The Four Pillars of Azure Billing Administration

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email


  • The goal of billing in general is to have cost clarity and to understand your spending. So that you’re not being over charged and you don’t understand where the costs are coming from…Basically, to fulfill the following:
    • Cost planning
    • Cost visibility
    • Cost monitoring
    • Cost optimization

Cost Issues In Azure

  • Many old habits/behaviors will create new problems for you in the cloud
  • A lot of cost issues in the cloud is not about the technology or pricing but about behavior.. what are they deploying, how are they cleaning up?
    • Examples
      • 32TB of unused storage for not-cleaned up for years
      • Empty P11 databases provisioned for a deployment in 2 weeks
      • App teams (developers, infrastructure, devops) are making decisions everyday that affects COST.. and in many cases without the need for authorization.. 
        • People that were not used to judging business outcomes are now tasked with doing exactly that
        • Developers are measured by performance and reliability.. so they will overprovision the VM but the smallest VM will give he best business outcome
        • On-premises, it’s not easy to do this.. if you have the virtual host, you already made the investment
  • The first step is to use the available tools to PLAN your costs
  • The next step is getting VISIBILITY (accurate, up-to-date visibility)
  • The next step is ACCOUNTABILITY
  • Then OPTIMIZATION (which includes continuous monitoring)

Azure Cost Management + Billing

  • Planning
  • Visibility
  • Accountability
  • Optimization


Here are some of the tools available to us in Azure to help with our planning:

  1. Azure Pricing Calculator
  1. Azure Pricing Details (Scroll down to select services)
  1. Total Cost of Ownership (TCO) calculator


  • Azure Portal → All Services → Cost Management + Billing → Invoices
    • We can view older invoices
    • We can “Opt-In” to invoice emails and add recipients
  • Download usage report, Tags in billing reports
    • Azure Portal → All Services → Cost Management + Billing → Subscriptions → Manage
      • OR
    • Azure account center ( → Click on subscription → Overview
    • Azure account center ( → Click on subscription → Billing history –> Download Usage: version 2 – preview –> There is a tags column
  • Configure proactive alerts
    • Azure account center ( → Click on subscription → Preview features → “try it now” → accept → Go back to “subscriptions” → Click on “Alerts preview” → Add alert
      • If “Billing Total” is nearing £100
  • After getting some VISIBILITY, we may want to dig deeper to do some ANALYSIS of what is behind our spending or billing
    • To see if there’s a particular resource that’s behind a spike in cost
    • Azure Portal → All Services → Cost Management + Billing → Cost Management
      • We can see these three aspects here:
        • Cost Analysis (Visibility)
        • Create Budget (Accountability)
        • Azure Advisor (Optimization)
  • Azure Portal → All Services → Cost Management + Billing → Cost Management → Cost Analysis
    • OR Azure Portal → Subscriptions → Select Subscription → Cost Analysis
      • We can scope by subscription or management group
      • We can group bylocation, resource group name, resource type, service name
        • This will give us context into what resource type or resource group is behind our spending in the charts (by color codes)
      • We can click on Cost by resource” at the top to see which resources are behind our spending
        • But be careful with your analysis as sometimes, it’s not the big costs but the multiple little costs
      • We can filter based on many factors like Tags, Resource Group Name, e.t.c. to gain an even more specific context
  • Monitoring
    • View billing history and invoice
      • Azure Portal → Cost Management + Billing
        • Overview → Recent Billing History 
          • Azure cost over the past several months
          • Can spot anomalies
        • Invoices → Select subscription
          • Get a copy of invoice at the end of every month
          • Download PDF


Here are some fundamental principles for cost accountability in Azure:

  1.  Use TAGs
    • To add context for cost analysis
    • Tags should be enforced by configuration policies
      • Finance codes E.g. CostCenter tag
      • Application context AppService tag
      • Deployment context E.g. Environment tag
      • Who is accountable E.g. BusinessOwner tag
  1. Apply cost related policies
  • Sample cost related policies (not all policies are security and compliance related)
    • Apply tags
    • Not allowed resource types
    • Allowed resource types
    • Allowed storage account SKUs
    • Allowed virtual machine SKUs
    • Allowed locations
  • Azure Portal → All Services → Azure Policies
  1. Budgets (for monitoring and notifications)
  • For notifying teams if they are approaching or over their budgets
  • See budgets in relation to your cost
  • Azure Portal → All Services → Cost Management + Billing → Cost Management → Budgets → Add
    • OR Azure Portal → Subscriptions → Select Subscription → Budgets → Add
  1. Use RBAC
  • RBAC roles
    • Cost Management Reader
    • Cost Management Contributor (create budgets)
    • We can use roles to give the IT Manager the permissions to set budgets or even the finance team but they cannot do anything else
    • Azure Portal →Azure AD → New User
      • Name: financeuser
      • User name:
      • Directory role: user
    • Azure Portal → Subscriptions → Select Subscription → Access Control (IAM) → Add → Role Assignment → Cost Management Contributor → financeuser → Save
      • Azure Portal → Login as “financeuser”
      • If you go under “Subscriptions”, you can set BUDGETs
        • You can specify alert percentage and add alert recipient (not action group)


  • A workload can run fine in three different VM sizes. Which one will the developer choose?
    • Developers have historically been measured by performance and reliability; so they will over-provision the VM but the smallest VM will give the best business outcome
    • People that were not used to judging business outcomes are now tasked with doing exactly that
  • Now the main question is this:
    • How do we ensure that the right stakeholders know when there are opportunities to optimize cost? 
  1. Azure Advisor
  • Integrated directly into “Azure Cost Management”
  • Your personal Azure consultant
    • Cost
    • Performance
    • Security
    • High Availability
  • Cost recommendations 
  • Advisor analyzes the usage patterns of your virtual machines for 14 days, and uses rules to identify low usage virtual machines. You can customize these rules to better match your business needs.
    • Default is an average of less than 5% CPU but we can edit this
  1. Purchasing recommendations
    • Azure Hybrid Benefit
      • Enables us to bring our on-prem license for use on Windows Servers and SQL servers on Azure VMs and save 85%
      • Can get up to 93% savings with Hybrid benefit for both Windows and SQL and adding reserved instances for 3 years
      • Azure Portal → VM → Select VM → Configuration → Azure Hybrid Benefit


Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore


New Azure Container Instance Vulnerability — What to do?

Just yesterday, Microsoft disclosed a new (and yet to be clarified) Azure Container Instance vulnerability — From the information shared in the disclosure, it seems

Protecting against #ChaosDB

Cloud security researchers @sagitz and @nirohfeld who both work at Wiz recently discovered what I think is a major vulnerability that exploits the recent CosmosDB Jupyter notebook feature to

Do You Want To Boost Your Business?

drop us a line and keep in touch