Onboard AWS to CloudHiro's cost optimization platform
The following guide will show you how to set up your account to allow CloudHiro to access it in a secure manner. We will create a separate role for CloudHiro.
Confirm the email you get and login
Go to ShowExternalID and copy the externalID for later use. If no external ID is shown, log out and login again.
Login to your AWS account as an admin.
Creating a new CUR (Cost and usage report) and granting access to it:
- When creating the CUR, make sure you are in us-east-1 (North-Virginia) region.
- Use this link for new CUR
- If you already have existing CUR -use this link. Please save the bucket-name and cur-name for later use.
Adding permissions to all accounts (including child accounts):
Go to create stacksets and enter in the "Amazon S3 url" the following JSON's:
- Read-only permissions to all accounts - permits CloudHiro to collect metrics on all resources
- Reserved instances and Saving plans management permissions
- Read-write permissions - allows CloudHiro to tag resources, shutdown/start EC2 instances, etc.
Note: The first stackset will create "CloudHiro" role and the other two will add policies to the same role.
- You will be asked for a parameter called ExternalID.Find it here.
- In the "Specify regions" section, specify at least one region.
- In "Maximum concurrent accounts - optional" change both sections to "percentage" and "100%"
Reserved Instances Management:
Make sure that "Reserved Instances and Savings Plans discount sharing preference" is enabled for all accounts and enabled by default. AWS → AWS billing → Billing preferences → "Reserved Instances and Savings Plans discount sharing preference".
That's it - We are all done!