Currently, my team is tasked with Deallocating all nonprod VMs (both ones we manage and do not manage in all 4 of our subscriptions). I have developed automation to tag all 1000+ VMs both running & already deallocated. Now, we want to be able to monitor when other teams restart a VM without our knowledge (these other teams do not have access to the portal but utilize a service principal app to automate things).
I am looking for a good solution to monitor when Azure VMs are created/restarted/started. I tried using Azure Monitor which isn't the best solution when you have over 100+ resource groups and 4 subscriptions.
Looked at creating a policy which doesn't show much information either.
Is it possible to use Automation (script + Jenkins). Or is there any other Azure capability out there ?