The Microsoft FinOps toolkit, from A to Z
A practical map of every tool in the Microsoft FinOps toolkit — workbooks, Power BI reports, FinOps hubs, the Azure Optimization Engine, PowerShell and more — and the order I would adopt them in.
Everyone working with Azure knows Cost Management. Far fewer people know that Microsoft also ships an open-source FinOps toolkit — a collection of deployable tools that take you from “I look at the invoice sometimes” to a real FinOps practice: automated reporting, optimization recommendations, governance insight and analytics at enterprise scale. All of it free (you pay only for the Azure resources some tools deploy), all of it aligned with the FinOps Framework and the FOCUS open billing-data specification.
The catch: the toolkit is a collection, not a product. Seven different tools, each solving a different problem, and the docs won’t tell you which one you actually need first. This is the map I wish I’d had — every component, what it’s for, what it costs in effort, and the order I’d roll them out.
The map
| Tool | What it gives you | Setup effort |
|---|---|---|
| Cost optimization workbook | Optimization insights in the portal | None — it’s in Azure Advisor |
| Governance workbook | Tags, quotas, compliance overview | Minutes |
| Power BI reports | Shareable cost reporting | Hours |
| FinOps hubs | Analytics platform at scale | Hours to a day |
| Azure Optimization Engine | Custom recommendation factory | Half a day |
| PowerShell + Bicep modules | Automation building blocks | As needed |
| Open data | Reference datasets for normalization | None |
1. Cost optimization workbook — start here
The single best effort-to-value ratio in the whole toolkit, because the setup is literally zero: open Azure Advisor → Workbooks → Cost Optimization in the portal. It’s an Azure Monitor workbook, driven by Azure Resource Graph queries, organized the way the Well-Architected Framework thinks about cost:
- Rate optimization — Advisor recommendations, Azure Hybrid Benefit coverage for Windows/Linux/SQL, reservation recommendations with the break-even point, commitment discount savings.
- Usage optimization — idle resources, improperly deallocated VMs (you pay for stopped-but-not-deallocated compute!), idle ExpressRoute circuits, oversized public IP setups, AKS efficiency.
Some queries even have a quick fix button that applies the remediation right from the workbook. If you do nothing else from this article, open this workbook — in most environments it finds real money in the first ten minutes.
If you want to customize it (add your own ARG queries, tweak thresholds), deploy the editable copy from the toolkit instead of using the Advisor gallery version. You’ll need Reader on every subscription you want to see — the workbook can only show what your identity can read.
2. Governance workbook — the hygiene check
Same technology, different angle: a tag explorer (find resources with/without a given tag or value — the foundation of any allocation model), subscription quota usage, Azure Policy compliance failures, and Defender for Cloud governance recommendations. Not glamorous, but allocation and tagging hygiene is where most FinOps initiatives quietly die, and this workbook makes the gaps visible.
3. Power BI reports — when reporting leaves the portal
The moment someone outside the platform team wants cost data — finance, management, application owners — portal workbooks stop being the right vehicle. The toolkit ships Power BI starter templates: Cost summary, Rate optimization (commitment discounts, savings), and a Governance report aligned with the Cloud Adoption Framework.
Two things worth knowing:
- They’re templates (.pbit), not products — Microsoft explicitly expects you to customize them. Keep what works, delete the rest, paste the queries into your own corporate reports.
- Connected directly to Cost Management exports they comfortably handle roughly $2–5M of monthly spend (depending on your Power BI license). Beyond that — or across multiple tenants — you need a proper backend, which brings us to hubs.
4. FinOps hubs — the scale tier
When exports-plus-Power-BI runs out of breath, FinOps hubs are the answer: a data pipeline that ingests FOCUS-formatted Cost Management exports into Azure Data Explorer or Microsoft Fabric, giving you KQL analytics over years of cost data, across subscriptions, billing accounts and tenants — plus an MCP server that lets AI tools query your cost data directly.
I wrote about hubs in depth (including wiring them into Azure SRE Agent for AI-driven cost investigations) in the previous post, so here just the placement logic: hubs are the right move when you need multi-scope reporting, historical trend analytics, or an AI-queryable cost backend — and you can justify from ~$120/month for the infrastructure plus ~$10 per $1M monitored.
Deployment notes that save pain later: create the All costs (FOCUS) + prices
exports in parquet with snappy compression, always create price exports before cost
exports (savings calculations depend on it), and exports must land in the
msexports container — never write directly to ingestion.
5. Azure Optimization Engine — recommendations beyond Advisor
The most underrated piece of the toolkit. AOE is an Azure Automation–based engine (runbooks + Log Analytics + a small SQL database) that generates weekly recommendations across all five Well-Architected pillars — and goes meaningfully beyond what Azure Advisor reports:
- Augmented VM right-sizing — Advisor recommendations enriched with guest-OS performance metrics and a fit score, so you can tell which recommendations are actually safe to apply.
- Waste hunting — orphaned disks and public IPs, load balancers and application gateways with no backend pool, VMs deallocated months ago and forgotten, App Service plans hosting nothing, underutilized premium SSDs and DTU-based SQL databases.
- Beyond cost — expiring service principal credentials, NSG rules pointing at deleted resources, empty subnets, availability gaps. Cost is the headline; the operational hygiene findings are the bonus.
- Commitments insight — dedicated workbooks for reservation and savings plan simulation, potential, and actual utilization (including the unused part nobody likes to talk about).
It needs about three hours after deployment to produce the first data, refreshes weekly, and you widen its scope simply by granting its managed identity Reader at a management group. Multi-tenant setups work too — Azure Lighthouse is the cleaner of the two supported approaches.
6. PowerShell module and Bicep modules — the automation glue
The FinOpsToolkit PowerShell module (PowerShell Gallery) automates what the portal
makes tedious: Deploy-FinOpsHub, New-FinOpsCostExport for creating Cost Management
exports at scale, and friends. If you manage exports for dozens of scopes, this is the
difference between an afternoon and a sprint.
The Bicep Registry modules (e.g. scheduled actions for budget alerts) let you put FinOps configuration where it belongs — in your IaC repo, versioned and reviewed like everything else. My rule: if a FinOps artifact isn’t in Git, it doesn’t exist.
7. Open data — the boring, load-bearing part
Mapping tables Microsoft publishes for free: pricing units, region name normalization,
resource type display names, FOCUS service categories, sample export files. Invisible
until you build your own reports — at which point they save you from writing the
world’s hundredth usWest2 → West US 2 lookup by hand.
The adoption path I’d actually follow
- Today: open the Cost optimization workbook in Advisor. Triage the findings; deallocate the obvious waste. Cost: zero. Same week, skim the Governance workbook’s tag explorer to see how bad allocation hygiene really is.
- This month: stand up the Power BI Cost summary report on Cost Management exports for the people who ask you about costs. Deploy AOE and let it accumulate a few weekly cycles — its right-sizing fit scores get useful with history.
- This quarter: if scale, multi-tenant reporting or AI access matters, deploy FinOps hubs and repoint Power BI at the hub. Wire cost anomaly alerts into your incident flow (previous post covers the agentic version of this).
- Continuously: codify everything — exports, budgets, scheduled actions — with the PowerShell module and Bicep modules, in Git, behind CI/CD.
The toolkit won’t do FinOps for you — accountability, unit economics and the culture part are still human work. But it removes the classic excuse: “we’d love to optimize, but first someone has to build the tooling.” Someone already did, and they open-sourced it.
Sources & further reading: FinOps toolkit overview, Cost optimization workbook, Governance workbook, Power BI reports, FinOps hubs, Azure Optimization Engine, PowerShell module, FOCUS.