Azure FinOps: 7 Steps to Cut Cloud Costs by 30%
Azure FinOps: 7 Steps to Cut Cloud Costs by 30%
Every month I see the same pattern – companies migrate to Azure, enthusiastically provision resources, and then the invoice arrives. "Why are we paying so much?" is a question I hear at least once a week. After dozens of FinOps audits across enterprise environments, I'm sharing seven concrete steps that actually work.
1. Enable Cost Management and Set Up Alerts
Surprisingly, many organizations haven't even set up basic budget alerts. Azure Cost Management is free and should be the first thing you configure:
resource budget 'Microsoft.Consumption/budgets@2023-11-01' = {
name: 'budget-prod-monthly'
properties: {
category: 'Cost'
amount: 5000
timeGrain: 'Monthly'
timePeriod: {
startDate: '2026-01-01'
endDate: '2027-01-01'
}
notifications: {
actual80: {
enabled: true
operator: 'GreaterThanOrEqualTo'
threshold: 80
contactEmails: ['cloud-team@company.com']
thresholdType: 'Actual'
}
forecast100: {
enabled: true
operator: 'GreaterThanOrEqualTo'
threshold: 100
contactEmails: ['cloud-team@company.com', 'cfo@company.com']
thresholdType: 'Forecasted'
}
}
}
}Set up two alerts: 80% actual spend (you still have time to react) and 100% forecasted (proactive warning).
2. Right-Sizing: Most VMs Are Oversized
From my audits, 60-70% of production VMs run on larger sizes than they need. Azure Advisor will tell you which ones:
# List right-sizing recommendations from Azure Advisor
az advisor recommendation list \
--category Cost \
--query "[?shortDescription.problem=='Right-size or shutdown underutilized virtual machines'].{
VM:resourceMetadata.resourceId,
CurrentSize:extendedProperties.currentSku,
TargetSize:extendedProperties.targetSku,
Savings:extendedProperties.savingsAmount
}" \
--output tableTypical example: a client had 20 VMs on Standard_D4s_v5 (4 vCPU, 16 GB RAM) with average CPU utilization of 8%. Switching to Standard_D2s_v5 saved 50% on compute costs with no performance impact.
3. Reserved Instances and Savings Plans
The fastest path to significant savings. Comparison:
| Model | Savings vs. PAYG | Flexibility | Best For |
|---|---|---|---|
| Pay-as-you-go | 0% | Maximum | Dev/test, spike workloads |
| 1-year Reserved | 30-40% | Fixed VM family/region | Production DB, stable VMs |
| 3-year Reserved | 55-72% | Fixed VM family/region | Core infra, SQL servers |
| Savings Plan 1Y | 15-25% | Any compute | Mixed workloads |
| Savings Plan 3Y | 30-45% | Any compute | Enterprise commitment |
Practical tip: Start by analyzing the last 30 days of consumption in Cost Management → Reservations → Recommendations. Azure will suggest the optimal mix.
4. Auto-Shutdown for Dev/Test Environments
Dev and staging environments run 24/7 but are only used 10 hours a day. Auto-shutdown saves 65% on compute costs:
// Auto-shutdown for dev VMs at 7 PM
resource autoShutdown 'Microsoft.DevTestLab/schedules@2018-09-15' = {
name: 'shutdown-computevm-${vmName}'
location: location
properties: {
status: 'Enabled'
taskType: 'ComputeVmShutdownTask'
dailyRecurrence: {
time: '1900'
}
timeZoneId: 'Central Europe Standard Time'
targetResourceId: vm.id
notificationSettings: {
status: 'Enabled'
timeInMinutes: 15
emailRecipient: 'dev-team@company.com'
}
}
}For AKS clusters, use the Start/Stop feature – in non-prod environments, stop the cluster overnight and on weekends.
5. Storage Tiering and Lifecycle Policies
Azure Storage is the silent budget killer. Most data goes unread after 30 days but stays on the Hot tier:
{
"rules": [
{
"name": "lifecycle-optimization",
"type": "Lifecycle",
"definition": {
"actions": {
"baseBlob": {
"tierToCool": { "daysAfterModificationGreaterThan": 30 },
"tierToArchive": { "daysAfterModificationGreaterThan": 90 },
"delete": { "daysAfterModificationGreaterThan": 365 }
},
"snapshot": {
"delete": { "daysAfterCreationGreaterThan": 90 }
}
},
"filters": {
"blobTypes": ["blockBlob"],
"prefixMatch": ["logs/", "backups/", "exports/"]
}
}
}
]
}Moving from Hot to Cool tier reduces storage costs by 50%, Archive tier by 90%.
6. Spot VMs for Batch and Non-Critical Workloads
Azure Spot VMs offer up to 90% savings, but can be evicted at any time. Ideal for:
- CI/CD build agents
- Batch data processing
- Machine learning training
- Non-prod AKS node pools
resource spotPool 'Microsoft.ContainerService/managedClusters/agentPools@2024-02-01' = {
name: 'spotnodes'
parent: aksCluster
properties: {
count: 3
vmSize: 'Standard_D4s_v5'
scaleSetPriority: 'Spot'
scaleSetEvictionPolicy: 'Delete'
spotMaxPrice: -1 // pay current spot price
nodeTaints: ['kubernetes.azure.com/scalesetpriority=spot:NoSchedule']
mode: 'User'
}
}7. Tagging Strategy and Cost Allocation
Without tags, you don't know who's paying for what. Minimum tagging policy:
| Tag | Example | Purpose |
|---|---|---|
environment | prod, staging, dev | Filter costs per environment |
cost-center | CC-1234 | Allocate to cost centers |
owner | jan.novak@company.com | Responsible person |
project | eshop-replatform | Costs per project |
auto-shutdown | true | Shutdown candidates |
Enforce tagging via Azure Policy – Deny deployments without required tags:
resource tagPolicy 'Microsoft.Authorization/policyAssignments@2022-06-01' = {
name: 'require-cost-tags'
properties: {
displayName: 'Require cost allocation tags'
policyDefinitionId: '/providers/Microsoft.Authorization/policyDefinitions/871b6d14-10aa-478d-b466-ef6698305b4c'
enforcementMode: 'Default'
parameters: {
tagName: { value: 'cost-center' }
}
}
}FinOps Checklist (Summary)
| Step | Expected Savings | Effort |
|---|---|---|
| Cost Management alerts | Overspend prevention | Low |
| VM right-sizing | 15-50% compute | Medium |
| Reserved Instances | 30-72% stable workloads | Low |
| Auto-shutdown dev/test | 65% non-prod compute | Low |
| Storage lifecycle | 50-90% storage | Medium |
| Spot VMs | up to 90% batch compute | Medium |
| Tagging + cost allocation | Visibility & accountability | Medium |
Conclusion
FinOps is not a one-time project – it's a continuous process. Start with Cost Management alerts and right-sizing (lowest effort, highest impact), then add Reserved Instances and auto-shutdown. After implementing all seven steps, you can realistically expect a 25-40% reduction in your monthly Azure bill.
Need help with a FinOps audit of your Azure environment? Check out our cloud architecture services or reach out for a free consultation.
About the author
Martin Rylko
Senior Cloud Architect & DevOps Engineer
14+ years in IT – from on-premises datacenters and Hyper-V clustering to cloud infrastructure on Microsoft Azure. I specialize in Landing Zones, IaC automation, Kubernetes and security compliance.
Frequently Asked Questions
What is FinOps and why does it matter for Azure environments?▾
How much can you realistically save by implementing FinOps in Azure?▾
How do I set up Azure Cost Management for multiple subscriptions?▾
Are Reserved Instances worth it for smaller companies?▾
You might also like
Kubernetes AKS Production Checklist for Architects
Kubernetes AKS production readiness checklist covering Azure CNI networking, Workload Identity RBAC, cluster autoscaling, monitoring, and DR strategy.
ReadZero Trust Azure: Conditional Access Policy Design
Design Zero Trust identity architecture with Entra ID Conditional Access policies. MFA enforcement, device compliance, session controls, and named locations for Azure environments.
ReadNIS2 Azure Compliance: Checklist for Architects
NIS2 Azure compliance checklist with concrete steps: Azure Policy governance, Defender for Cloud CSPM, centralized logging, and Zero Trust identity.
Read