One-Click Remediation

CostBeacon doesn't just tell you where to save money — it lets you execute optimizations directly. When you view a recommendation, you can submit a remediation request that carries out the suggested action (e.g. deallocating an idle VM or changing a storage tier) against your Azure subscription.

Every remediation goes through an approval workflow, so no action is taken without explicit human sign-off. This gives teams the speed of automation with the safety of manual review.

CostBeacon supports the following remediation actions, each mapped to a specific Azure Resource Manager operation:

• DeallocateVm — Stops and deallocates a virtual machine, eliminating compute charges while preserving the disk and configuration. Ideal for VMs that are idle or only needed during business hours.
• ResizeVm — Changes the VM SKU to a smaller or more cost-effective size. CostBeacon suggests the target size based on utilization data from the recommendation.
• DeleteResource — Permanently deletes a resource that is no longer needed, such as an orphaned disk, unused public IP, or decommissioned App Service plan.
• ChangeStorageTier — Moves a storage account or blob container to a lower-cost access tier (e.g. Hot to Cool or Cool to Archive).

Remediation requests follow a structured lifecycle to ensure accountability and safety:

• Pending — The request has been submitted and is awaiting review by a tenant administrator.
• Approved — An administrator has approved the request. CostBeacon will begin execution shortly.
• Executing — CostBeacon is actively performing the Azure operation. This state typically lasts a few seconds to a few minutes depending on the action.
• Completed — The action was executed successfully. The recommendation is marked as resolved.
• Failed — The action could not be completed. The error details are logged and displayed on the request, and the resource is left unchanged.
• Rejected — An administrator has declined the request. No action is taken. A rejection reason can be provided for the audit trail.

To submit a remediation request, navigate to the Recommendations page and click on a recommendation to open its detail view. If the recommendation supports automated remediation, a Remediate button is displayed.

Clicking the button opens a confirmation dialog that shows the action to be performed, the target resource, and the estimated monthly savings. Review the details, then click Submit Request to create the remediation. The request enters the Pending state and appears in the Remediations section of the admin panel for approval.

You can track the status of your submitted requests on the My Requests tab, which shows all requests you have created along with their current status.

CostBeacon is designed with multiple safety layers to prevent unintended changes to your Azure environment:

• Approval required — No remediation action is executed without explicit approval from a tenant administrator. This prevents any single user from making changes unilaterally.
• Audit trail — Every remediation request is logged with the requester, approver, timestamp, action taken, and result. This trail is available in Admin → Audit Log and cannot be deleted.
• Rollback possible — For non-destructive actions like DeallocateVm and ChangeStorageTier, the operation can be reversed manually (e.g. restart the VM or change the tier back). For destructive actions like DeleteResource, the confirmation dialog includes an explicit warning that the action is irreversible.
• Least-privilege access — CostBeacon uses a service principal with scoped RBAC permissions. The principal only has access to the specific actions it needs to perform, not broad contributor or owner roles.