Now that you deploy Cloudyn (see the other article), we will connect our AWS environment to have only one interface, to manage cost for all our cloud provider subscription.
Be careful, from June, this interface will not be free anymore for AWS. It’ll cost you 1% of your annual subscription consumption.
On your Cloudyn dashboard, add a new AWS account:
Get the Account ID and the External ID. We will need it to create a new role in AWS console:
Go to your AWS console, in IAM > Roles and click on Create role:
Choose Another AWS account and provide the Account ID and External ID that you get before:
For the permissions, give the ReadOnlyAccess permission:
Give a name for this role:
The new role has been created. Click on it to get the Role ARN:
Copy the Role ARN:
Provide this ARN in your Cloudyn console, where you added a new account:
The account has been added correctly:
We need a S3 bucket to store information of billing. In Services, select Amazon S3 and choose to create a new bucket:
Provide a name, choose a region and create it:
In Permissions of the bucket, click on Bucket policy:
Provide values for ARN and the account name for your bucket:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 |
{ "Version": "2008-10-17", "Id": "Policy1335892530063", "Statement": [ { "Sid": "Stmt1371369161819", "Effect": "Allow", "Principal": { "AWS": "The ARN that you created previously" }, "Action": [ "s3:List*", "s3:Get*" ], "Resource": "arn:aws:s3:::The name of your bucket/*" }, { "Sid": "Stmt1335892150622", "Effect": "Allow", "Principal": { "AWS": "The ARN of the root account, that has access to the billing" }, "Action": [ "s3:GetBucketAcl", "s3:GetBucketPolicy" ], "Resource": "arn:aws:s3:::The name of your bucket" }, { "Sid": "Stmt1335892526596", "Effect": "Allow", "Principal": { "AWS": "The ARN of the root account, that has access to the billing " }, "Action": "s3:PutObject", "Resource": "arn:aws:s3:::The name of your bucket/*" } ] } |
When it’s done, go to the preferences of the account, and check the box Receive Billing Reports. Choose the S3 bucket where report will be sent. Click on Verify to see if the permissions of the root account are ok for this bucket. If permissions are wrong, you’ll have an error message. Check the 4 boxes to send details reports to your bucket, every hour:
After some time, in Cloudyn, the status will pass to Completed:
Go back to the Cloudyn console 24 hours later, and you should be able to see some data:
Select AWS part to have a better view:
You can now see the cost and the using of the cost:
It’s a very interesting service to have a better view than the AWS interface 😊
