Chapter 1. Creating your Amazon Web Services integration: Basic
If you want to create an AWS integration by using the advanced path, do not complete the following steps. Instead, go to Creating your Amazon Web Services integration: Advanced.
If you are using RHEL metering, after you integrate your data with cost management, go to Adding RHEL metering to an AWS integration to finish configuring your integration for RHEL metering.
You must create an AWS integration for cost management from the Integrations page and configure your AWS account to allow cost management access.
AWS is a third-party product and its UI and documentation can change. The instructions for configuring third-party integrations are correct at the time of publishing. For the most up-to-date information, see the AWS documentation.
Prerequisites
- You must have a Red Hat Hybrid Cloud Console service account.
- To add data integrations to cost management, you must have a Red Hat account with Cloud Administrator permissions.
1.1. Adding an AWS account as an integration
Add an AWS integration so cost management can process the Cost and Usage Reports from your AWS account. You can add an AWS integration automatically by providing your AWS account credentials.
Prerequisites
- To add data integrations to cost management, you must have a Red Hat account with Cloud Administrator permissions.
Procedure
- From Red Hat Hybrid Cloud Console, click Settings Menu > Integrations.
- On the Settings page, in the Cloud tab, click Add integration.
- On the Select integration type step, in the Add a cloud integration wizard, select . Click .
- Enter a name for the integration and click Next.
On the Select configuration step, select how you want to connect to your AWS integration.
- Select to provide your AWS account credentials and let Red Hat configure and manage your integration for you. Click .
- Select must select Manual Configuration. to customize your integration. If you are using cost management to meter your RHEL subscription, you
- In the Select application step, select Cost management. Click .
- If you selected the account authorization method, on the Review details step, review the details and click . If you selected the manual configuration method, continue to the next step in the wizard and configure your S3 bucket.
1.2. Creating an S3 bucket and a data export
Create an Amazon S3 bucket with permissions configured to store your data exports.
Procedure
To create a data export, log in to your AWS account and complete the following steps:
- In the AWS S3 console, create a new S3 bucket or use an existing bucket. If you are configuring a new S3 bucket, accept the default settings.
- On the Create storage step, in the Add a cloud source wizard, paste the name of your S3 bucket and select the region that it was created in. Click .
In the AWS Billing console, create a data export that will be delivered to your S3 bucket. Enter the following values and accept the defaults for any other values:
- Export type: Legacy CUR export
- Report name: koku
- Include: resource IDs
- Time unit: Hourly
- Enable report data integration for: Amazon Redshift, Amazon QuickSight. Disable report data integration for Amazon Athena
- Compression type: GZIP
- S3 bucket: <the S3 bucket that you configured before>
Report path prefix: cost
NoteFor more details on configuration, see the AWS Billing and Cost Management documentation.
- In the Add a cloud integration wizard, on the Create cost and usage report step, click .
1.3. Activating AWS tags
To use tags to organize your AWS resources in the cost management application, activate your tags in AWS to allow them to be imported automatically.
Procedure
In the AWS Billing console:
- Open the Cost Allocation Tags section.
- Select the tags you want to use in the cost management application, and click Activate.
If your organization is converting systems from CentOS 7 to RHEL and using hourly billing, activate the
com_redhat_rhel
tag for your systems in the Cost Allocation Tags section of the AWS console.- After tagging the instances of RHEL you want to meter in AWS, select .
- In the Red Hat Hybrid Cloud Console Integrations wizard, select Include RHEL usage.
Additional resources
For more information about tagging, see Adding tags to an AWS resource.
1.4. Configuring an IAM policy to enable account access for Cost and Usage Reports
Cost management needs Cost and Usage Reports produced by AWS to display data. To provide the correct access, create an IAM policy and role in AWS, which provides access only to the stored information.
Cost management can also display additional data. For example:
-
Include the Action
iam:ListAccountAliases
to display an AWS account alias rather than an account number. - If you are using consolidated billing rather than the account ID, include the Actions organization:List* and organizations:Describe* to find the display names of AWS member accounts.
In cost management:
- In the Add a cloud integration wizard, select the additional data points you want to be included.
- Click Next.
- Copy the JSON output that is generated based on your selections.
In the AWS Identity and Access Management console:
From the AWS Identity and Access Management (IAM) console, create a new IAM policy for the S3 bucket that you configured before.
Select the JSON tab and paste the JSON policy which you copied from the Red Hat Hybrid Cloud Console Add a cloud integration wizard:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "s3:Get*", "s3:List*" ], "Resource": [ "arn:aws:s3:::<your_bucket_name>", 1 "arn:aws:s3:::<your_bucket_name>/*" ] }, { "Sid": "VisualEditor1", "Effect": "Allow", "Action": [ "s3:ListBucket", "cur:DescribeReportDefinitions" ], "Resource": "*" } ] }
- Enter a name for the policy and create the policy. Do not close the AWS IAM console. You will use it in the following steps.
In cost management:
- In the Red Hat Hybrid Cloud Console Add a cloud integration wizard, click .
In the AWS Identity and Access Management console:
In the AWS IAM console, create a new IAM role:
- Select Another AWS account as the type of trusted entity.
- Enter 589173575009 as the Account ID to give Red Hat Hybrid Cloud Console read access to the AWS account cost data.
In cost management:
- Copy your external ID from the Create IAM role step in the wizard.
In the AWS Identity and Access Management console:
- Enter your external ID in the External ID field.
- Attach the IAM policy you just configured.
- Enter a role name and description.
In cost management:
- In the Red Hat Hybrid Cloud Console Add a cloud integration wizard, click .
In the AWS Identity and Access Management console:
In the AWS IAM console, in the Roles section, open the summary screen for the role you just created.
-
Copy the Role ARN, which is a string beginning with
arn:aws:
.
-
Copy the Role ARN, which is a string beginning with
In cost management:
- In the Red Hat Hybrid Cloud Console Add a cloud integration wizard, paste your Role ARN and click Next.
- Review the details of your cloud integration and click Add.
Cost management will begin collecting Cost and Usage data from your AWS account and any linked AWS accounts.
The data can take a few days to populate before it shows on the cost management dashboard.