红帽全球峰会此内容没有您所选择的语言版本。
Chapter 1. Creating an unfiltered AWS cloud integration
- If you want to create a filtered AWS integration, do not complete the following steps. Instead, go to Creating a filtered AWS integration.
- If you are using RHEL metering, after you integrate your data with cost management, go to Adding RHEL metering to an AWS integration to finish configuring your integration for RHEL metering.
- AWS is a third-party product and its UI and documentation can change. The instructions for configuring third-party integrations are correct at the time of publishing. For the most up-to-date information, see the AWS documentation.
In the Integrations page, you can create an AWS cloud integration and configure your AWS account to give cost management access.
Prerequisites
- You must have a Red Hat Hybrid Cloud Console service account.
- You must have a Red Hat account with Cloud Administrator permissions.
1.1. Adding an AWS account as an integration
Add an AWS integration so that cost management can process your AWS Cost and Usage Reports. You can add an integration automatically by providing your AWS account credentials.
Procedure
-
From Red Hat Hybrid Cloud Console, click Settings
> Integrations.
-
On the Settings page, click
to enter the Add a cloud integration wizard. - On the Select integration type step, select . Click .
- Enter a name for the integration and click .
- On the Select configuration step, select . Do not select the recommended configuration mode when you set up cost management integrations. The recommendation is for other workflows.
- In the Select application step, select Cost management. Click .
1.2. Creating an S3 bucket and a data export
Next, you will create an Amazon S3 bucket with permissions configured to store your data exports.
Procedure
To create a data export, log in to your AWS account and complete the following steps:
- In the AWS S3 console, create a new S3 bucket or use an existing bucket. If you are configuring a new S3 bucket, accept the default settings.
- In the cost management Add an integration wizard, enter the name of your S3 bucket and select the region that it was created in. Click .
In the AWS Billing Console, create a data export that will be delivered to your S3 bucket. Enter the following values and accept the defaults for any other values:
- Export type: Legacy CUR export
- Report name: koku
- Include: resource IDs
- Time unit: Hourly
- Enable report data integration for: Amazon Redshift and Amazon QuickSight. Disable report data integration for Amazon Athena.
- Compression type: GZIP
- S3 bucket: <the S3 bucket that you configured previously>
- Report path prefix: cost
In the Add a cloud integration wizard, on the Create cost and usage report step, click .
NoteFor more details on configuration, see the AWS Billing and Cost Management documentation.
1.3. Activating AWS tags
Tags can help you organize your AWS resources in cost management. Activate your tags in AWS and then give cost management permissions to import them automatically.
In the AWS Billing console:
- Click Cost Allocation Tags.
Select the tags that you want to use in cost management. Click .
-
If your organization is converting systems from CentOS 7 to RHEL and using hourly billing, activate the
com_redhat_rheltag for your systems. - If you are tagging instances of RHEL that you want to meter in AWS, select . Return to the Red Hat Hybrid Cloud Console Create an integration wizard and select Include RHEL usage.
-
If your organization is converting systems from CentOS 7 to RHEL and using hourly billing, activate the
For more information about tagging, see Adding tags to an AWS resource.
1.3.1. Configuring an IAM policy to enable account access for AWS Cost and Usage Reports
Cost management needs your AWS Cost and Usage Reports to display data. To provide access to only your stored information, create an Identity and Access Management (IAM) policy and role in AWS.
In the cost management Add a cloud integration wizard:
On the Tags, aliases, and organizational units step, select any additional data points that you want to include:
-
Select Include AWS account aliases to display an AWS account alias rather than an account number. In the next step of the wizard, this selection will populate
iam:ListAccountAliasesin your IAM JSON policy. -
Select Include AWS organization units if you are using consolidated billing rather than the account ID. In the next step of the wizard, this selection will populate
_organization:List*_and_organizations:Describe*_in your IAM JSON policy.
-
Select Include AWS account aliases to display an AWS account alias rather than an account number. In the next step of the wizard, this selection will populate
- Click
- Copy the IAM JSON policy that is generated based on your selections.
In the AWS Identity and Access Management console:
- Create a new IAM policy for the S3 bucket that you configured.
- Select the JSON tab and enter the IAM JSON policy that you copied from the Red Hat Hybrid Cloud Console Add a cloud integration wizard.
Example IAM JSON policy
+
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:Get*",
"s3:List*"
],
"Resource": [
"arn:aws:s3:::<your_bucket_name>", 1
"arn:aws:s3:::<your_bucket_name>/*"
]
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"cur:DescribeReportDefinitions"
],
"Resource": "*"
}
]
}Next, create a new IAM role:
- Select Another AWS account as the type of trusted entity.
- Enter 589173575009 for the Account ID to give Red Hat Hybrid Cloud Console read access to the AWS account’s cost data.
In the cost management Add a cloud integration wizard:
- Click .
- Copy your External ID from the Create IAM role step.
In the AWS Identity and Access Management console:
- Enter your External ID.
- Attach the IAM policy that you configured.
- Enter a role name and description.
In Roles, open the summary screen for the role that you created.
-
Copy the Role ARN. It is a string that starts with
arn:aws:.
-
Copy the Role ARN. It is a string that starts with
In the cost management Add a cloud integration wizard:
- Click
- Enter your Role ARN and click .
- Review the details of your cloud integration and click .
Cost management will now begin collecting Cost and Usage data from your AWS account as well as any other linked AWS accounts.
The data can take a few days to populate before it shows on the cost management dashboard.
