Most Azure cost fights are not really about Azure. They are about ownership.
A shared firewall, central Log Analytics workspace, landing zone subscription, or platform team runbook can touch ten workloads at once. If those charges land in one subscription and nowhere else, finance gets a distorted picture, app teams stop trusting the report, and platform teams get treated like a dumping ground for everyone else's spend.
The fix is not to force every cost into a complicated spreadsheet. The fix is to agree on a simple operating model: direct assign where you can, inherit ownership metadata where you should, and allocate only the costs that are truly shared. Then publish the result the same way every month.
Inside this playbook • The three cost buckets that keep allocation sane • A practical rule set for direct, inherited, and allocated costs • How to use Azure tags, tag inheritance, exports, and cost allocation rules together • How to handle platform services, app services, overhead, and commitment discounts • A month-end reconciliation loop that people can actually trust |