Connect AWS account
Before you begin
-
This page applies only if DoiT is NOT your cloud reseller.
-
You'll be charged 2% of the monthly spend on these accounts.
-
You can choose to be billed either via direct invoice from DoiT or via AWS Marketplace subscription. For the latter, you need to Subscribe through AWS Marketplace.
See Connect cloud account for more information.
Required permission
You need the AdministratorAccess
role on the AWS account that you want to connect.
Connect AWS account
To connect your AWS account:
-
Sign in to the DoiT console.
-
Launch the connection wizard:
-
If you just start working with DoiT, select Amazon Web Services as the cloud provider on the welcome page to open the wizard.
-
If you have already connected one or more cloud accounts with DoiT, you can choose either approach from below:
-
-
Enter the AWS account ID that you want to connect. It should be of the AWS management account of your organization.
Create a legacy CUR export
To feed the DoiT console with AWS billing data, you need to create an AWS Cost and Usage Report (CUR):
-
Sign in to the AWS Billing and Cost Management console.
-
Create a legacy CUR export with the following settings:
- Export type: Legacy CUR export
- Additional content: Include resource IDs, Split cost allocation data
- Report data time granularity: Hourly
- Compression type: GZIP (csv) or Parquet
-
In the DoiT console, enter the name of your S3 bucket where you have created the CUR. DoiT reads CUR files exclusively from the specified bucket and automatically discovers new CUR files in it.
Grant permissions to DoiT console
DoiT provides an AWS CloudFormation template with an IAM JSON policy that grants necessary permissions to the DoiT console so that it can analyze your billing data.
-
In the DoiT console, select Open AWS CloudFormation Console.
-
In the AWS CloudFormation console, create a stack using the DoiT template (you can also download the template from the template URL).
The template includes a managed policy (entity type:
AWS::IAM::ManagedPolicy
) with the following statementsOrganizations
: Allows DoiT to use the AWS Organizations service to get metadata about your AWS organization and accounts.HealthKnownIssues
: Allows DoiT to use AWS Health for issue management with your AWS Organization.Finops
BillingBucket
: Allows the DoiT billing pipeline to access S3 buckets.BillingObject
: Allows the DoiT billing pipeline to retrieve CUR files from S3 buckets.Onboarding
: Verifies the permissions are set correctly.
-
Select Next to continue.
Confirm the Cost and Usage Report
Once the AWS account has been successfully connected, CUR files in the S3 bucket are validated:
-
Valid CURs are listed on the page. Currently, only one CUR is supported.
-
If none of the CURs is valid, the DoiT console displays why they are invalid so you can make corrections.
You can always select Refresh to validate CURs in the S3 bucket.
Subscribe through AWS Marketplace
This step applies if you prefer to be billed through the AWS Marketplace subscription. See Subscribe through AWS Marketplace for details.
AWS offboarding
If you decide not to continue with us, you need to revoke DoiT's access to your AWS billing data and delete the relevant resources, including:
-
CloudFormation Stack that grants permissions to DoiT
-
(Optional) Cost and Usage Report (CUR) created for DoiT and the S3 bucket that stores the CUR files
See the interactive demo below for how to delete the relevant resources from the AWS Management Console.
Interactive demo
Try out our interactive demo for a hands-on walk-through experience.
Onboarding
If the demo doesn't display properly, try expanding your browser window or opening the demo in a new tab.
Offboarding
The interactive demo below shows how to delete the relevant resources from the AWS Management Console.
If the demo doesn't display properly, try expanding your browser window or opening the demo in a new tab.
What's next
After you successfully connected your account, we start importing your billing data and notify you when the data is available for Cloud Analytics and other DoiT features.