Skip to main content
  1. Home
  2. >
  3. Azure
  4. >
  5. AZ-305
  6. >
  7. This article

Azure AZ-305 Drill: Governance Reporting - ARM Resource Deployment Monitoring

·680 words·4 mins·
Architecture Drills Microsoft Azure AZ-305 Azure CAF Governance Azure Activity Log
Jeff Taakey
Author
Jeff Taakey
21+ Year Enterprise Architect | Multi-Cloud Architect & Strategist.
Jeff's Architecture Insights
Go beyond static exam dumps. Jeff’s Insights is engineered to cultivate the mindset of a Production-Ready Architect. We move past ‘correct answers’ to dissect the strategic trade-offs and multi-cloud patterns required to balance reliability, security, and TCO in mission-critical environments.
Table of Contents

While preparing for the AZ-305 Expert-level exam, many candidates struggle with effective governance reporting. In the enterprise world, this decision often hinges on balancing operational visibility with cost and integration requirements. Let’s drill into a simulated migration scenario.

The Scenario
#

Wingate Manufacturing is a global industrial company undergoing a cloud transformation to Azure. As part of their governance strategy, the Cloud Center of Excellence (CCoE) team needs a monthly report detailing all new Azure Resource Manager (ARM) resource deployments across the organization’s multiple Azure subscriptions. The purpose is to track provisioning activities for auditing and compliance. The environment uses Azure Active Directory for identity, and all resource deployments must comply with Wingate’s enterprise policies.

Key Requirements
#

Recommend a solution that will generate a comprehensive monthly report covering all new ARM resource deployments in all Azure subscriptions under Wingate’s tenant. The report must include sufficient detail to support governance, compliance auditing, and operational visibility.

The Options
#

  • A) Azure Activity Log
  • B) Azure Advisor
  • C) Azure Analysis Services
  • D) Azure Monitor Action Groups

Correct Answer
#

A) Azure Activity Log

The Architect’s Analysis
#

Correct Answer
#

Option A: Azure Activity Log

Step-by-Step Winning Logic
#

Azure Activity Log is the authoritative source for all subscription-level control-plane events, including ARM template deployments, resource creation, modification, and deletions. It provides a centralized audit trail critical for governance and compliance frameworks aligned with the Microsoft Cloud Adoption Framework (CAF) Governance discipline.

This solution supports Operational Excellence by enabling visibility into what changes occur and when, which is fundamental for proactive management and security incident investigation. It adheres to the Security and Compliance pillar of the Well-Architected Framework by ensuring traceability. Moreover, integrating Activity Logs with Log Analytics or Azure Monitor allows automated generation of reports and alerting, enhancing reliability and cost-effective management.

The Trap (Distractor Analysis)
#

  • Why not Azure Advisor?
    Azure Advisor provides best practice recommendations focusing on cost optimization, security, and performance but does not offer detailed deployment logs or event tracking necessary for monthly deployment reports. It serves reactive guidance rather than proactive operational auditing.

  • Why not Azure Analysis Services?
    Azure Analysis Services is a data modeling service ideal for building semantic models on top of data sources. It does not collect or generate deployment logs or governance-related operational data and is irrelevant for monitoring ARM deployments.

  • Why not Azure Monitor Action Groups?
    Action Groups are notification groups leveraged in alerting workflows—they do not collect or store logs themselves. While they can respond to alerts, they are not a data source or report generator for resource deployments.

The Architect Blueprint
#

Mermaid Diagram illustrating Azure Activity Log ingestion and reporting flow:

graph TD subgraph "Azure Subscriptions" ARM["ARM Resource Deployments"] end ARM --> ActivityLog["Azure Activity Log (Control Plane Events)"] ActivityLog --> LogAnalytics["Log Analytics Workspace"] LogAnalytics --> ReportGen["Monthly Deployment Report Generator"] style ARM fill:#0078D4,stroke:#333,color:#fff style ActivityLog fill:#5C2D91,stroke:#333,color:#fff style LogAnalytics fill:#68217A,stroke:#333,color:#fff style ReportGen fill:#004E8C,stroke:#333,color:#fff

Diagram Note: ARM deployment events emit to the Azure Activity Log, which pipelines data into Log Analytics for querying and automated report generation.

The Decision Matrix (Expert Level)
#

Option Est. Complexity Est. Monthly Cost Pros Cons
A) Azure Activity Log Low - native service Minimal (included with subscription) Native audit trail; built-in integration with Monitor and Log Analytics; supports automation Requires setup of log retention and querying
B) Azure Advisor Low Free Provides optimization recommendations No detailed deployment logs; not for reporting
C) Azure Analysis Services Medium (setup and modeling) Varies (pay as you provision) Powerful data modeling and analytics Not designed for deployment auditing
D) Azure Monitor Action Groups Low (notification config) Minimal (per alert charges) Supports alerting and response Not a data source; only triggers notifications

Real-World Practitioner Insight
#

Exam Rule
#

For governance and compliance tracking of resource deployments, always rely primarily on Azure Activity Log as the single source of truth for subscription-level change history.

Real World
#

Enterprises commonly build automated pipelines that export activity logs to Log Analytics or Azure Sentinel, enabling advanced reporting and anomaly detection as part of their enterprise governance and security operations center (SOC) workflows.

Related Articles

Weekly Azure AZ-305 Drills: Architect Solutions

Design identity, governance, and monitoring solutions. Master Azure infrastructure and data storage.