X
Lab complete!
Now that you have completed this lab, make sure to update your Well-Architected review if you have implemented these changes in your workload.
Click here to access the Well-Architected Tool
Level 300: Organization Data CUR Connection
Last Updated
December 2020
Authors
- Stephanie Gooch, Commercial Architect (AWS)
Feedback
If you wish to provide feedback on this lab, there is an error, or you have a suggestion, please email: costoptimization@amazon.com
Introduction
This lab will show you how to combine your organizations information with your AWS Cost & Usage Report, this will enable you to view cost & usage in a way that is more relevant to your organization. It will guide you through the process of setting up an AWS Lambda function to extract the data from AWS Organizations, such as account ID, account name, organization parent and specified tags. This will then be place into Amazon S3. From there, Amazon Athena will be able to read this data to produce a table that can be connected to your AWS Cost & Usage Report to enrich it. This can be deployed manually or through AWS CloudFormation. We also now offer a terraform module to deploy this code.
NOTE: If you are thinking about combining your AWS Organizations data with other sources of data such as your Cost & Usage Report, Trusted Advisor, Compute Optimizer, etc. (creating a datalake) and/or using the Cloud Intelligence Dashboards dashboards then we recommend using the 300 Optimization Data Collection Lab. This lab contains the setup of this module, plus many more data collectors.
Architecture
Goals
- Combine your AWS Organizations information with your CUR
- Allows you to view costs against accounts with names you provide enriching the data
Prerequisites
- Access to the management AWS Account of the AWS Organization to deploy a cross account role
- A sub account within the Organization
- Completed the Account Setup Lab here
- Completed the Cost and Usage Analysis lab here
- Completed the Cost Visualization Lab here
Deployment Options
We suggest you do not deploy resources into your management account and instead use the cost account created here . However, there are options to deploy all resources into your management account if you wish. To do this complete all steps in you management account and do not create the role in the ‘Create IAM Role and Policies in Management account’ step.
Permissions required
Be able to create the below in the management account:
- IAM role and policy
Be able to create the below in a sub account where your CUR data is accessible:
- Amazon S3 Bucket
- AWS Lambda function
- IAM role and policy
- Amazon CloudWatch trigger
- Amazon Athena Table
Optional
- Completed the Enterprise Dashboards lab here .
Costs
- Estimated costs should be <$5 a month for small Organization
- Amazon QuickSight pricing
Time to complete
- 30 minutes
Steps:
- Create Static Resources
- Create Automation Resources
- Utilize Organization Data Source
- Visualize Organization Data in QuickSight
- Join with the Enterprise Cost Intelligence Dashboard
- Teardown
If you wish to deploy this in your AWS Management Account instead of a Member Account then there is a separate code version which can do this. You do not have to make the IAM Role and Policy made in the Management account in the next step.