Azure Management Group onboarding as billing

You can onboard azure management group as billing by following the CLI steps provided below.

To manage an Azure Active Directory (AAD) app and create a client secret, the Active Directory administrator role is required

Create AAD

az ad sp create-for-rbac --display-name "<APP_NAME>" --years=2 -o table

• <APP_NAME>: Enter the unique name. Recommended (digitalex_management_group)

• Capture App id and share it with Owner required to Assign Permissions to the App

• Capture Password (Secret) and Tenant id required to Connect Billing Account

To assign permissions to the Azure Active Directory (AAD) app, it is recommended to have the Owner role. Alternatively, you can have both the Contributor and User Access Administrator roles.

Assign Permissions to the App

az role assignment create --assignee "<APP_ID>" --role "Reader" --scope "/providers/Microsoft.Management/managementGroups/<MANAGEMENT_GROUP-ID>" -o table

• <APP_ID> : Enter App id created in above step

• <MANAGEMENT_GROUP-ID>: Enter your management group Id(To Get Management Group id Navigate to Azure Console > Search Management Group > Capture tenant group id)

Connect Billing Account

1. Login to DigitalEx

2. Go to Menu > Admin > Public Clouds

3. Click on +Account

4. Select CSP as Account type and Billing Scope as Management group

5. Enter required details

6. Click Connect

You can use the same credentials to onboard the Management Group as a usage account.Azure Management Group Manual CLI Onboarding