Skip to main content
Microsoft Azure

Learn how to use OneIQ Pulse to capture billing, configuration, and performance metrics from Azure subscriptions.

Support Kappa avatar
Written by Support Kappa
Updated over a month ago

Overview

This article describes how to connect to Mircosoft Azure using OneIQ Pulse so that you can:

  • Optimize Azure spend by right-sizing Azure Virtual Machines with OneIQ Insights.

  • Understand dependencies among Azure and other workloads across Hybrid IT.

  • Identify cost-saving opportunities to repatriate application workloads from Azure to the data center.

Steps Required

  1. Download OneIQ Pulse for Azure

  2. Create a Service Principle for OneIQ Pulse in the Azure portal

  3. Deploy OneIQ Pulse in Azure using a customer template

Downloading OneIQ Pulse for Azure

OneIQ Pulse for Azure can be downloaded as an Azure Resource Manager (ARM) manifest from the Connectors tab of the IT environment in the OneIQ Portal:

  1. Login to the OneIQ Portal.

  2. Select IT Environments in the left navigation menu and go to the Connectors tab.

  3. Select Microsoft Azure as the platform to connect.

  4. In the "Connect your Microsoft Azure cloud" section, specify the name of the OneIQ Pulse for Azure connector to differentiate it from other connectors in your IT environment. For example, this could be the name of the Azure region.

  5. Then click Download to save the OneIQ Pulse ARM manifest.

Creating the OneIQ Pulse Service Principal

  1. Go to the Azure Portal and launch Cloud Shell from the top navigation:

    If you are using Powershell, then click the Switch to Bash button in the top left.

  2. Set the Subscription ID that will be used for the OneIQ Pulse Service Principal (replace xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx):
    az account list --output table

    az account set --subscription xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

  3. Create the OneIQ Pulse Service Principal, and assign the required 'Monitoring Reader' Role:
    subscriptionId=$(az account show --query id --output tsv)

    principal=$(az ad sp create-for-rbac --name "OneIQ-Pulse" --role "Monitoring Reader" --scope "/subscriptions/$subscriptionId" --output json)

  4. Output the credentials, and save them in a secure location because the password (Service Principal Token) is not saved anywhere else:
    echo $principal | jq


    Example output:
    {

    "appId": "12345678-1234-1234-1234-123456789abc",

    "displayName": "SomeAppName",

    "password": "P@ssw0rd123!",

    "tenant": "87654321-4321-4321-4321-abcdef987654"

    }

  5. If you would like to analyze NetFlow logs, then assign the Storage Blob Data Reader Role:
    az role assignment create --role "Storage Blob Data Reader" --scope "/subscriptions/$subscriptionId" --assignee $(echo $principal | jq -r .appId)

  6. If you would like to analyze Reservation costs, then assign the Reservations Reader Role:
    az role assignment create --role "Reservations Reader" --scope "/providers/Microsoft.Capacity" --assignee $(echo $principal | jq -r .appId)

    Note: To assign the 'Reservations Reader' Role, the account running these commands must have the Owner or User Access Administrator Role at the root tenant level (Elevate access to manage all Azure Subscriptions and Management Groups ), or it can be granted to the account running these commands by an elevated account:
    az role assignment create --assignee xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx --role "User Access Administrator" --scope "/" --condition-version 2.0 --condition "((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] GuidEquals 582fc458-8989-419f-a480-75249bc5db7e))"

Deploying OneIQ Pulse for Azure

  1. Go to the Azure Portal and search for Deploy a custom template.

  2. Select Build your own template in the editor.

  3. Click Load file.

  4. Select the downloaded OneIQ Pulse ARM manifest. Click Open and then Save.

  5. Create a new resource group and select the desired Region.

  6. Enter the Service Principal Id and Service Principal Token, which are the appId and password from the saved credentials above.

  7. Select the VM Size to deploy from VM Sizing Guidelines below.

  8. Click Review + Create, and ensure that the deployment is successful.

VM Sizing Guidelines

Containers + VMs

VM Size

vCPUs

Memory (GiB)

0 - 5,000

Standard_B2s

2

4

5,000 - 9,999

Standard_B2ms

2

8

10,000 - 24,999

Standard_B4ms

4

16

25,000 - 49,999

Standard_B8ms

8

32

50,000 - 74,999

Standard_B12ms

12

64

75,000 - 99,999

Standard_B16ms

16

128

For deployment guidance in a larger environment, please contact our team.

Did this answer your question?