Most Azure environments don’t fail because of a lack of features—they fail because no one is actively reviewing them.
I’ve walked into environments where Azure Advisor had been quietly generating critical recommendations for months—unused VMs, open ports, underutilised databases—completely ignored. The result? Overspending, security exposure, and performance issues that could have been prevented with a basic governance process.
Azure Advisor is one of the most underutilised tools in the platform. When combined with structured governance reviews, it becomes a powerful mechanism for continuous improvement across cost, security, reliability, and performance.
In this guide, I’ll show you how to properly configure Azure Advisor, operationalise its recommendations, and build governance reviews that actually drive action—not just reports.
Quick Fix Summary
- Enable and review Azure Advisor recommendations weekly
- Set up alerts and automation for high-impact findings
- Integrate Advisor into governance review cycles
- Use PowerShell or Logic Apps to track and remediate issues
- Prioritise cost and security recommendations first
Step-by-Step Configuration and Governance Setup
1. Understand Azure Advisor (What It Actually Does)
Azure Advisor analyses your environment and provides recommendations across:
| Category | What It Covers |
|---|---|
| Cost | Idle/underutilised resources |
| Security | Defender for Cloud recommendations |
| Reliability | High availability and redundancy |
| Performance | Resource optimisation |
| Operational Excellence | Best practice alignment |
Real-World Insight
In one tenant I reviewed, Advisor identified over $4,000/month in wasted spend from idle resources—nobody had checked it in over 6 months.
2. Access and Configure Azure Advisor
Portal Steps
- Go to Azure Portal
- Search for Advisor
- Select your subscription
- Review recommendations by category
Filtering Recommendations
- Filter by impact level (High/Medium/Low)
- Filter by resource group
- Filter by type (cost/security/etc.)
3. Enable Advisor Alerts (Critical Step Most Skip)
Out-of-the-box, Advisor does not actively notify you.
Create Alerts via Azure Monitor
- Go to Azure Monitor
- Navigate to Alerts → Create Alert Rule
- Set scope to subscription
- Choose signal:
- Advisor Recommendation changes
- Configure action group (email, Teams, webhook)
4. Automate Advisor Recommendations (PowerShell & Logic Apps)
Manual review doesn’t scale.
PowerShell Example: Retrieve Advisor Recommendations
Get-AzAdvisorRecommendation | Where-Object {$_.Category -eq "Cost"}
Export to CSV for Reporting
Get-AzAdvisorRecommendation | Export-Csv "advisor-report.csv" -NoTypeInformation
Automation Options
- Azure Logic Apps → Trigger on new recommendations
- Azure Automation → Scheduled reporting
- Integration with ServiceNow / ticketing systems
5. Build a Governance Review Process
This is where most organisations fall down—not tooling, but process.
Recommended Review Cadence
| Review Type | Frequency | Focus Area |
|---|---|---|
| Cost Review | Weekly | Idle resources, rightsizing |
| Security Review | Weekly | Defender + Advisor alerts |
| Full Governance | Monthly | All categories |
Governance Review Checklist
- Review all High-impact Advisor recommendations
- Validate unused resources before deletion
- Confirm security remediation actions
- Track remediation progress
- Report findings to stakeholders
6. Prioritisation Framework (What to Fix First)
Not all recommendations are equal.
Priority Order (Real-World)
- Security (open ports, vulnerabilities)
- Cost (unused resources)
- Reliability (availability risks)
- Performance (optimisation tweaks)
Pro Tip
If you try to fix everything at once—you’ll fix nothing. Focus on high-impact wins first.
7. Integrate Advisor with Azure Policy and RBAC
Advisor identifies issues—but governance enforces them.
Example
- Advisor flags untagged resources
- Azure Policy enforces required tags
Best Practice
- Use Advisor for visibility
- Use Policy for enforcement
8. Track and Measure Improvements
If you don’t measure it, governance becomes a checkbox exercise.
Metrics to Track
- Monthly cost savings
- Number of open recommendations
- Time to remediate
- Security posture score
Additional Tips / Pro Tips
Pro Tips
- Assign ownership of recommendations to teams
- Use dashboards (Power BI) for visibility
- Integrate Advisor into CI/CD pipelines for pre-deployment checks
- Tag recommendations with business impact
Warnings
- Ignoring Advisor = guaranteed cost creep
- Over-automating deletions = risk of outages
- Not validating recommendations = false positives
FAQ Section
1. What is Azure Advisor used for?
Azure Advisor provides personalised recommendations to improve cost, security, performance, and reliability in your Azure environment.
2. How often should I review Azure Advisor?
At minimum weekly for cost and security, with a full governance review monthly.
3. Can Azure Advisor automatically fix issues?
No, but it can integrate with automation tools like Logic Apps to trigger remediation workflows.
4. Is Azure Advisor free?
Yes, Azure Advisor itself is free, though some recommendations relate to paid services like Defender for Cloud.
5. What is the difference between Azure Advisor and Azure Policy?
Advisor identifies recommendations, while Policy enforces compliance rules.
Conclusion / Actionable Takeaways
Azure Advisor is not just a reporting tool—it’s a continuous optimisation engine. But its value only comes when you operationalise it.
Practical Next Steps
- Review Azure Advisor today—focus on high-impact items
- Set up alerting for new recommendations
- Build a weekly governance review process
- Automate reporting and tracking
- Align Advisor insights with Azure Policy enforcement
From experience, the organisations that get this right don’t just save money—they build resilient, secure, and scalable cloud environments.
From my early days on the helpdesk through roles as a service desk manager, systems administrator, and network engineer, I’ve spent more than 25 years in the IT world. As I transition into cyber security, my goal is to make tech a little less confusing by sharing what I’ve learned and helping others wherever I can.