Chapter 1. Creating an Amazon Web Services integration
To add an Amazon Web Services (AWS) account to cost management, you must configure your AWS account to provide metrics, then add your AWS account as a cloud integration from the cost management user interface.
To add data integrations to cost management, you must have a Red Hat account with Cloud Administrator permissions.
When you add an AWS integration, you create a read-only connection to AWS so that cost management can collect your data hourly. This process does not make any changes to the AWS account.
To add your AWS account to cost management as an integration, you must configure the following services on your AWS account to allow cost management to have access to your metrics:
- An S3 bucket to store cost and usage data reporting for cost management
- An Identity Access Management (IAM) policy and role for cost management to process the cost and usage data
Since you will complete some of the following steps in the AWS console, and some steps in the cost management user interface, keep both applications open in a web browser.
To ensure you have the most up to date information about AWS, refer to the AWS documentation.
1.1. Adding an AWS account as an integration
Add an AWS integration so the cost management application can processes the Cost and Usage Reports from your AWS account. You can add an AWS integration automatically by providing your AWS account credentials, or you can configure cost management to filter the data that you send to Red Hat. Add an AWS integration so the hybrid committed spend application can processes the Cost and Usage Reports from your AWS account. You can add an AWS integration automatically by providing your AWS account credentials, or you can configure cost management to filter the data that you send to Red Hat.
Prerequisites
- To add data integrations to cost management, you must have a Red Hat account with Cloud Administrator permissions.
Procedure
-
From Red Hat Hybrid Cloud Console, click Settings Menu
> Integrations.
- On the Settings page, in the Cloud tab, click Add integration.
- On the Select integration type step, in the Add a cloud integration wizard, select . Click .
- Enter a name for the integration and click Next.
On the Select configuration step, select how you want to connect to your AWS integration.
- Select to provide your AWS account credentials and let Red Hat configure and manage your integration for you.
- Select to customize your integration. You can filter your information before it is sent to cost management. For instructions on how to filter your data, see Chapter 2, Filtering your Amazon Web Services data before sending it to cost management. Click .
- In the Select application step, select Cost management. Click .
- If you selected the account authorization method, on the Review details step, review the details and click . If you selected the manual configuration method, continue to the next step in the wizard and configure your S3 bucket.
1.2. Creating an S3 bucket and a data export
Create an Amazon S3 bucket with permissions configured to store your data exports.
Procedure
To create a data export, log in to your AWS account and complete the following steps:
- In the AWS S3 console, create a new S3 bucket or use an existing bucket. If you are configuring a new S3 bucket, accept the default settings.
- On the Create storage step, in the Add a cloud source wizard, paste the name of your S3 bucket and select the region that it was created in. Click .
- In the AWS Billing console, create a data export that will be delivered to your S3 bucket.
Enter the following values and accept the defaults for any other values:
- Export type: Legacy CUR export
- Report name: koku
- Include: resource IDs
- Time unit: Hourly
- Enable report data integration for: Amazon Redshift, Amazon QuickSight, and disable report data integration for Amazon Athena
- Compression type: GZIP
- S3 bucket: <the S3 bucket that you configured before>
Report path prefix: cost
NoteFor more details on configuration, see the AWS Billing and Cost Management documentation.
- In the Add a cloud integration wizard, on the Create cost and usage report step, click .
1.3. Activating AWS tags
To use tags to organize your AWS resources in the cost management application, activate your tags in AWS to allow them to be imported automatically.
Procedure
In the AWS Billing console:
- Open the Cost Allocation Tags section.
- Select the tags you want to use in the cost management application, and click Activate.
If your organization is converting systems from CentOS 7 to RHEL and using hourly billing, activate the
com_redhat_rheltag for your systems in the Cost Allocation Tags section of the AWS console.- After tagging the instances of RHEL you want to meter in AWS, select .
- In the Red Hat Hybrid Cloud Console Integrations wizard, click .
Additional resources
For more information about tagging, see Adding tags to an AWS resource.
1.4. Configure an IAM policy to enable minimal account access for Cost and Usage Reports
To provide data in the web interface and API, cost management must consume the Cost and Usage Reports produced by AWS. To only provide access to the stored information and nothing else, create an IAM policy and role for cost management to use.
Procedure
From the AWS Identity and Access Management (IAM) console, create a new IAM policy for the S3 bucket that you configured previously.
Select the JSON tab and paste the following content in the JSON policy text box:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "s3:Get*", "s3:List*" ], "Resource": [ "arn:aws:s3:::<your_bucket_name>", 1 "arn:aws:s3:::<your_bucket_name>/*" ] }, { "Sid": "VisualEditor1", "Effect": "Allow", "Action": [ "s3:ListBucket", "cur:DescribeReportDefinitions" ], "Resource": "*" } ] }- 1
- Replace
<your_bucket_name>in both locations with the name of the Amazon S3 bucket you configured previously.
- Enter a name for the policy and create the policy. Do not close the AWS IAM console. You will use it in the following steps.
- In the Red Hat Hybrid Cloud Console Add a cloud integration wizard, click .
In the AWS IAM console, create a new IAM role:
- Select Another AWS account as the type of trusted entity.
- Enter 589173575009 as the Account ID to provide the cost management application with read access to the AWS account cost data.
- Attach the IAM policy you just configured.
- Enter a role name and description.
- In the Red Hat Hybrid Cloud Console Add a cloud integration wizard, click .
In the AWS IAM console, in the Roles section, open the summary screen for the role you just created.
-
Copy the Role ARN, which is a string beginning with
arn:aws:.
-
Copy the Role ARN, which is a string beginning with
- In the Red Hat Hybrid Cloud Console Add a cloud integration wizard, paste your Role ARN and click Next.
- Review the details and click Finish to add the AWS account to cost management.
Cost management will begin collecting Cost and Usage data from your AWS account and any linked AWS accounts.
The data can take a few days to populate before it shows on the cost management dashboard.
1.4.1. Enabling additional account access for cost and usage consumption
Cost management can display additional data that might be useful. For example:
- Include the Action iam:ListAccountAliases to display an AWS account alias rather than an account number in cost management.
- Include the Actions organization:List* and organizations:Describe* to obtain the display names of AWS member accounts if you are using consolidated billing rather than the account ID.
The following configuration provides access to additional stored information and nothing else.
Procedure
- From the AWS Identity and Access Management (IAM) console, create a new IAM policy for the S3 bucket you configured before.
Select the JSON tab and paste the following content in the JSON policy text box:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "s3:Get*", "s3:List*" ], "Resource": [ "arn:aws:s3:::<your_bucket_name>", 1 "arn:aws:s3:::<your_bucket_name>/*" ] }, { "Sid": "VisualEditor1", "Effect": "Allow", "Action": [ "iam:ListAccountAliases", "s3:ListBucket", "cur:DescribeReportDefinitions", "organizations:List*", "organizations:Describe*" ], "Resource": "*" } ] }- 1
- Replace
<your_bucket_name>in both locations with the name of the Amazon s3 bucket you configured before.
The remainder of the configuration steps are the same as in Section 1.4, “Configure an IAM policy to enable minimal account access for Cost and Usage Reports”
1.5. Configuring AWS billing plans
By default, cost management calculates AWS cost according to your usage cost for that date. If you have a special billing arrangement with AWS such as amortized billing or blended rates, you can configure these calculations from the cost management settings page. This allows your cost reports to more accurately reflect your AWS billing.
For more information about AWS billing, see Understanding Consolidated Bills in the AWS documentation.
Cost management supports three cost calculation options to accommodate AWS billing plans:
- Unblended
- Your costs are calculated according to your usage cost for that date.
- Amortized (Default)
- Your recurring and upfront costs will be distributed evenly throughout the billing period.
- Blended
- Your costs are calculated according to AWS blended rates.
This procedure describes how to set your cost calculation to Amortized or Blended from the default Unblended.
Prerequisites
- AWS integration added to cost management.
- Access to Red Hat Hybrid Cloud Console as an Organization Administrator.
Procedure
- From Red Hat Hybrid Cloud Console, navigate to the cost management settings page.
- Under Show cost as select Amortized or Blended.
- Click Save.
