performance, Cost, OpEx) |
| Resource Graph | KQL queries across all subscriptions |
| Change Analysis | Track configuration changes |
| CAF | Adoption methodology (Strategy → Plan → Ready → Adopt) |
| WAF | 5 pillars for architecture |
Practical Exercises
Exercise 1: Review Azure Advisor (5 min)
- Portal → Advisor
- Check each category (Cost, Security, etc.)
- Click into a recommendation
- Review the affected resources
Exercise 2: Query with Resource Graph (5 min)
- Portal → Resource Graph Explorer
- Run:
resources | where type == "microsoft.compute/virtualmachines" - Try:
resources | summarize count() by type - Explore the available tables
Exercise 3: View Change Analysis (5 min)
- Portal → Monitor → Change Analysis
- Select a resource
- Review recent changes
- Note the timeline and diff view
Exercise 4: Explore CAF (Optional)
- Visit aka.ms/caf
- Review the Landing Zone options
- Check the naming convention guidance
Governance Module Complete! 🎉
You've now covered:
| Part | Topic |
|---|---|
| 1 | Governance Fundamentals |
| 2 | Organizational Hierarchy |
| 3 | Naming, Tagging & Inheritance |
| 4 | Locks & ARM Resource Structure |
| 5 | RBAC & ABAC |
| 6 | Azure Policy |
| 7 | Cost Management & Budgets |
| 8 | Optimization & Tools |
Next Steps:
- Review each section's AZ-104 tips
- Complete the practical exercises
- Move to the next video in the Master Class series
End of Part 8 - Governance Complete