OMS - Azure Resource Usage Solution

Azure Public Test Date Azure Public Test Result

Azure US Gov Last Test Date Azure US Gov Last Test Result

Best Practice Check Cred Scan Check

Deploy To Azure Deploy To Azure US Gov Visualize

[AZURE.NOTE]This is preliminary documentation for Azure Resource Usage Solution, a management solution you can deploy into OMS that will provide insights of virtual machines across subscriptions.

Azure Resource Usage Solution collects and visualizes Azure Usage from Azure Billing APIs to bring in the cost metric of Azure resources. Solution provides usage deatils for;

  • Category (Storage)
  • SubCategory (Locally Redundant)
  • MeterType (Standard IO - Page Blob/Disk (GB))
  • Resouce ( VM, Storage Account , Website)
  • Reosuce Group
  • Resource Tags

alt text

Pre-reqs

  • Automation Account with SPN

Before you deploy this template, you must create an Automation Account in the Azure portal with the default settings so that the SPN account will be created. If you have an existing OMS Log Analytics Workspace you would like to use for this solution, it is important that the Automation account is created into the same Resource Group where the OMS Log Analytics Workspace is located.

If you dont have an existing OMS Log Analytics Workspace, the template will create and deploy this for you.

Deploying the Azure Resource Usage Solution

Follow these instructions to deploy the solution into an existing - or new Log Analytics Workspace

Log into Azure Portal (https://portal.azure.com) and ensure you are in the subscription containing the recovery vault you want to monitor

Locate your existing OMS Log Analytics Workspace and note the name of the workspace, the location of the workspace, and the Resource Group

alt text

Next, create a new Automation Account and click on New and search for 'Automation'

alt text

Select Automation and click Create

Specify the name of the Automation Account and ensure you are selecting 'Use existing' and selects the Resource Group containing the OMS Log Analytics workspace. If possible, use the same Azure Region for the Automation Account. Ensure that 'Create Azure Run As account' is set to 'Yes' and click 'Create'

alt text

Once the deployment has completed, you should see the Automation account and the Log Analytics workspace in the same Resource Group

alt text

You can now deploy the template

Deploy to Azure

This will send you to the Azure Portal with some default values for the template parameters. Ensure that the parameters reflects your setup so that you are deploying this into the existing Resource Group containing the Log Analytics Workspace and the Automation account.

Please take caution on OMS workspace SKU and Automation Account SKU as selections might effect the existing deployment.

Solution requires a new guid to be created every time ARM template deployed. Using same guid will cause deployment to fail!

Parameters

  • OMS Log Analytics Workspace Name

Specify the name of the workspace you want to deploy this solution to

  • OMS Log Analytics Region

Select the Azure Region where your existing workspace is located

  • OMS Automation Account Name

Specify the name of the automation account you created earlier

  • OMS Automation Region

Select the Azure Region where your automation account is located

You should also change the values for the Ingest Scheduler Guid and Ingest Cleanup Guid. You can generate your own using PowerShell with the following cmdlet:

alt text

Once you have customized all the parameters, click Create

alt text

The ingestion will start 5-10 minutes post deployment.

Exploring the views

Once the template has successfully been deployed, Azure usage data ingestion should occur within 1 hour post deployment. If you are deploying the solution to a new workspace, it can take approximately 30 minutes before the indexing has completed for the workspace in general. IF you have selected Daily data ingestion , usage data will be ingested at 02.00 AM (UTC) every day and while viewing the views time range should be set at least to 1 day .

In the Resource Group where you deployed the template, you should see the solution resource.

  • AzureUsage[workspaceName]

alt text

Azure Resouce Usage

The views for Azure Resource will give you an overview of usage and cost of resources in an Azure Subscription. Multiple subscriptions can be added to provide overview for all.

alt text

alt text

Troubleshooting

Solution relies on Automation Account with Runas Accounts configured. Both SPN and Classic Certificate is used by the Storage REST API calls.

alt text

General Troubleshooting steps ;

  • Make sure you specify a new Guid each time template is deployed
  • Check if automation account can start the runbooks
  • Check if Runas Accounts configured properly and has permission to query subscription details and can access storage keys
  • Check if AzureStorageIngestion....... Automation Schedules are enabled
  • Navigate to Resource group , delete AzureUsage[workspaceName] solution and redeploy template with a new Guid

Adding Additional Subscriptions | Partial Deployment

Deploying all resources in a single resource group is the prefferred way for deploying the solution. But if you have your OMS workspace and Automation account in different resource groups you can use the partial templates to deploy the solution.

First deploy the OMS Solution Views by following the link below

Deploy OMS Views

Second use the link below to deploy the automation components to an existing automation account.

This second template also used to onboard additional subscriptions to the solution !

Deploy Automation/ Add Subscriptions

Template requires OMS Log Analytics workspace ID and Key from the workspace where solution is already deployed. Navigate to Log Analytics Portal / Settings / Connected Sources to get worspace Id and Key. This solution will deploy only the automation components used in data collection and push data to existing log analytics workspace.

Tags: PowerShell, Microsoft.OperationalInsights/workspaces, views, Blade, OverviewTile, Microsoft.Automation/automationAccounts, variables, [variables('opsInsightWorkspaceIDType')], [variables('opsInsightWorkspaceKeyType')], [variables('createScheduleAutomationAccountType')], [variables('createScheduleResourceGroupType')], runbooks, microsoft.automation/automationAccounts/schedules, microsoft.automation/automationAccounts/jobSchedules, Microsoft.Automation/automationAccounts/jobs, Microsoft.OperationsManagement/solutions