Azure Cost Optimizer

An enterprise-grade solution for optimizing Azure costs through automated analysis, real-time alerting, and intelligent recommendations. Now with full Windows support and Phase 1 enterprise features!

🚀 Phase 1 Features (Now Available!)

Enterprise Cost Optimization

• Multi-Subscription Support: Manage costs across multiple Azure subscriptions
• Real-Time Alerting: Instant notifications via Slack, Teams, or email
• Intelligent Anomaly Detection: Advanced algorithms to identify cost spikes
• Resource Tagging Compliance: Automated enforcement of tagging policies
• Comprehensive Reporting: Detailed cost analysis and optimization recommendations

Advanced Automation

• Azure Policy Integration: Enforce governance and compliance across subscriptions
• Automated Resource Actions: Shut down idle VMs and clean up orphaned resources
• Budget Management: Automated budget creation and threshold monitoring
• Notification System: Multi-channel alerts for cost anomalies and optimization opportunities

Enterprise Security & Compliance

• Azure Key Vault Integration: Secure credential and secret management
• Managed Identity Support: Secure authentication without stored credentials
• Private Endpoints: Secure network connectivity for enterprise environments
• RBAC Integration: Fine-grained access control and permission management

Windows & Cross-Platform Support

• Native Windows Support: PowerShell and batch deployment scripts
• Cross-Platform Compatibility: Works on Windows, Linux, and macOS
• Easy Installation: Multiple deployment options for different user preferences

🏃‍♂️ Quick Start (Windows)

Option 1: One-Click PowerShell Deployment

# Clone and deploy in one command
git clone https://github.com/your-repo/azure-cost-optimizer.git
cd azure-cost-optimizer
.\scripts\deploy_phase1.ps1 -SubscriptionId "your-sub-id" -ResourceGroup "rg-cost-optimizer"

Option 2: Simple Batch Script

# For basic deployments
scripts\deploy_phase1.bat "your-subscription-id" "rg-cost-optimizer"

For detailed Windows setup instructions, see Windows Quick Start Guide

Features

• Resource Optimization

  • Identifies idle VMs based on CPU usage metrics
  • Recommends VM SKU downsizing for cost-efficient operations
  • Detects orphaned (unattached) managed disks
  • Identifies cost anomalies by comparing against baseline spending

• Infrastructure as Code

  • Terraform configuration for Azure resources
  • Creates cost export schedules to Azure Storage
  • Configures Log Analytics for resource metrics collection
  • Sets up budget alerts for cost control

• Security

  • Azure Key Vault integration for secure credential storage
  • Support for managed identities
  • Secure storage of configuration with proper access controls

Requirements

Prerequisites

• Python 3.8+
• Terraform 1.5+
• Azure subscription with appropriate permissions

Python Dependencies

See requirements.txt for the complete list of dependencies. Key components:

• Azure SDK libraries
• Analytics and data processing libraries
• Testing and development utilities

Project Structure

azure-cost-optimizer/
│
├── docs/                          # Documentation
│   ├── architecture.md            # Solution architecture
│   └── usage.md                   # Detailed usage guide
│
├── infra/                         # Infrastructure as Code
│   ├── main.tf                    # Main Terraform configuration
│   └── variables.tf               # Terraform variables
│
├── src/                           # Source code
│   ├── __init__.py                # Package initialization
│   ├── azure_client.py            # Azure API client implementation
│   ├── config.py                  # Configuration management
│   └── optimizer.py               # Core optimization logic
│
├── tests/                         # Test suite
│   ├── __init__.py                # Test package initialization
│   ├── test_azure_client.py       # Tests for Azure client
│   └── test_optimizer.py          # Tests for optimizer logic
│
├── azure-pipelines.yml            # CI/CD pipeline configuration
├── LICENSE                        # Project license
├── README.md                      # This file
└── requirements.txt               # Python dependencies

Getting Started

Environment Setup

1. Clone the repository:

   git clone https://github.com/arnabdey73/azure-cost-optimizer.git
   cd azure-cost-optimizer

2. Set up a Python virtual environment:

   python -m venv venv
   source venv/bin/activate  # On Windows: venv\Scripts\activate

3. Install dependencies:

   pip install -r requirements.txt

4. Authentication:

   • Set up environment variables for Azure authentication:

     # Service Principal authentication
     export AZURE_TENANT_ID="your-tenant-id"
     export AZURE_CLIENT_ID="your-client-id"
     export AZURE_CLIENT_SECRET="your-client-secret"
     export AZURE_SUBSCRIPTION_ID="your-subscription-id"
     
     # Optional: Log Analytics
     export LOG_ANALYTICS_WORKSPACE_ID="your-workspace-id"

   • Or use Azure Key Vault for secure credential storage:

     export AZURE_KEY_VAULT_URL="https://your-keyvault.vault.azure.net/"

Infrastructure Deployment

1. Initialize Terraform:

   cd infra
   terraform init

2. Configure Terraform variables: Create a terraform.tfvars file with:

   subscription_id = "your-subscription-id"
   storage_account_name = "costoptimizer12345"  # Must be globally unique
   allowed_ip_ranges = ["123.123.123.123"]  # Your IP address

3. Deploy infrastructure:

   terraform plan -out=tfplan
   terraform apply tfplan

Running the Optimizer

Execute the optimizer to generate cost optimization recommendations:

python src/optimizer.py --subscription-id "your-subscription-id" --start-date "2025-05-01" --end-date "2025-05-28"

See docs/usage.md for detailed command options and scenarios.

Output

The optimizer generates a JSON file containing recommendations for:

• Idle VMs that could be shut down
• VMs that could be resized to smaller SKUs
• Orphaned disks that can be removed
• Cost anomalies that should be investigated

Example output:

{
  "timestamp": "2025-05-28T14:30:00.000Z",
  "idleVMs": [
    {"resourceId": "/subscriptions/.../vm1", "averageCpu": 2.5}
  ],
  "skuResizes": [
    {"resourceId": "/subscriptions/.../vm2", "currentSku": "Standard_D8s_v3", "suggestedSku": "Standard_D4s_v3"}
  ],
  "orphanedDisks": [
    {"diskName": "disk1", "ageDays": 45}
  ],
  "costAnomalies": [
    {"date": "2025-05-15", "cost": 150.0, "baseline": 100.0}
  ]
}

Documentation

For more detailed information, please refer to the following documents:

• Architecture Overview - Solution architecture and component descriptions
• Detailed Usage Guide - Comprehensive instructions and examples
• API Reference - Detailed reference for all classes and methods
• Security Best Practices - Security guidelines for deployment
• Contributing Guidelines - How to contribute to this project

Security Considerations

This application supports multiple authentication methods for Azure:

• Service Principal with Client Secret (stored securely in Key Vault)
• Managed Identity (recommended for production)
• DefaultAzureCredential (integrates with VS Code, Azure CLI, etc.)

For production use, we recommend:

• Use Key Vault for all secrets
• Enable diagnostic settings on all resources
• Implement resource locks to prevent accidental deletion
• Apply least-privilege permissions for service principals

Contributing

Contributions are welcome! Please follow the guidelines in CONTRIBUTING.md (if available).

License

This project is licensed under the MIT License.