Cost optimization is a very complex topic in any cloud scenario, especially at the enterprise level, I like to share some shorts but extremely useful advice on that, I will write more and, maybe I will also record a video.

In the last year I tested many different strategies, and I learned a lot from these, the first important lesson is that there is not a real universal solution for that, you need to accommodate the best practices to your company business strategy.

From my experience it is extremely important to follow, what I like to call, the Azure Scaffold Law (ASL), following the ASL you can keep your Azure strategy focused in the most important pillars.

Look at the article below

https://docs.microsoft.com/en-us/azure/architecture/cloud-adoption/appendix/azure-scaffold

Microsoft recently updated the picture below; I think because of the subscription group and more focused on the operational side, which makes sense.

The picture above shows what is important and to take care about in Microsoft Azure, but I think that the old one was more focused about the pillars (see below).

In my opinion, the old one represents the distribution of the most important components; the new one is grouping all together subscriptions and RG, what I define as the distribution strategy.

Maybe I would isolate Subscriptions from RG; they are two different critical components.

Subscription is the real key in any costing strategy.

Obviously, I am speaking for Enterprise Agreement (EA), if you have a single subscription contract, you are forced on managing your distribution strategy using Resource Groups and Tags, no other options on that.

In an enterprise scenario the using of Subscriptions is crucial, and for many reasons, cost isolation, multi-tenants isolation, security and abstractions and more.

In my experience, the best strategy is to create a top subscription that you can call Base and from that subscription create
all other subscription, see below.

At the Base subscription we can configure shared asset like ExpressRoute or Firewalls Appliances etc…

From the Base we can use peering to connect and share the connectivity and the assets.

It is very simple; we need to keep in mind the two basic principles of subscription: Isolation and single billing container.

Subscription is one of the most important components in Microsoft Azure with RBAC and Policies, using these three components you create your entire Azure strategy.

The costing management is another story, very related with subscription but, in term of reporting and distribution, it is very dependent by the platforms and tools available.

Below my actual view based on my experience:

MEP (Microsoft Enterprise Portal), totally based on the concept of Account<>Subscription, you can use it if you are confident on providing administrative access to the subscriptions, something that I don’t recommend, it is good to have just 2 Owners accounts in all the subscriptions, same 2 accounts in all of them.
We need to keep always in mind that a subscription Owner can easily cancel an entire subscription, he can also grant any security access to it and a lot more, too risk.

Cloudyn, good as reading/reporting dashboard, a lot of features to filter your data etc…, I am just using it for that reason only.

Power Bi, really good with Azure Consumption and you can create good reporting using Power BI desktop, I think it is good if you like to provide nice fancy reports to your management.

Azure consumption API, it definitely what you need to create technical cost reporting for your finance department, a lot of APIs exposed, so it is really good to create excel reporting or inside your applications, especially if you look to integrate your applications with Azure Costs Provider.

ServiceNow, another great strategy is integrating ServiceNow with Microsoft Azure ARM, using this way we can control everything happens in our cloud, also creating an approval process and, why not, directly providing the cost allocation to the financial department.

Previous articleWPC 2018 Milan – Microsoft Azure from 0 to 100
Next articleAzure Billing WARNING: Offer id MS-AZR-0017P is not supported SOLVED
I have +25 years of hands-on experience in Cloud Technologies and Cybersecurity, supporting and driving global companies to adopt technologies in the most secure and profitable way. My cores expertises are Security and Cloud Governance, and I strongly believe in the conjunction of both to achieve the top result. In my career, I had the opportunity to lead global cloud infrastructures, providing guidance and leadership in Security and Cloud Governance. Security is my first passion, but I have deep experience in many other areas like Cloud Governance and Integration. I define myself as a very versatile person. In my past, I had the opportunity to work in many different areas, supporting different company roles, from technical roles to Sales, Pre-Sales and High Stakeholders. I see myself as a hands-on geek manager. I love to get my hands dirty and also be able to lead and create important things and initiatives. Mt passion for technology is also the reason for my activities in the IT community. I love sharing my experience and motivating people on engaging the technology with the right motivation and passion. I do conferences around the world, sharing my passion. I have been Microsoft MVP since 2006, Certified Ethical Hacker (CEH) and with a Master in Cybersecurity.