Create cost export path using rest api

Question

Create cost export path using rest api

Padmanabhan M 220

I am using a partner network and i want to create a cost export path for my subscription using the rest api .
I referred this documentation and used this url.
"https://learn.microsoft.com/en-us/rest/api/cost-management/exports/create-or-update?view=rest-cost-management-2025-03-01&tabs=HTTP#exportcreateorupdatebysubscription"

I got this error

{
    "error": {
        "code": "BadRequest",
        "message": "Request properties validation failed: Export type: ActualCost is not supported for Agreement Type: WebDirect and Subscription."
    }
}

Padmanabhan M 220 Reputation points

2026-02-02T12:18:36.35+00:00

Hi @Siva shunmugam Nadessin

Currently I am using this type of subscription, MCA (Microsoft Customer Agreement).
Siva shunmugam Nadessin 10,810 Reputation points Microsoft External Staff Moderator

2026-02-02T13:26:56.3633333+00:00
Hello Padmanabhan M,

Thank you for the clarification! Since you're using an MCA (Microsoft Customer Agreement) subscription, the issue you're encountering could still relate to the specific export type and its availability based on the type of subscription and the data that Azure Cost Management can provide for MCA.

Issue Recap:

You are receiving the error:

"Export type: ActualCost is not supported for Agreement Type: WebDirect and Subscription."

This message indicates that the "ActualCost" export type is not supported for your subscription type (WebDirect). However, since you're actually using MCA (Microsoft Customer Agreement), it's important to check whether ActualCost is supported under the MCA agreement.

Possible Solutions:

1. Verify the Support for "ActualCost" under MCA

The MCA agreement should have broader support for cost data export features, including the "ActualCost" export type, but there may be specific restrictions or configurations required for MCA.

Ensure that you're using the correct api-version for Cost Management. The error might be related to the API version you are using, so try to confirm if a newer version supports "ActualCost" or whether the version you're using is deprecated.

2. Change Export Type to Supported Alternatives

If ActualCost is not supported for your MCA subscription due to some service limitations, you can still create cost exports using other available export types like:

Usage: This export type is more general and should work for MCA.

AmortizedCost: If you're interested in amortized costs over time.

Forecast: For predicting future costs based on historical data.

You can update your request to use one of these supported export types. Here's an example of changing from ActualCost to Usage:

{ "properties": { "scope": "/subscriptions/{subscriptionId}", "deliveryInfo": { "destination": { "container": "https://yourstorageaccount.blob.core.windows.net/yourcontainer", "format": "Csv" }, "frequency": "Monthly" }, "exportType": "Usage" // Switch from ActualCost to Usage or AmortizedCost } }

The exportType could be set to one of these alternatives:

Usage

AmortizedCost

Forecast

3. Ensure Correct Permissions for MCA

With MCA, you may need additional permissions for Cost Management and Billing API access.

Verify that your user account or service principal has the required permissions, such as Cost Management Contributor or Billing Reader, to set up and manage cost exports.

4. Check API Version

Ensure that you're using the correct API version. In your example, you're using the API version 2025-03-01, which should be current, but you might want to check if a more specific or newer version of the API supports all features for MCA.

Try using a more stable version like 2023-10-01 if the current API version (2025-03-01) has issues with MCA.

Example of specifying the API version:

POST https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.CostManagement/exports/{exportName}?api-version=2023-10-01

Example API Request to Create an Export Path with Usage (for MCA):

Here’s an example of how to modify your API request to avoid the ActualCost export type issue:

POST https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.CostManagement/exports/{exportName}?api-version=2025-03-01

Headers:

Authorization: Bearer {access_token}

Content-Type: application/json

Request Body (with Usage as export type):

{ "properties": { "scope": "/subscriptions/{subscriptionId}", "deliveryInfo": { "destination": { "container": "https://yourstorageaccount.blob.core.windows.net/yourcontainer", "format": "Csv" }, "frequency": "Monthly" }, "exportType": "Usage" // Update to "Usage" or "AmortizedCost" } }

Final Considerations:

Export Types: The most common export types for MCA subscriptions should include Usage or AmortizedCost, and ActualCost may require certain configurations or might not be available depending on your subscription setup.

Permissions: Make sure you have the necessary permissions to manage cost exports on your MCA subscription.

API Versioning: Be mindful of using the latest or most stable API version that fully supports MCA agreements.

Let me know if you'd like further help on how to proceed with a specific export type or a different approach!
Padmanabhan M 220 Reputation points

2026-02-04T05:03:27.9566667+00:00
Hi @Siva shunmugam Nadessin

I created a export path using this

curl --location --request PUT 'https://management.azure.com/subscriptions/b0e5e124-3383-42da-827e-41696de7a945/providers/Microsoft.CostManagement/exports/demo-export?api-version=2025-03-01' \

--header 'Content-Type: application/json' \

--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IlBjWDk4R1g0MjBUMVg2c0JEa3poUW1xZ3dNVSIsImtpZCI6IlBjWDk4R1g0MjBUMVg2c0JEa3poUW1xZ3dNVSJ9.eyJhdWQiOiJodHRwczovL21hbmFnZW1lbnQuYXp1cmUuY29tLyIsImlzcyI6Imh0dHBzOi8vc3RzLndpbmRvd3MubmV0L2Q5MGE0Yzg3LTkxZjQtNGFmMi04ZWVkLWU3MGU2NGY4OWNiZC8iLCJpYXQiOjE3NzAwOTM0OTUsIm5iZiI6MTc3MDA5MzQ5NSwiZXhwIjoxNzcwMDk3OTE3LCJhY3IiOiIxIiwiYWNycyI6WyJwMSJdLCJhaW8iOiJBYVFBVy84YkFBQUFZV3JLVm12VnQ3OWZOOUdTUHdUMHc0aXlVcmFUbEZxc3M2SzJGWm1YU3dmVmpLYmVuMXlJU0dCSHVwcytNN05NaGVSM0pVWXlHNlBLeDFYUWtRYzdPQTdibGF2Q2p5RG0yK1BkNWVmdnZKdmF1SDh1WDlGQzFBNmlKTVM0V01lRDhUcEh4b1F3elZEMkdPNXdEdTFBVEtmSXBpRTgxV2ttclk1SWVTMmR5VWZyOGswSlN2eEdVRjFEMnZxa01qaWdSemFFL1lISkJGdFBMVmpNeHY1dzFnPT0iLCJhbXIiOlsicnNhIiwibWZhIl0sImFwcGlkIjoiMDRiMDc3OTUtOGRkYi00NjFhLWJiZWUtMDJmOWUxYmY3YjQ2IiwiYXBwaWRhY3IiOiIwIiwiZGV2aWNlaWQiOiJlN2I0MzgzYy1lNzM5LTQwYTctYjM0Yy05NjM4MjM5YzRjNTIiLCJmYW1pbHlfbmFtZSI6Ik1hbmlja2F2YXNhZ2FtIiwiZ2l2ZW5fbmFtZSI6IlBhZG1hbmFiaGFuIiwiZ3JvdXBzIjpbIjY1OTlhNTNjLTMyZjUtNGYwNi04N2ViLThhZWQxZDBiNDA2NCIsIjdhMzc3Mjk5LTVhM2MtNDEzYS1iMzQ2LWZiODQ5YjI3Yjg1ZiJdLCJpZHR5cCI6InVzZXIiLCJpcGFkZHIiOiIxMDMuMTgyLjY4LjI0NSIsIm5hbWUiOiJQYWRtYW5hYmhhbiAgTWFuaWNrYXZhc2FnYW0iLCJvaWQiOiJlZjgyNmFhNC02NDc4LTQ3ZTYtYmMzMC02YzczZjFkOThlZTIiLCJwdWlkIjoiMTAwMzIwMDNCM0NDNDFDOSIsInB3ZF91cmwiOiJodHRwczovL2dvLm1pY3Jvc29mdC5jb20vZndsaW5rLz9saW5raWQ9MjIyNDE5OCIsInJoIjoiMS5BVGdBaDB3SzJmU1I4a3FPN2VjT1pQaWN2VVpJZjNrQXV0ZFB1a1Bhd2ZqMk1CUDBBQlk0QUEuIiwic2NwIjoidXNlcl9pbXBlcnNvbmF0aW9uIiwic2lkIjoiNjI2MmNkYjAtMzc5ZC00OGZhLWFkYzYtMzUyMjk3NzEwYzhiIiwic3ViIjoiT0IxUWtXb19SMjdhcFh6ekhBYWNMbHZsQ3pRNFQ1eEZqOHY0cVM3TUJjMCIsInRpZCI6ImQ5MGE0Yzg3LTkxZjQtNGFmMi04ZWVkLWU3MGU2NGY4OWNiZCIsInVuaXF1ZV9uYW1lIjoicGFkbWFuYWJoYW5tQGFtYWRpc2dsb2JhbC5jb20iLCJ1cG4iOiJwYWRtYW5hYmhhbm1AYW1hZGlzZ2xvYmFsLmNvbSIsInV0aSI6IkxEdlF2cU1tdTBpVm56OFJnRGhiQUEiLCJ2ZXIiOiIxLjAiLCJ3aWRzIjpbImI3OWZiZjRkLTNlZjktNDY4OS04MTQzLTc2YjE5NGU4NTUwOSJdLCJ4bXNfYWN0X2ZjdCI6IjMgNSIsInhtc19mdGQiOiJsT0NReFZBeDVMUHphbXVVYjZCQWdkWnluWWZxZFdoTFNUX1pELWZpaUw4QmRYTnViM0owYUMxa2MyMXoiLCJ4bXNfaWRyZWwiOiIyNCAxIiwieG1zX3N1Yl9mY3QiOiIxMiAzIiwieG1zX3RjZHQiOjE1NDMzNzE4ODd9.YVtPnEFu1r4LnZF3ynZxAzVTHt3I9sBZBlmK8ZzLA-jS6rniUFdWVX8p4MhNLL61EwGvj9NL-QGzvrWES_jfoaK38xnU3QauFqFGzor_kOkaMT_1BGMgZzlb-vdpNuynGhk_ho-h_qzbsdMcnPh9il3X04H1h3gyuWJv9GF_TC_8ZGoggSLLYHq7_ylk5703JtLJVcDWTvHhiBO0JSi-5322SHoA_sxHhdxZujxXxc7V_w7vfBnx9wpZ0nwTSfVZT3SttW8cgfbRQhBlN5nf7qyCwESvEZaWIL0iu5waFZmW5mZqnP23V071fNEWeJWl0jGnQ5mtEqKJV0e9ihrfjw' \

--data '{

"location": "centralus",

"properties": {

"format": "Csv", "compressionMode": "gzip", "dataOverwriteBehavior": "OverwritePreviousReport", "definition": { "type": "ActualCost", "dataSet": { "granularity": "Daily" }, "timeframe": "MonthToDate" }, "deliveryInfo": { "destination": { "type": "AzureBlob", "container": "exports", "resourceId": "/subscriptions/3478efe7-73ed-445e-9480-f8e6ad16db7b/resourceGroups/padmanabhan-azure-policy/providers/Microsoft.Storage/storageAccounts/padmanabhanaccount", "rootFolderPath": "ad-hoc" } }, "exportDescription": "This is a test export.", "partitionData": true, "schedule": { "recurrence": "Daily", "recurrencePeriod": { "from": "2026-02-03T00:00:00Z", "to": "2026-02-25T00:00:00Z" }, "status": "Active" }

}

}'

Whether the export path url can be returned in the result?

Otherwise how we can get it automatically?
Siva shunmugam Nadessin 10,810 Reputation points Microsoft External Staff Moderator

2026-02-04T09:03:33.5266667+00:00
Hello Padmanabhan M,

The reason you are not seeing “export path URL” in the API response is because Azure Cost Management Exports API does not return a direct export file URL in the PUT response. This is by design and confirmed in Microsoft Learn documentation. The API only stores the destination configuration (storage account, container, rootFolderPath) and run history metadata. It never returns the final blob URL.

Why Azure does NOT return the URL

When you create or update an export (PUT /exports/{name}):

Azure stores:

container

rootFolderPath

export name

schedule

storage account resourceId

format (CSV/GZIP)

But Azure does not calculate the final blob file path at creation time.

The final result path is only known after the export job actually runs, because every execution generates:

A YYYYMMDD–YYYYMMDD folder

A unique RunID folder under it

Therefore, Azure cannot return the final URL in the create/update response.

How to Automatically Retrieve the Export File Path

This is the correct and only programmatic method supported by Microsoft.

Step 1 — Get Export Delivery Info (container, rootFolderPath)

Call:

GET https://management.azure.com/subscriptions/{subId}/providers/Microsoft.CostManagement/exports/{exportName}?api-version=2025-03-01

This returns:

container

rootFolderPath

resourceId (storage account)

Step 2 — Get the latest RunID from Execution History

Call:

GET .../exports/{exportName}/runHistory?api-version=2025-03-01

This API gives:

latest RunID

timePeriod (export month window)

run status

This gives you the exact folder naming pattern:

/container/rootFolderPath/exportName/YYYYMMDD-YYYYMMDD/RunID/

Folder structure confirmed by MS documentation.

Step 3 — Construct the final Blob URL

You derive it from:

Storage account name (parsed from resourceId)

container

rootFolderPath

exportName

timePeriod folder

latest RunID

Example final URL format:

https://{storageAccount}.blob.core.windows.net/{container}/{rootFolderPath}/{exportName}/{20260201-20260203}/{runId}/

Azure never returns this as a single property; it must be derived as documented.

Alternative Automatic Method

If you want to directly read the list of export files:

Use Azure Storage Blob List API with prefix:

prefix = rootFolderPath/exportName/

This will return all:

Monthly period folders

RunID folders

manifest.json

CSV files

Try switching to:

"type": "Usage" (supported)

"type": "AmortizedCost" (sometimes supported)

Reference:

·         Plan and manage costs for Azure Blob Storage | Microsoft Learn

·         Exports - Execute - REST API (Azure Cost Management) | Microsoft Learn

·         Microsoft.CostManagement/exports 2024-08-01 - Bicep, ARM template & Terraform AzAPI reference | Microsoft Learn

Let me know if you have queries?
Padmanabhan M 220 Reputation points

2026-02-04T09:56:59+00:00

Hii @Siva shunmugam Nadessin

Is there any rest api to get the export path for a specified subscription in a storage account?
Siva shunmugam Nadessin 10,810 Reputation points Microsoft External Staff Moderator

2026-02-04T10:58:38.1666667+00:00
Hello Padmanabhan M,

Yes — Azure Cost Management does provide a REST API to retrieve the export path for a subscription, but not directly as a “get path only” API. Instead, you retrieve the export definition, which contains the storage account, container, and folder path where exports are delivered.

REST API to Get Export Path

Use the Exports – Get API:

GET https://management.azure.com/{scope}/providers/Microsoft.CostManagement/exports/{exportName}?api-version=2025-03-01

Scope can be:

/subscriptions/{subscriptionId}

/subscriptions/{subscriptionId}/resourceGroups/{rgName}

management group, billing account, etc.

The response includes the storage export path:

properties.deliveryInfo.destination.resourceId → Storage account resource ID

properties.deliveryInfo.destination.container → Container name

properties.deliveryInfo.destination.rootFolderPath → Folder path

Example from Microsoft Learn: Shows container, resourceId, and rootFolderPath in the export definition.

Reference:

Exports - Get - REST API (Azure Cost Management) | Microsoft Learn

Example Response Snippet

JSON

"deliveryInfo": { "destination": { "container": "exports", "resourceId": "/subscriptions/<sub-id>/resourceGroups/<rg-name>/providers/Microsoft.Storage/storageAccounts/<storageAccount>", "rootFolderPath": "ad-hoc" } }

Show more lines

So your export path in the storage account becomes:

https://<storageAccount>.blob.core.windows.net/<container>/<rootFolderPath>/

To List All Exports

You can also use:

GET https://management.azure.com/{scope}/providers/Microsoft.CostManagement/exports?api-version=2025-03-01

This returns all exports at subscription scope.

Reference:

Exports - REST API (Azure Cost Management) | Microsoft Learn

There is no API that returns only the path without retrieving the export definition

So the only method is:

1. List or get export definition → 2. Extract destination path fields

Which is the correct and supported approach.

Yes — Azure Cost Management does provide a REST API to retrieve the export path for a subscription, but not directly as a “get path only” API.
Instead, you retrieve the export definition, which contains the storage account, container, and folder path where exports are delivered.

REST API to Get Export Path

Use the Exports – Get API:

GET https://management.azure.com/{scope}/providers/Microsoft.CostManagement/exports/{exportName}?api-version=2025-03-01

Scope can be:

/subscriptions/{subscriptionId}

/subscriptions/{subscriptionId}/resourceGroups/{rgName}

management group, billing account, etc.

The response includes the storage export path:

properties.deliveryInfo.destination.resourceId → Storage account resource ID

properties.deliveryInfo.destination.container → Container name

properties.deliveryInfo.destination.rootFolderPath → Folder path

Example from Microsoft Learn:
Shows container, resourceId, and rootFolderPath in the export definition.

Reference:

Exports - Get - REST API (Azure Cost Management) | Microsoft Learn

Example Response Snippet

JSON

"deliveryInfo": { "destination": { "container": "exports", "resourceId": "/subscriptions/<sub-id>/resourceGroups/<rg-name>/providers/Microsoft.Storage/storageAccounts/<storageAccount>", "rootFolderPath": "ad-hoc" } }

Show more lines

So your export path in the storage account becomes:

https://<storageAccount>.blob.core.windows.net/<container>/<rootFolderPath>/

To List All Exports

You can also use:

GET https://management.azure.com/{scope}/providers/Microsoft.CostManagement/exports?api-version=2025-03-01

This returns all exports at subscription scope.

Reference:

Exports - REST API (Azure Cost Management) | Microsoft Learn

There is no API that returns only the path without retrieving the export definition

So the only method is:

1. List or get export definition → 2. Extract destination path fields

Which is the correct and supported approach.
Padmanabhan M 220 Reputation points

2026-02-04T11:41:17.11+00:00

Hi @Siva shunmugam Nadessin
It is getting the details based on the exportName but i need to get the path or details based on the storage account name for a subscription. Whether this can be done?
Siva shunmugam Nadessin 10,810 Reputation points Microsoft External Staff Moderator

2026-02-04T11:44:43.0333333+00:00
Hello Padmanabhan M,

You're right — the Cost Management Exports REST API cannot query exports by storage account. It only supports querying by exportName, not reverse‑lookup by storage account.

But here is the truth and the only working method:

What You Can Do Instead (the only supported method)

To find all exports that deliver to a specific Storage Account, you must:

Step 1 — List all exports under the subscription

GET https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.CostManagement/exports?api-version=2025-03-01

This returns all export definitions for that subscription. The REST API supports listing exports at any scope.

Reference:

Exports - REST API (Azure Cost Management) | Microsoft Learn

Step 2 — Filter the results for the Storage Account

Every export definition includes:

properties.deliveryInfo.destination.resourceId

properties.deliveryInfo.destination.container

properties.deliveryInfo.destination.rootFolderPath

Example from official API:

resourceId → storage account

container → blob container

rootFolderPath → export folder

Reference

Exports - Get - REST API (Azure Cost Management) | Microsoft Learn

So you must:

Loop through all exports returned in the list

Check if destination.resourceId contains your Storage Account name Example:

"/subscriptions/.../resourceGroups/.../providers/Microsoft.Storage/storageAccounts/<yourStorageAccount>"

What is NOT possible

There is no REST API that lets you:

Query exports by storage account

Retrieve export paths directly from storage account

Lookup export definitions using only container name

The API does not support reverse mapping. You must use the List API and filter manually.

Sample PowerShell script (works today)

PowerShell $subId = "<subscriptionId>" $storage = "<yourStorageAccountName>" $uri = "https://management.azure.com/subscriptions/$subId/providers/Microsoft.CostManagement/exports?api-version=2025-03-01" $token = (Get-AzAccessToken).Token $headers = @{ Authorization = "Bearer $token" } $result = Invoke-RestMethod -Uri $uri -Headers $headers -Method GET $exports = $result.value | Where-Object { $_.properties.deliveryInfo.destination.resourceId -match $storage } $exports | Select-Object name, @{n="StorageAccount";e={$_.properties.deliveryInfo.destination.resourceId}}, @{n="Container";e={$_.properties.deliveryInfo.destination.container}}, @{n="Path";e={$_.properties.deliveryInfo.destination.rootFolderPath}}

This returns all export paths associated with the storage account.

As there is no action item from our end please click "Accept Answer" & “Upvote it” and this helps other community members who may encounter a similar issue in the future.
mujahid hussain 0 Reputation points

2026-02-04T16:31:56.0766667+00:00

ActualCost exports are not supported for WebDirect subscriptions.

For Pay-As-You-Go / Partner Network subscriptions, only AmortizedCost and Usage export types are supported.

This is a platform limitation, not an API issue.
Padmanabhan M 220 Reputation points

2026-02-06T10:42:38.24+00:00

Hi @Siva shunmugam Nadessin

It is showing some client error. Even after the "Cost management contributor" role is assigned.
{

    "error": {

        "code": "RBACAccessDenied",

        "message": "The client does not have authorization to perform action. Request ID: 8c024f48-a52c-43bf-9f16-573a2da76de4"

    }

}
Siva shunmugam Nadessin 10,810 Reputation points Microsoft External Staff Moderator

2026-02-06T12:37:25.0033333+00:00
Hello Padmanabhan M,

This happens before the export is created—meaning the Azure AD principal in your bearer token does NOT have enough RBAC permissions on either:

1. The Cost Management export resource (subscription level)

OR

2. The Storage Account used as destination

Your payload is valid. The failure is purely authorization.

Why It Fails

To create or update a Cost Management Export, the identity must have:

Required Permission at Subscription Level

Your request is being made against:

PUT /subscriptions/b0e5e124-<PII removed>/providers/Microsoft.CostManagement/exports/demo-export

Your token likely does not have Cost Management privileges on this subscription.

Required Permission on Storage Account

On the destination storage account:

/subscriptions/3478efe7-<PII Removed>/resourceGroups/padmanabhan-azure-policy/providers/Microsoft.Storage/storageAccounts/padmanabhanaccount

Your identity must have:

How to Verify

Run:

Check subscription access

az role assignment list --assignee <your-oid>

Does NOT include:

Cost Management Contributor

→ This is why it fails.

Check storage account access

az role assignment list --assignee <your-oid> \ --scope "/subscriptions/3478efe7-<PII Removed>/resourceGroups/padmanabhan-azure-policy/providers/Microsoft.Storage/storageAccounts/padmanabhanaccount"

If Storage Blob Data Contributor is missing → this is also a blocker.

Fix

Assign roles to your user/service principal.

At subscription level

az role assignment create \ --role "Cost Management Contributor" \ --assignee <principalId> \ --scope "/subscriptions/b0e5e124-<PII Removed>"

On storage account

az role assignment create \ --role "Storage Blob Data Contributor" \ --assignee <principalId> \ --scope "/subscriptions/3478efe7-73ed-445e-9480-f8e6ad16db7b/resourceGroups/padmanabhan-azure-policy/providers/Microsoft.Storage/storageAccounts/padmanabhanaccount"

Important Note

Your export is created in Subscription A:

b0e5e124-<PII Removed>

but delivery is to a storage account in Subscription B:

3478efe7-<PII Removed>

Your identity must have access on both subscriptions.

After Fixing RBAC, Re-run your exact same curl and it will succeed.
Padmanabhan M 220 Reputation points

2026-02-06T12:49:50.0366667+00:00

Subscription A has the "Cost Management Contributor" role where export is created.
Subscription B has "Storage Blob Data Contributor" role where storage account is created.

Whether it is enough?
Siva shunmugam Nadessin 10,810 Reputation points Microsoft External Staff Moderator

2026-02-09T18:05:09.7566667+00:00

Hello Padmanabhan M,

To resolve this, follow these steps:

Grant the necessary permissions to the Storage Account in Subscription B:

Assign the Storage Account Contributor role to the user/service principal (the identity performing the export) at the Storage Account level in Subscription B. This role provides the necessary permissions to the export process to create the cost export in the destination storage account.

Verify Role Assignments:

·         Ensure that the user/service principal performing the cost export in Subscription A has the Cost Management Contributor role.

·         In Subscription B, assign the Storage Account Contributor role at the storage account level for the user/service principal performing the export operation.

Steps to Grant Permissions:

·         Assign Storage Account Contributor Role in Subscription B:

·         Navigate to Subscription B > Storage Account.

·         In the IAM (Identity and Access Management) section, add the Storage Account Contributor role to the user/service principal performing the operation.

Assign Cost Management Contributor Role in Subscription A:

If you haven't already, ensure the Cost Management Contributor role is assigned to the appropriate identity on Subscription A.

Verify Cross-Subscription Access:

Cross-subscription role assignments are sometimes tricky. Double-check the effective permissions using the Access Control (IAM) section in both subscriptions to ensure that the roles have been assigned properly.

Testing and Retry:

After updating the permissions, retry the cost export operation. The export process should now have the necessary permissions to write to the storage account in Subscription B.

Conclusion:

To fix the issue, the user/service principal executing the export in Subscription A needs to have the Storage Account Contributor role on the storage account in Subscription B. Additionally, ensure that the Cost Management Contributor role is properly assigned to the identity in Subscription A. After these adjustments, the export should proceed without the RBACAccessDenied error.

Answer accepted by question author

Siva shunmugam Nadessin 10,810 Microsoft External Staff Moderator

Hello Padmanabhan M,

To resolve this, follow these steps:

Grant the necessary permissions to the Storage Account in Subscription B:

Assign the Storage Account Contributor role to the user/service principal (the identity performing the export) at the Storage Account level in Subscription B. This role provides the necessary permissions to the export process to create the cost export in the destination storage account.

Verify Role Assignments:

· Ensure that the user/service principal performing the cost export in Subscription A has the Cost Management Contributor role.

· In Subscription B, assign the Storage Account Contributor role at the storage account level for the user/service principal performing the export operation.

Steps to Grant Permissions:

· Assign Storage Account Contributor Role in Subscription B:

· Navigate to Subscription B > Storage Account.

· In the IAM (Identity and Access Management) section, add the Storage Account Contributor role to the user/service principal performing the operation.

Assign Cost Management Contributor Role in Subscription A:

If you haven't already, ensure the Cost Management Contributor role is assigned to the appropriate identity on Subscription A.

Verify Cross-Subscription Access:

Cross-subscription role assignments are sometimes tricky. Double-check the effective permissions using the Access Control (IAM) section in both subscriptions to ensure that the roles have been assigned properly.

Testing and Retry:

After updating the permissions, retry the cost export operation. The export process should now have the necessary permissions to write to the storage account in Subscription B.

Conclusion:

To fix the issue, the user/service principal executing the export in Subscription A needs to have the Storage Account Contributor role on the storage account in Subscription B. Additionally, ensure that the Cost Management Contributor role is properly assigned to the identity in Subscription A. After these adjustments, the export should proceed without the RBACAccessDenied error.

Siva shunmugam Nadessin 10,810 Reputation points Microsoft External Staff Moderator

2026-02-11T12:12:57.2133333+00:00

Hello Padmanabhan M,

Just checking in to see if the solution shared above help you to resolve your issue. please reach out to us If you have any further questions.

Thanks

1 additional answer

Your answer

Padmanabhan M 220 Reputation points

2026-02-02T12:18:36.35+00:00

Hi @Siva shunmugam Nadessin

Currently I am using this type of subscription, MCA (Microsoft Customer Agreement).
Padmanabhan M 220 Reputation points

2026-02-04T09:56:59+00:00

Hii @Siva shunmugam Nadessin

Is there any rest api to get the export path for a specified subscription in a storage account?
Padmanabhan M 220 Reputation points

2026-02-04T11:41:17.11+00:00

Hi @Siva shunmugam Nadessin
It is getting the details based on the exportName but i need to get the path or details based on the storage account name for a subscription. Whether this can be done?
mujahid hussain 0 Reputation points

2026-02-04T16:31:56.0766667+00:00

ActualCost exports are not supported for WebDirect subscriptions.

For Pay-As-You-Go / Partner Network subscriptions, only AmortizedCost and Usage export types are supported.

This is a platform limitation, not an API issue.
Padmanabhan M 220 Reputation points

2026-02-06T10:42:38.24+00:00

Hi @Siva shunmugam Nadessin

It is showing some client error. Even after the "Cost management contributor" role is assigned.
{

"error": {

"code": "RBACAccessDenied",

"message": "The client does not have authorization to perform action. Request ID: 8c024f48-a52c-43bf-9f16-573a2da76de4"

}

}
Padmanabhan M 220 Reputation points

2026-02-06T12:49:50.0366667+00:00

Subscription A has the "Cost Management Contributor" role where export is created.
Subscription B has "Storage Blob Data Contributor" role where storage account is created.

Whether it is enough?
Siva shunmugam Nadessin 10,810 Reputation points Microsoft External Staff Moderator

2026-02-11T12:12:57.2133333+00:00

Hello Padmanabhan M,

Just checking in to see if the solution shared above help you to resolve your issue. please reach out to us If you have any further questions.

Thanks

Answer 1

AI answer

The error message you received indicates that the export type ActualCost is not supported for your Agreement Type, which is WebDirect and Subscription. To resolve this issue, you should check the supported export types for your specific agreement type.

For example, the available export types may vary based on the type of agreement you have (like Enterprise Agreement, Microsoft Customer Agreement, etc.). You may need to use a different export type that is compatible with your agreement.

To create a cost export path using the REST API, ensure that you are selecting an export type that is valid for your agreement type. You can refer to the documentation for more details on the supported export types for different agreement types.

Additionally, if you are using a management group scope, be aware that certain datasets may not be supported, and you should ensure that your export configurations align with the requirements outlined in the Azure Cost Management documentation.

References:

AI-generated content may be incorrect. Read our transparency notes for more information.

Share via

Create cost export path using rest api

1 additional answer

Your answer