Integrate by sharing access to cost reports

Please select your preferred path forward to share your AWS Cost and Usage Reports with Taloflow.

What are AWS Cost and Usage Reports?

I have AWS Cost and Usage Reports turned on

Read the Docs

PRerequisite

The Cost and Usage Report parameters should be set to Hourly, GZIP, Resource IDs and Create New Report Version.

Step 1: Run CloudFormation Template

In order for Taloflow to access your AWS Billing history you will need to click on this link to run the CloudFormation template that creates 2 IAM Roles. Please watch the video below for further instructions.

Step 2: Update Statements in S3 Bucket Policy

Please update the statements in your S3 Bucket Policy by adding the snippet below. This simple change will allow us to Get Object and List Object in the resources that are buckets. Please go to the S3 Services page in the AWS Console, and follow the instructions in the video below to make the change.

Statements to add to S3 Bucket Policy
{
     "Sid": "Stmt1540642168130",
     "Effect": "Allow",
     "Principal": {
       "AWS": "arn:aws:iam::<account_id>:role/taloflowInstructionProcessorRole"</account_id>
     },
     "Action": [
       "s3:GetObject",
       "s3:ListBucket"
     ],
     "Resource": [
       "arn:aws:s3:::<bucket_name>",</bucket_name>
       "arn:aws:s3:::<bucket_name>/*"</bucket_name>
     ]
   }
Ensure you add commas in between statements for your S3 bucket policy.

Step 3: Add Sub Accounts

For every Sub Account that you have within the Master Account, please run the following CloudFormation Stack (this is a different stack) in each of them so that we can gather tags and other important telemetry from them: link to run the CloudFormation Template on your Sub Account(s) one at a time. This enables us to see tag information at the Sub Account level.

Please make sure that you are running this CloudFormation stack inside each Sub Account, not the Master Payer account.

I do not have AWS Cost and Usage Reports turned on

Read the Docs

Step 1: Create a new AWS Cost and Usage Report

In order for you to collect the AWS Billing information and store it in an S3 bucket that we can access, you will need to create a new Cost Report. Please go to the AWS Billing Console and follow the instructions in the video below to create a new Cost Report.

Please ensure that you create a new top level bucket for your Cost Report and that you don't nest a Cost Report Folder inside another existing folder in your S3 Bucket.
In order to get better predictions, if you have a longer history of reports for your account, please copy over the reports to the S3 bucket you gave us access to.

Step 2: Delete S3 bucket policies

In order for you to execute the CloudFormation script in the following step correctly the S3 bucket with the Cost Report you just created needs to have all policies removed. Please go to the S3 Services page in the AWS Console, and follow the instructions in the video below to remove any S3 bucket policy.

When creating a new Cost Report, as in the previous step, AWS will force you to add their default S3 bucket policy to the S3 bucket with the Cost Report. This default policy must be removed.

Step 3: Run CloudFormation Template

In order for us to access your AWS Billing history you will need to click on this link to run the CloudFormation template that creates 2 IAM Roles. Please watch the video below for further instructions.

Step 4: Add Sub Accounts

For every Sub Account that you have within the Master Account, please run the following CloudFormation Stack (this is a different stack) in each of them so that we can gather tags and other important telemetry from them: link to run the CloudFormation Template on your Sub Account(s) one at a time. This enables us to see tag information at the Sub Account level.

Please make sure that you are running this CloudFormation stack inside each Sub Account, not the Master Payer account.
You're in control. Your data is kept secure.
Access is restricted to the Cost Report, Usage Metrics, and the resource and tagging API.
You're up and running in 10 minutes or less.
Designed for minimum setup and almost zero maintenance. No confusing rules, just timely analysis.
Reviewed by AWS Solution Architects
Met all of the advanced requirements and undergone a platform review by AWS Solution Architects.