Cloudability Connect Microsoft Azure

Edit online

To configure the Cloudability credentials to access Azure cost management data by exporting a CSV file from the Azure Portal. The CSV file captures cost and usage data and saves it to Azure storage. The user is then provided the Cloudability access to that storage to read the data.

  1. Set up cost management.

    Set up CSV formatted billing data to be automatically exported to Azure storage on a daily basis.

    Set up Cost Management for Cloudability Azure Enrollment Agreement (EA) customers

    Set up Cost Management APIs for Cloudability Azure Enrollment Agreement (EA) customers

    Set up Cost Management for Cloudability Azure Microsoft Customer Agreement (MCA) customers

    Set up Cost Management APIs for Azure Microsoft Customer Agreement (MCA) customers

  2. Enable rightsizing and RI planning

    Provide Cloudability with information about your billing data setup from your Azure Portal.

    Setup Azure Rightsizing and RI Planning

  3. Enable collection of memory metrics

    Provide Cloudability read-only access to the cost & usage data on your Azure storage.

    Setup Azure Memory Metrics Collection

An example of the type of information Cloudability requires from the Azure Portal is listed below;
  • tenant id
  • subscription id
  • resource group name
  • storage account name
  • container name
  • directory name
  • cost export name
  • amortized export name

Before you start

Before you begin to set up the Cloudability credentials, confirm that you are a Cloudability Administrator and meet the following requirements.

Ensure that you have one of the following Azure Active Directory roles in your organization:
  • Global Administrator
  • Application Developer
  • Cloud Application Administrator
  • Azure Savings Plan Reader (For Cloudability Premium customers)

For the Azure portal, you must have permissions provided by one of these Azure scopes to create the billing data export.

https://docs.microsoft.com/en-us/azure/cost-management-billing/costs/understand-work-scopes
  • Owner (can view/manage everything, including cost configuration)
  • Contributor (can view/manage everything, including cost configuration, excluding access control)
  • Cost Management Contributor (can view/manage cost configuration)
    Note:

    In order to successfully apply the “Enrollment Reader” permission to the IAM role (required for advanced features such as Savings Plans and Reserved Instance Planning), the user account running the power shell script must be at least of “Enrollment Writer” role them self under EA.

    For Azure Storage accounts:

  • You must have "write" permissions to change the configured storage account (regardless of permissions on the export).
  • The storage account must be configured for blob or file storage. If possible, Cloudability you must create a new storage account dedicated to cost management data.

For Azure Savings Plan Reader role:

If you have savings plans for your Azure workloads, enable access for Turbonomic to these savings plans by assigning the built-in Savings Plan Reader role to Cloudability's service principal.
Note:

Before performing the steps below, the Cloudability application's service principal must already exist in the Azure tenant(s) where the Savings Plan Reader role will be assigned. Follow the steps in Set up Cost Management for Cloudability Azure Enrollment Agreement (EA) customers , Set up Cost Management APIs for Cloudability ] Azure Enrollment Agreement (EA) customers , Set up Cost Management for Cloudability Azure Microsoft Customer Agreement (MCA) customers , Set up Cost Management APIs for Cloudability Azure Microsoft Customer Agreement (MCA) customers , and/or Set up Azure Rightsizing and Reserved Instance Planning sections first to create the Cloudability service principal in the tenant(s).

  1. Sign in to the Azure portal with a user account that has permissions to assign roles to savings plans https://portal.azure.com .

    Be sure that you are working in the correct Azure directory where you will assign the Savings Plan Reader role.

  2. Browse to the Savings plans page: https://portal.azure.com/#view/Microsoft_Azure_Reservations/ReservationsBrowseBlade/productType/SavingsPlan

  3. In the Savings Plans page, choose Role Assignment .

  4. In the Access Control page, choose Add Role Assignment .

  5. In the Add Role Assignment page:

    1. Choose the Role tab.

    2. In the search bar, type Savings Plan Reader as your search keyword.

    3. Choose Savings Plan Reader from the list of built-in roles that display and then choose Next.

    4. In the Members tab, choose + Select members .

    5. Search for the CloudabilityUtilizationDataCollector service principal.

    6. Add the service principal. Optionally, specify a description for this role assignment and then choose Next .

    7. In the Review + Assign tab, review your settings and then choose Review + Assign .

Upon upgrading to Cloudability Premium , the Billing Reports and Advanced Reports status for each of the Azure (EA or MCA) accounts in the listing page will not change. However, your Cloudability admin needs to edit each account following the steps enabling Cloudability share these accounts with Turbonomic .

  1. Click Optimize Resources in the toggle button.

  2. Generate setup script.

  3. Update the permissions by executing the script.

  4. Re-verify the account.

There are additional Turbonomic permissions that gets added to basic (Billing Data), advanced (Utilization Data) and Optimize Resources (execute actions) which are documented in the help center documents. Once your account is verified, the list of permissions can be viewed by choosing the Details option on each Azure account listed under Cloudability.