Azure Day-to-Day Operational Tasks

This guide outlines common daily tasks for a Cloud Engineer or Azure Administrator.

1. Resource Monitoring and Health

Azure Monitor: Check the "Insights" for key resources like VMs (VM Insights), Storage Accounts, and AKS clusters. Look for high CPU, memory pressure, or disk I/O bottlenecks.
Service Health: Check Azure Service Health for any planned maintenance or outages in the regions where your resources are deployed.
Log Analytics: Run KQL (Kusto Query Language) queries to troubleshoot specific issues. For example, AppRequests | where Success == false to find failed web requests.

User Management: Create new users, assign licenses, and reset passwords in Microsoft Entra ID.
RBAC Auditing: Review Role-Based Access Control (RBAC) assignments on Resource Groups. Ensure users have Contributor or Reader access rather than Owner unless necessary.
PIM (Privileged Identity Management): Approve or deny requests for just-in-time elevated access if PIM is enabled.

Cost Analysis: Open Cost Management + Billing. Check the "Accumulated Cost" chart to see if the daily burn rate is trending as expected.
Advisor Recommendations: Check Azure Advisor for "Cost" recommendations, such as buying Reserved Instances for predictable workloads or deleting unattached managed disks.

Defender for Cloud: Review the "Secure Score". Address high-priority recommendations like "Enable MFA", "Install Endpoint Protection", or "Apply system updates".
Key Vault: Ensure secrets and certificates in Azure Key Vault are not close to expiration. Rotate secrets if necessary.

Patching: Use Azure Update Manager to check compliance of VMs. Schedule patch deployments for maintenance windows.
Backups: Verify that Azure Backup jobs for VMs and SQL databases completed successfully. Perform a test restore periodically.