PRODUCT ARCHITECTURE
Read-only Azure cost audits,
to verified action.
Costframe connects to Azure read-only, normalizes daily cost data, detects cloud waste, prices each finding at your net rate, and tracks savings until they show up in the bill.
How Costframe works
Seven steps from connection to realized savings. Each one leaves an audit trail your engineering and finance teams can check.
Read-only access
Create a Service Principal with Reader and Cost Management Reader roles. You restrict the scope to specific subscriptions; Azure's security model enforces it.
Unified ledger
Costframe ingests daily ActualCost records, resource inventory, and tags into one normalized ledger per organization. One queryable source of truth.
More than 20 detectors
More than 20 detectors evaluate utilization over time and resource state to catch idle and oversized compute, stopped-but-billing VMs, unattached disks, unused public IPs, and more.
Actual negotiated net rates
Savings are quoted at your net rate. Costframe applies your organization discount and the weekly-synced Azure Retail Prices catalog, not generic retail estimates.
Evidence attached
Every finding carries the CPU utilization history and price references behind it. Engineers review with the same numbers Costframe used.
Resolve with confidence
Each finding states the recommended change and your team executes it. Costframe holds no write access, so every change stays in your hands.
Invoice reconciliation
Resolved findings are tracked against the daily cost sync, so realized savings reflect what Azure actually bills, not what a model predicted.
Real-world audit evidence, styled like a ledger.
No black-box recommendations. Each finding reads like a verification sheet: the CPU baseline, the current and recommended SKU, and the catalog price reference behind the savings number.
Telemetry-verified baselines
Findings cite CPU utilization from Azure Monitor, so an oversized VM is proven by its own history, not guessed from its size.
Clear engineering owners
Findings carry their resource group and tags, so the owning team can pick them up without a hunt through the portal.

Cost Explorer · Illustrative Savings Model
Net Discount vs. Retail List Reconciliation
Net price aware optimization.
Generic optimization tools quote savings at Azure retail list prices. If you have an Enterprise Agreement or partner discount, those numbers are wrong for you.
Costframe applies your organization discount to quote each recommendation at the post-discount rate you are actually invoiced. The list price is shown alongside, never counted twice.
Can't I just use ChatGPT, Gemini, or Copilot to find these savings?
You can get a rough one-off estimate that way, but not a number finance will sign off on. A general AI assistant prices against Azure list rates rather than your negotiated net rate, has no verified utilization data behind its claims, and would need ongoing access to your production tenant to stay current. Costframe attaches the resource ID, utilization history, and price math to every finding, prices at your net rate, and reconciles realized savings against the actual invoice.
Compare Costframe with general AI assistants →# acceptable scopes (read-only)
Reader
Cost Management Reader
# rejected scopes (contributor)
Owner, Contributor, or write access
# cryptography standards
AES-256-GCM · stored encrypted at rest
Decrypted strictly inside isolated worker nodes04 · TRUST BOUNDARIES
Read-only by design.
Costframe requests two roles: Reader and Cost Management Reader. The Azure clients contain no write paths, so no person or process on our platform can deploy, shut down, modify, or delete a resource in your tenant.
Read the security architecture →Turn cloud waste into a verified action list.
Grant Reader and Cost Management Reader, run the first audit, and review the findings with engineering and finance at the same table.
