Configure a GovCloud Account Using IAM Access Keys (SaaS and AMI)

Configure a GovCloud Account Using a Cross-Account Role (AMI only)

Onboard Your AWS Account Using the Cost and Usage Report

Onboard Your AWS Account Using the Detailed Billing Report

Create Least Privilege Policies

Create a Cross-Account Role Manually

Enable Tags for Cost Reports

Enable Detailed Billing Reports

Configure the Cost and Usage Report in AWS

Configure the Cost and Usage Report in CloudCheckr

Create a Cross-Account Role Using CloudFormation – New Console

Create a Cross-Account Role Using CloudFormation – Old Console

Create an IAM User

Create an IAM User Group

Create AWS Credentials Using IAM Access Keys

Create IAM Admin Users and Adding User to Administrator's Group

Create New AWS User & Access Keys – IAM CLI Script

Onboard Your Azure Accounts

Configure a CSP Account

Configure an EA Account

Configure an Active Directory or O365 Account

Configure a Subscription Account

Customize Your CloudCheckr Environment

Configure Your CloudCheckr Reports

View Billing Data for a Single Subscription

Edit Billing Configuration: Pay-as-You-Go Subscriptions

Azure Cost Alerts

Configure Microsoft Azure Cost Alert

Configure Microsoft Azure Costs (Percent) Alert

Configure an EA Overage Cost Alert

Azure Best Practice Report

Azure Advanced Grouping Report

Azure Alerts

Cost Reports

Inventory Reports

Security Reports

Utilization Reports

Enable Permissions for Azure Cache for Redis (Redis Cache)

Enable Permissions for Web App Backup Data

Enable Permissions for Storage Accounts

What Is a Subscription Family?

Create a Subscription Family in CloudCheckr

Configure a Subscription Family in CloudCheckr

Configure Single Sign-On for Active Directory

Azure - Generate Invoices

Azure — Reload Usage Report

Azure - Custom Credit Memos

Azure - Reserved Instance Configuration

Azure - Custom Usage Rates

Azure Custom Billing Charges

Azure – Configure Custom Cost

Configure Best Practices Check Notifications

Customize Service Limits Best Practice Checks

Best Practice Report

Create an Account in CloudCheckr

Customize Your CloudCheckr Account

Configure Notifications in CloudCheckr

Create Multi-Account Views

Create a User Group in CloudCheckr

CSV Account Upload

Reports

CloudCheckr Alerts

Bookmarks

Dashboards

Onboarding Resources

IdP-Initiated SSO

SP-Initiated SSO

SSO – Single Sign-On Setup: AWS

SSO – Single Sign-On Setup: CloudCheckr

SSO – Single Sign-On Setup: Google

SSO – Single Sign-On Setup: Okta

SSO – Single Sign-On Setup: OneLogin

SSO – Single Sign-On Setup: PingOne

User Management in Core CloudCheckr

Create a User in Core CloudCheckr

Edit a User in Core CloudCheckr

Configure What Costs Are Visible to a User

User Groups

Use the Access Control List

Select Account Types to Assign to a Group

Edit a User Group

Clone a User Group

Remove a User Group

Integration Configurations

Integration Configurations – Understanding Your Options

Integrate with Amazon SNS

Integrate with Jira

Integrate with PagerDuty

Integrate with ServiceNow

Integrate with Slack

Integrate with Syslog

CloudCheckr Metrics in AppDynamics

Extension for AppDynamics

IP Requests

New Relic Plugin

CloudCheckr Basics

CloudCheckr Basics: Billing & Cost Management Dashboard

CloudCheckr Basics: Single Month Summary

CloudCheckr Basics: Cost Alerts

CloudCheckr Basics: Cost Savings

Tags (From Detailed Billing)

Search Tags

Lookup Resources

Tagging Rules

Improperly Tagged Resources

Tag Mapping

Tag Mapping – Splitting

Copying Saved Filters

Cost Reporting

Cost Alerts

AWS Advanced Grouping Report

Consolidated Account Reserved Instance Management

List Cost Analysis

Custom Billing Charges

AWS Marketplace Product Name Tag Key

Generate Invoices

Enable Payee List Cost

Tagged/Untagged Resource Reporting

Single Day Billing Summary Report

Payee Support Charges

Consolidated Billing Report

Standard Reserved Instance Amortization

Single Month Billing Summary Report

Account Families

Reserved Instance Rebalancer

Analyzing Your AWS Marketplace Charges

Profit Analysis

Reserved Instance Management

Summarization

Reprocess Billing Reports

Spend Analysis

Historical Monthly Summary Report

Analyzing Your Reserved Instance Purchases

Partner Sys Admin Main Features

Custom Fee Based on On Demand Cost

Reserved Instances and EC2 Instance Size Flexibility

CloudCheckr List Cost

Configuring AWS Config Alerts

Billing Cost Changes Reports

Advanced Filtering Report

Cost View Report

Cost Savings

AWS Billing

AWS Partner Tools

Proportional Payee Amortization

Configure Custom Costs

Copy Billing Data (Payees)

Copy Billing Data (Account Families)

Custom Usage Rate

Custom Usage Hourly Rate

Saving Showback Report

Manage AWS Credits in CloudCheckr

AWS: L2 CUR Functionality

Create Custom Memos

AWS Savings Plans

RI Consuming Account Based Allocation

Assign Credits

Aggregate CloudTrail Collection in CloudCheckr

Sending CloudTrail Alerts to Lambda Functions

AWS Config Reports

CIS Benchmark

CloudTrail Reports

Setting Up Aggregate AWS Config Collection in CloudCheckr

Total Compliance

VPC Reports

VPC Flow Logs – Connections

VPC Flow Logs – Events

VPC Flow Logs – Setup

VPC Flow Logs – Summary

Enabling AWS Config Reports

CloudTrail Alerts

Security Groups

Security Reporting

Enabling CloudTrail Reports

Change Monitoring

Custom Reports

EC2 Reserved Instance Summary Report

IAM Summary Report

Inventory Reporting

Inventory Trending Reports: EC2 Instances

List of IAM Users Report

RDS Reserved Instance Reports

Trending

Using CloudCheckr to See What Is Running in S3

AWS Utilization

How to Set Up a CloudWatch Agent

The EC2 Instance Right Sizing Report

Right-Sizing – How to Configure User Groups and Workflows

Custom Best Practices

Automation

Copy Tags to Volumes

Copy Tags to Volumes: Configure Automation

Copy Tags to Volumes: EC2 Tags

Copy Tags to Volumes: Ignore List

Copy Tags to Volumes: Show History

Get Started with CloudCheckr's Self-Hosted Product

Configure a CPV App for an Azure CSP Commercial Account

Configure a CPV App for an Azure CSP Gov/Germany Account

Compare the AWS Self-Hosted Offerings

End of Support for CloudCheckr AMI

API User Guide

Admin API Reference Guide

API Reference Guide

API Reference Guide (Inventory)

API Reference Guide

What's New (SaaS)

What's New (Self-Hosted)

AWS: General

AWS: Assigned Credits

AWS: Cost and Billing

AWS: Monthly Rollover

AWS: Onboarding

AWS: Transition from DBR to CUR

Azure: General

Azure: Azure Plan (CSP)

CloudCheckr: General

Resources

Intro to CloudCheckr CMx

A New Experience for the Platform

SSO Overview - CloudCheckr CMx

IdP-Initiated SSO for CMx

SP-Initiated SSO for CMx

Okta

Azure Active Directory

PingOne

AWS SSO

Customization

Home Page

Header Bar

Left Navigation Pane

How To Dock/Undock CloudCheckr Content

Account Switcher

Dashboard Pane

Settings Menu

Account Hierarchy Page

Accounts

Multi-Account Views

Attributes

Access Management

Users

Roles

Permission Sets

Clients

CloudCheckr CMx Federal

CloudCheckr CMx High Security

CloudCheckr FinanceManager: Frequently Asked Questions

CloudCheckr FinanceManager Specification Sheet

Introduction

Installation

On-Premises

Azure Marketplace

Concepts

Datadate

Datasets

Program Directory

Home Directory

RDFs

Services

Azure Stack

Introduction

Accounts

Services

Summary

Overview

Rates

Adjustments

Extract

Configuration

Templates

Script Basics

Parslets

Language

aws_sign_string

basename

buffer

clear

csv

discard

encode

encrypt

escape

exit_loop

foreach

get_last_day_of

gosub

hash

http

json

loglevel

loop

match

pause

return

save

set

subroutine

terminate

unzip

uri

var

Aggregate

Append

Calculate

Capitalise

Convert

Copy

Correlate

Create

csv

Delete

Default

Export

Finish

Import

Include

Language

Lowercase

Normalise

Option

Split

Update service

Round

Replace

Where

Timerender

Var

Set

Terminate

Service

Time columns

Uppercase

Rename

Timestamp

Services

Transform

Configuration

GUI Automation

Examples

Azure-AD

Auth0

Integrate

Reports

Workflows

User Management

Users

Groups

Settings

Metadata

CloudCheckr Training and Certification

CloudCheckr Labs

All Categories > Documentation > CloudCheckr FinanceManager > Data Pipelines > Integrate > Single Sign-On > Azure-AD

Azure-AD

To add CloudCheckr FinanceManager to your Azure AD applications:

In your Azure portal, go to the Azure Active Directory service:
In the sidebar, click Enterprise applications:
Click the New application button:
Click the Non-gallery application button:
Enter a name for the new application and click the Add button.
Click the Configure single sign-on (required) button:
From the Single Sign-On Mode dropdown list, select SAML-based Sign-on:

Enter the following details on this page:

Azure-AD setting	Use value
Identifier	CloudCheckr FinanceManager Entity ID / Metadata URL endpoint
Reply URL	CloudCheckr FinanceManager Assertion Consumer Service endpoint
Show advanced URL settings	Checked
Sign on URL	Optional, you can enter URL for CloudCheckr FinanceManager interface
Relay State	Leave empty
User Identifier	Select user.mail

Click the Configure [your application name] button:

A new pane will open with instructions. Navigate to the CloudCheckr FinanceManager SAML configuration (see configuration) and copy the following options from the pane in your Azure portal:

CloudCheckr FinanceManager SAML setting	Use value
Entity ID	SAML Entity ID
SSO URL	SAML Single Sign-On Service URL
SLO URL	Sign-out URL
X-509 certificate	Download the certificate by clicking the SAML Signing Certificate - Base64 encoded link. Open the .cer file with a text editor and remove the text `-----BEGIN CERTIFICATE-----`, `-----END CERTIFICATE-----` and all line breaks so you end up with a single-line base64 encoded string

The CloudCheckr FinanceManager configuration page could look something like this:

Unfold the Advanced menu at the bottom of the screen, and paste the following JSON data:

{

            "security": {

              "wantXMLValidation": false

            }

          }

In CloudCheckr FinanceManager, click the Update button
In the Azure Portal, click the Save button
Enable Single Sign-On in CloudCheckr FinanceManager by navigating to Administration > Configuration and then clicking on the System tab.
Make sure the Single Sign-On option is set to Enabled, and click the Update button:

SSO is now configured and enabled, and you can now use Azure AD to login to your CloudCheckr FinanceManager instance. The login screen will look something like this:

By clicking on the Login button, you’ll be taken to the Azure AD login screen. CloudCheckr FinanceManager will receive the Azure AD e-mail address and create a new user with a minimal set of permissions if no existing user is found.

Azure-AD

How did we do?

Related Articles IdP-Initiated SSO for CMx IdP-Initiated SSO Azure Stack

Contact

Related Articles

IdP-Initiated SSO for CMx

IdP-Initiated SSO

Azure Stack