iCompaas Support

Description:

In Azure, different SKUs (Stock Keeping Units) are available for various resources, including Basic and Consumption SKUs. While these SKUs may be suitable for non-production or testing environments, they generally do not provide the level of monitoring, scalability, or security needed for production workloads.

For production workloads, it is critical to ensure that appropriate SKUs (such as Standard or Premium) are used for monitoring-sensitive resources, such as Virtual Machines (VMs), App Services, Storage Accounts, and other critical resources. These higher-tier SKUs typically include better monitoring capabilities, enhanced performance, and stronger security features.

Rationale:

Using Basic or Consumption SKUs in production environments for critical resources can lead to several issues, such as:

              Limited monitoring capabilities, which can affect your ability to detect issues early.

• Reduced performance and scalability, which may not meet the demands of production workloads.
  

• Lack of high availability or disaster recovery features that are typically available in higher-tier SKUs.
  

• Non-compliance with security or operational standards required for production environments.
  

Ensuring that non-production workloads do not use these SKUs will improve the monitoring, scalability, and security of production environments.

Impact:

Ensuring that Basic/Consumption SKUs are not used in production workloads will improve monitoring, reliability, and performance for critical workloads. However, switching to higher-tier SKUs may increase costs. The benefits of enhanced monitoring, better performance, and greater reliability outweigh the additional costs for production workloads, which require high availability and strong security.

Default Value:

By default, Azure allows the selection of Basic or Consumption SKUs for various resources. This is typically done when resources are created for non-production or testing purposes, where high availability and monitoring may not be as critical.

Pre-requisites:

• Azure subscription.
  

• Owner or Contributor role permissions to modify SKUs.
  

• Production workloads that require monitoring (e.g., VMs, Web Apps, Databases, Storage Accounts).
  

Audit:

1. Sign in to Azure portal as an Owner or Contributor.
   

2. Review the SKUs of production resources to ensure that Basic or Consumption SKUs are not in use.
   

3. Verify that the appropriate Standard, Premium, or other suitable SKUs are selected for production workloads requiring monitoring and scalability.
   

Implementation Steps (Manual):

1. Sign in to Azure portal:
   

   • Use an account with Owner or Contributor permissions.
     

2. Navigate to Resources with Basic/Consumption SKUs:
   

   • Go to the Azure portal and search for resources (e.g., VMs, App Services, Databases) that are part of your production workloads.
     

3. Check Resource SKU:
   

   • For each resource, check the SKU being used:
     

     • In the Azure portal, go to the resource's Overview page, and verify the SKU listed (Basic, Consumption, Standard, Premium, etc.).
       

     • Basic or Consumption SKUs should not be used for production resources.
       

4. Modify Resource SKU (if Basic/Consumption is used):
   

   • If you identify any resources using Basic or Consumption SKUs, consider changing them to more appropriate SKUs, such as Standard or Premium, which offer better monitoring, scalability, and performance features.
     

5. Example:
   

   • Virtual Machines: Upgrade from B-Series (Basic) to D-Series (Standard).
     

   • App Services: Upgrade from Consumption plan to Standard or Premium plan.
     

6. Change SKU for Virtual Machines (VMs):
   

   • In the Azure portal, navigate to the VM resource.
     

   • Under Size, select a more appropriate SKU (e.g., Standard D-Series, Standard F-Series) instead of Basic A-Series.
     

7. Change SKU for App Services:
   

   • In App Service settings, under Scale Up (App Service plan), switch from Consumption to a higher-tier plan such as Standard or Premium.
     

8. Change SKU for Databases (e.g., Azure SQL Database):
   

   • For Azure SQL Databases, switch from the Basic tier to Standard or Premium for better performance and monitoring.
     

10. Review and Validate Resource Changes:
    

    • After updating the SKU for any resources, validate that the new tier supports the required monitoring and scalability features.
      

    • Test the performance and monitoring settings to ensure that the new SKU provides adequate coverage for production workloads.
      

11. Monitor Resources for Compliance:
    

    • Use Azure Policy to automatically enforce that production resources do not use Basic/Consumption SKUs.
      

    • Set up Azure Policy definitions to prevent the deployment of resources in non-compliant SKUs for production workloads.
      

Backout Plan (Manual):

1. Sign in to Azure portal:
   

   • Use an account with Owner or Contributor permissions.
     

2. Navigate to Resources:
   

   • Go to the Azure portal and select the resources that you modified (e.g., VMs, App Services, Databases).
     

3. Revert Resource SKU:
   

   • If the new SKU causes issues or if it's necessary to revert, change the SKU back to the previous Basic/Consumption tier for non-production workloads.
     

4. Verify Reverted Resources:
   

   • Ensure that the resources are now running under the Basic or Consumption SKU, if needed for non-production environments.
     

5. Test and Validate:
   

   • After reverting, test the resources to ensure they are functioning correctly under the original SKU.
     

References:

• Azure VM SKU Documentation
  

• App Service Plans Overview
  

• Azure SQL Database Pricing and Tiers
  

• Azure Policy Documentation