βœ… How to Create an Azure Storage Account for Cost Management Export

To store Azure Cost Management exports, you need a Storage Account and at least one container to hold the exported data files (CSV or Parquet). It’s best to set this up as a dedicated, secure storage location used only for cost data.

🧱 1. Create a Storage Account

  1. In the Azure Portal, click Create a resource.
  2. Search for and select Storage account, then click Create.
  3. Choose your Subscription.
  4. Create or select a Resource Group (e.g. CostMgmt-RG or FinOps-RG).
  5. Enter a unique name for your storage account (lowercase only, no special characters).
  6. Choose a Region close to your billing team or cost analysis tools.
  7. Under Performance and Access Tier, keep the defaults:
    • Performance: Standard
    • Access tier: Hot
  8. For Account kind, use StorageV2 (general-purpose v2).

βš™οΈ 2. Choose Replication & Advanced Options

  1. Select a Replication option:
    • Locally-redundant storage (LRS) is usually sufficient.
  2. Under Advanced:
    • Disable public blob access.
    • Enable Microsoft Defender for Storage (optional).
    • Leave Encryption as Microsoft-managed unless you require a customer-managed key.
    • You may enable hierarchical namespace if using Azure Synapse, but it’s not required.

πŸ” 3. Configure Networking

  1. In the Networking tab:
    • You can allow public access, restrict to selected networks, or use a private endpoint.
    • If using a firewall, allow trusted Azure services so Cost Management can write exports.
    • Make note of firewall rules if locking down the storage account.

πŸš€ 4. Review and Create

  1. Click Review + create.
  2. Once validation passes, click Create.
  3. After deployment, go to your new Storage Account.
  4. In the left menu, click Containers > + Container.
  5. Create a new container (e.g., cost-exports).
  6. Set the public access level to Private (no anonymous access).

βœ… Result: Your storage account and container are now ready to receive cost exports.

🧯 Final Notes

  • Make sure the user or service principal creating the export has:
    • Storage Account Contributor or Owner role
    • Storage Blob Data Contributor on the container or storage account
  • If using a firewall, ensure the configuration allows Azure Cost Management to write data (see your security policy or Guide #25 if applicable).