Skip to content

Azure Integration

Cost Management needs access to the Microsoft Azure Billing Rate Card API to access accurate pricing data for your Kubernetes resources.

Users must perform the below steps and complete a few setups to create a Cost profile in the controller

Step 1: Custom Azure Role Creation

  • Create an Azure role definition. Below is an example file, in which the user must replace YOUR_SUBSCRIPTION_ID with the Subscription ID where your Kubernetes Clusters are running:
{
    "Name": "CostmanagementRole",
    "IsCustom": true,
    "Description": "Rate Card query role",
    "Actions": [
        "Microsoft.Compute/virtualMachines/vmSizes/read",
        "Microsoft.Resources/subscriptions/locations/read",
        "Microsoft.Resources/providers/read",
        "Microsoft.ContainerService/containerServices/read",
        "Microsoft.Commerce/RateCard/read"
    ],
    "AssignableScopes": [
        "/subscriptions/YOUR_SUBSCRIPTION_ID"
    ]
}

  • Save this file with a preferred name, for example, myazurerole.json

  • Run the below command to register that role with Azure

az role definition create --verbose --role-definition @myazurerole.json

Step 2: Create an Azure Service Principal

  • Run the below command to create an Azure Service Principal
az ad sp create-for-rbac --name "<display_name>" --role "CostmanagementRole" --scope "/subscriptions/YOUR_SUBSCRIPTION_ID" --output json

Step 3: Azure Service Principal details to Cost Management

Supplying through Cloud Credentials

Create a cloud credentials of type Cost Management and provider Azure. Enter all the parameters

Create Cloud Credential

Refer Cloud credentials for more details

Important

Steps 4 to 6 are applicable if your organization has an Enterprise Agreement or Partner Agreement with Azure. Steps 4 to 6 will ensure that the Consumption Price Sheet API is used to request prices specifically for your billing account.

Step 4: Billing account ID

Find you billing account ID through the Azure Portal or using the CLI.

az billing account list --query "[].{name:name, displayName:displayName}"

Step 5: Grant billing access to Service Principal

To call the Price Sheet API, the service principal that you created above needs to be granted the EnrollmentReader billing role. You can do this by following the instructions outlined in the Azure Guide and using the Role Assignments API reference page.

Assigning a billing role isn't directly supported in the az CLI yet. To simplify this you can use this bash script.

Save the script to a file named assign-billing-role.bash and run it:

export SP_NAME=<your SP name>
export BILLING_ACCOUNT_ID=<your billing account ID>
chmod u+x assign-billing-role.bash
./assign-billing-role.bash

Step 6: Offer ID

As well as the billing account ID, Cost Profile configuration also needs the offer ID for your subscription to query the price sheet. You can find this on the subscription page in the Azure portal.

Step 7: Cost Profile

Create a custom role, enable Custom Pricing and provide:

  • Cloud credentials
  • Billing Account ID
  • Offer ID

Installation Profile Overview

This Custom Cost Profile can be applied to clusters via blueprints.