Guides
Savings Test Guide
Connecting an AWS Account
Connecting an Azure account
Connecting a GCP account
Categories
Flex-Commit Program
What is the Flex-Commit Program?
Which commitments are eligible under the 'Flex-Commit Program'?
How does cash-back work?
Billing
What is Usage's pricing?
Payment Options
Reporting and Visibility
FAQ
Security and Compliance
Implementation and Integration
Support and Customer Service
Home
Guides

Connecting an Azure account

This guide covers integrating Azure accounts.

Welcome to the Azure integration guide! In this guide, we will provide steps and requirements to connecting your Azure account for a savings test.

Step 1: Begin Azure Account Connection

  1. Navigate to Integrations and select Azure.
  2. Click the Connect button.
  3. Review the Summary section, which explains that Usage AI will integrate with your Azure account using a dedicated Service Principal with read-only permissions.
  4. Prerequisite: Ensure you have set up the Azure CLI environment by following the provided instructions.
  5. Access Requirement: You must have the User Access Administrator Role to proceed.
    • If you have this role, check the box: "I have User Access Administrator Role."
  6. Enter a name for your Azure connection under Account Nickname.
  7. Select the product(s) you want to enable (e.g., Insured Commitments for Azure reservation and savings plans).
  8. Click Next to proceed.

Step 2: Create a Custom Role in Azure

  1. Access the Azure Portal
    • Open the Azure Portal.
    • Locate your Tenant Root Management Group ID and enter it in the provided field.
  2. Navigate to Tenant Root Group
    • In the Azure Portal, go to Access Control (IAM) under the Tenant Root Group.
    • Click on Add Custom Role.
  3. Paste the JSON Policy
    • Copy the provided JSON permissions from the Create Custom Role section.
    • Paste the JSON into the JSON editor within the Azure Portal.
    • Save the changes, then click Review + Create.
  4. Once the role is successfully created, click Next to proceed.

Step 3: Invite External User (Usage)

  1. Invite Usage AI as an External User
    • In the Users page of the Azure portal, click "+ New User" and select Invite External User.
    • Enter azure-support@usage.ai as the email address.
    • Click "Review + Invite" to proceed.
    • Click Invite to send the invitation.
  2. Retrieve Object ID and Primary Domain
    • Once the invitation is sent, go back to the Users page.
    • Click on the Display Name of the invited guest user.
    • Copy the Object ID and paste it into the corresponding input field.
    • Open the Microsoft Entra ID page.
    • Copy the Primary domain and paste it into the Primary domain input field.
  3. Once you’ve entered the Object ID and Primary Domain, click Next to continue.

Step 4: Create a Service Principal for Usage

  1. Open Azure CLI
    • Run the following command in Azure CLI to create a service principal for Usage
      az ad sp create-for-rbac -n "usageai"
    • Click Copy to easily copy the command.
  2. Retrieve JSON Output
    • After executing the command, Azure CLI will generate a JSON output containing:
      • Application ID
      • Password
      • Tenant ID
  3. Enter the JSON Data
    • Paste the JSON output into the provided field under Paste JSON, or manually enter the details under Enter Manually.
  4. Once the information is entered, click Next to proceed

Step 5: Assign Permissions

  1. Enter Your Management Group ID
    • Locate your Management Group ID in the Azure Portal.
    • Enter it in the Usage AI dashboard.
  2. Assign Permissions
    • Follow the instructions on the dashboard to assign the necessary permissions to your Management Group.

Complete the Integration

Once permissions are successfully assigned, click Complete Integration to finalize the connection.

Recommended guide

Savings Test Guide

Conducted using a light IAM policy and role to inform you of savings available through Usage's short-term commitments.

Read guide
Recommended guide

Connecting an AWS Account

This guide covers connecting AWS accounts individually and batch connecting via Terraform and CloudFormation.

Read guide

Guides
Connecting a GCP account
Connecting an Azure account
Connecting an AWS Account
Savings Test Guide
Categories
Flex-Commit Program
Billing
FAQ