Cost Management Export Api CreateOrUpdate endpoint

Stanislav Fotev 20 Reputation points
2024-01-29T06:29:57.56+00:00

Hi, I am invoking the different endpoints of the CostManagement Export API. I am successfully using the Get and Delete methods, but when I try to Create an export I get: {"error":{"code":"401","message":"Unauthorized (Request ID: 4ccbb40a-58c1-4ac6-8c1d-6a1b5c17a07c)"}}. I am using the Java SDK. The service principle has the following roles: Reader for Billing Account, Reader, Cost Manageemnt Contributor, Storage Account Contributor, Storage Blob Data Contributor, Monitoring Contributir for Root management group. I have also enabled user_impersonation premission for the Azure Service Management for the service principle. Is there some additional roles or step to be made, so I can create an export trough the service principle?

Azure Cost Management
Azure Cost Management
A Microsoft offering that enables tracking of cloud usage and expenditures for Azure and other cloud providers.
1,849 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Joseph John 0 Reputation points Microsoft Employee
    2024-02-01T18:00:11.8933333+00:00

    Hello, at what scope are you trying to create the Export?

    If it's at MCA Billing Account scope, Reader/Contributor/Owner role is sufficient for service principle. If it's at sub scope, you should have Owner/Contributor role on the sub. In addition to that, you should have Owner role (if there's firewall turned on) or Contributor role (without firewall on the storage account which is used in the Export.

    If are getting authorization errors despite having these permissions, then please raise a support ticket.

    0 comments No comments