What’s Azure Advisor?
Azure Advisor is a personalized cloud consultant that will help you follow best practices recommendations to improve the high availability, security and performance of your resources, while looking for opportunities to reduce cost.
Azure Advisor recommendations
- High Availability
You will be able to view the recommendations for all the subscriptions for which you are the Owner, Contributor or Reader. You can filter the recommendations based on your subscriptions and the Resource Groups.
Azure Advisor provides us the recommendations on the following services as of this writing. I’m sure if would include more services in the future.
- Virtual machines
- Virtual Networks / Subnets
- Availability sets
- App Services
- SQL servers
- SQL databases
- Redis cache
Features of Azure Advisor
- Azure Advisor provides the Impact / Severity (High, Medium – probably low as well) of the recommendation based on which we can take action.
- Description – For each recommendation, the Advisor provides a quick and short excerpt.
- Resource Count – In case if there are multiple resources on which an action is to be taken then it provides a sum of all those resource types.
- Individual Resources – Once you click a Recommendation, you can view all the individual resources on which Azure Advisor has recommendations along with the status.
- For each recommendation, depending on the type of resource it has advised, it also allows to fix the problem and take an action right in a next blade without leaving the Advisor related Blades.
Let’s enable the Azure Advisor and review the recommendations and take necessary actions if any on the Azure Services.
Click on More Services link available at the bottom of the Menu as shown below and select Azure Advisor a preview service as of this writing.
Clicking on the link, you will be taken to the following page where you need to enable the Azure Advisor for getting the recommendations.
Select the Subscription and click on Let’s get started.
As shown in the below screen capture, it will take some time to analyses the Azure Services that we have configured in the selected Subscription.
Once the Azure Advisor completes the analysis, it shown the recommendations as shown below.
Clicking on the recommendation, it took me to the following blade where it shows the actual resource as well the description about the recommendation or vulnerability. Depending on the type of resource and the type of recommendation, the action that we need to take would vary.
Let’s try to see if we can fix any of the vulnerability right from the above blade. Let’s go-ahead and click on “Enable Network Security Groups on Subnets” link.
Note: The state is Open and the Severity is high with Red info icon. Both of these will change now after fixing the vulnerability.
Clicking on the above link (on the subnet name “default”), it took me to the following blade where I can either choose the existing NSG or create a new one.
As shown in the above screen capture, select the NSG to associate it with the Subnet. After a few seconds, the NSG got associated with the selected Subnet.
Let’s review the Recommendations blade along with the status of the vulnerability. The status has now turned to Resolved and the Severity icon also turned to white.
That’s it. We have learned how to use Azure Advisor to get recommendations which also provides us the solutions for fixing the vulnerabilities for security recommendations. Please play around with the feature and I’m sure you will get recommendations based on the services that you are using.
Your feedback is appreciated.