Create Azure Application Registration

All Azure connections to Cloud Ctrl require an Application Registration in Azure Active Directory.
This registration allows Cloud Ctrl to securely access cost, usage, reservation, and savings plan data through Microsoft APIs.

Step 1. Create the App Registration

1. Sign in to the Azure Portal
2. Navigate to Microsoft Entra ID → App registrations → New registration
3. Enter a name such as Cloud Ctrl Connector
4. Supported account types: Accounts in this organizational directory only
5. Redirect URI: leave blank
6. Click Register

Step 2. Record the Credentials

After registration:

• Copy the Application (client) ID
• Copy the Directory (tenant) ID
• Under Certificates & secrets, create a New client secret and record its Value

⚠️ Keep the client secret safe — you’ll need it plus the Application ID and Client ID to connect Azure in Cloud Ctrl.

Step 3. Assign Role for Savings Plans

To allow Cloud Ctrl to read Savings Plan data:

1. In the Azure Portal, navigate to the Savings Plans page.
2. Click Role Assignments at the top of the page.
3. Click Add → Add role assignment.
4. Choose the role: Savings Plan Reader
5. Select Members: your App Registration (from earlier)
6. Click Save

⚠️ You must repeat this once per tenant.
There is currently no management group–level equivalent for this permission.

Step 4. Assign Role for Reservations

To allow Cloud Ctrl to read Reservation data:

1. Navigate to the Reservations page.
2. Click Role Assignments.
3. Click Add → Add role assignment.
4. Choose the role: Reservations Reader
5. Select Members: your App Registration (from earlier)
6. Click Save

⚠️ As with Savings Plans, this role must be added per tenant, not at the management group level.

What’s Next

• Configure Cost Management Exports →
• Automated CSP Export Setup →
• Troubleshooting Azure Connections →