Anodot needs Monitoring Reader permission to analyze the usage up to the resource level to provide recommendations to optimize costs. In this article, we explain how to add permission to each subscription and associate it with the existing application.
There are two options:
- Providing permissions per subscription.
- Providing permissions for multiple subscriptions at once (Management group level).
Connecting a subscription:
- Go to the Azure Portal: https://portal.azure.com/
- Access the Subscriptions service.
- In the left navigation panel, click Access Control (IAM).
- Add a new role by clicking Add.
- In the Add role assignment screen, search for the Monitoring Reader role and add it.
- Under the Members tab, click on Select Members, search for the application name you created for Anodot during the onboarding, choose it, and click on Review + assign.
- Save the role you just created
Connecting multiple subscriptions at once:
- Go to the Azure Portal: https://portal.azure.com/
- Navigate to Management Group
- Click on your Management Group
- In the left navigation panel, click Access Control (IAM).
- Add a new role by clicking Add.
- In the Add role assignment screen, search for the Monitoring Reader role and add it.
- Under the Members tab, click on Select Members, search for the application name you created for Anodot during the onboarding, choose it, and click on Review + assign.
- Save the role you just created.
You will see all your subscriptions connected to Anodot under the Accounts > Subscriptions page after the invoice runs (automatically every day). Moreover, you will see new recommendations under the Recommendations page after the invoice run.