AWS Cost Monitoring is based on the collected data from CUR files.
This article describes how to enable the creation of a data source and cross-account AWS role to provide Anodot with access to the CUR files, and includes the following:
- Creating CUR report files in AWS
- Providing read access for Anodot
- Creating a cross-account AWS role and CUR cost monitoring source in Anodot
Creating CUR report files in AWS
- Determine the destination bucket for the CUR reports. This could be an existing S3 bucket or a new one you create especially for this purpose.
- The bucket should have the policy to allow the AWS service to write the CUR files there, as shown in the example code below. This is also explained in the AWS CUR documentation.
- Create the CUR reports according to AWS guidelines. Note that some Anodot preferences need to be defined in order to correctly use the file:
- Include Resource ID in the report
- Give the report a name and a path
- Set the time granularity to “Hourly”
- Report versioning; choose the option to deliver each new report in addition to previous reports
- Set the report type as CSV
Providing read access for Anodot
Creating the read access policy
The following policy example shows how to provide read access to the cross-account AWS role.
Creating a cross-account AWS role and CUR cost monitoring source in Anodot
The following procedure describes how to create the CUR cost monitoring source in Anodot and the AWS role. The process requires you to switch between Anodot and AWS, as indicated below (steps in AWS are italicized).
- From the Streams page, click Sources +. In Source Types, click START on the CUR data source type (AWS Cost Monitoring).
- In the displayed AWS Cost Monitoring dialog, enter the bucket name and folder path (optional).
- Copy the unique Anodot ID to the clipboard by clicking the copy icon.
- In AWS, create a cross-account role.
- Use the policy you previously created (see Creating the read access policy above) as the role’s policy.
- Click Another AWS account and use the Anodot account ID as the third party account ID: 340481513670
- Paste the Anodot ID you copied in Step 3 to the “External ID” field in the role definition.
- Save the cross-account role, and copy the role ARN to the clipboard.
- Paste the AWS role ARN into the Role ARN field in the AWS Cost Monitoring dialog.
- Click CONTINUE to connect to the bucket and save the data source.