This section provides detail on the AWS management services relevant to the Solution Architect Associate exam. These services are used to help you audit, monitor and evaluate your AWS infrastructure and resources. These management services form a core component of running resilient and performant architectures.
- Understand the benefits of using AWS CloudWatch and audit logs to manage your infrastructure
- Learn how to record and track API requests using AWS CloudTrail
- Learn what AWS Config is and its components
- Manage your accounts with AWS Organizations, including single sign-on with AWS SSO
- Learn how to carry out logging with CloudWatch, CloudTrail, CloudFront, and VPC Flow Logs
- Understand how to design cost-optimized architectures in AWS
- Learn about AWS data transformation tools such as AWS Glue and data visualization services like Amazon Athena and QuickSight
The essence of a cost allocation strategy is the ability to tell how much is spent on which resource on which service. This type of visibility can be best achieved by tagging every single resource in your cloud. AWS enables the user to put tags on every available resource. You can use tags for many things. But for this course, we're just going to focus on how to use them for cost allocation. So let's find out what tags actually are.
Tags provide the functionality to define metadata in the form of key and value pairs. These on the other hand are associated with the resources in a cloud account. Let's have a look at this diagram. In this example, we're looking at four resources. Don't mind the details because it doesn't really matter what kind of resources they are. These are just some key samples. So each of them has a tag, which goes by the key-value environment production. This one is true for every four of them. This means that all of these resources belongs to the production stage of our environment.
The next one distinguishes our resources between the frontend and backend, and basically tells us right away which resources host a front-end service and which hosts a back-end service. Typically, business tags such as cost center, business unit, or project are used to associate AWS costs with traditional financial reporting within an organization. However, a cost allocation report is not static and hence can include any tag. This allows customers to easily link costs to technical or security dimensions, such as specific applications, environments, or compliance programs.
With AWS Cost Explorer and Cost and Usage Report, AWS costs can even be viewed according to tags, providing even more insightful cost visualizations. AWS Cost and Usage report is otherwise known as AWS CUR. Just so you know what the Cost and Usage Report is, I wanted to drop in a short explanation. With the help of AWS Cost and Usage reports, you can track the monthly AWS costs and usage associated with your AWS account. The report includes items for each unique combination of product, usage type, and operation that is used in your AWS environment. It enables you to configure the AWS Cost and Usage report to show only the data that you want, using the AWS Cost and Usage API.
AWS Cost and Usage Reports contain the widest variety of cost and usage data. You can set up the CUR to collect billing data for any given period and push it into an Amazon S3 bucket to store it there for whenever you need it. You can get hourly, daily, or monthly reports. These contain the costs in detail and are sorted by product or resource. If tags are used properly, they are also listed in the report and can provide extra detail to your bill. A report is updated at least once per day and up to three times. They can be stored in an S3 bucket of your choice and be retrieved whenever needed, either manually or by using another service.
After you set up a cost and usage report, you receive the current month's billing data and daily updates in the same Amazon S3 bucket. The data from the CUR forms the base for a detailed and complete cost analysis. It is often the main part for many business intelligence tools, like Athena and QuickSight, just to name a few. And CUR can also be reached by an API, which you can use for your custom scripts or individual needs.
So, in conclusion, with AWS CUR, you are able to store your report files in Amazon S3 buckets, update the report automatically, up to three times a day, make use of the AWS CUR API for automation or easier management through API calls, and use the CUR for in-depth analysis with business intelligence tools like QuickSight, Athena, and others. That's about it for the AWS Cost and Usage Reports, so let's continue.
Keeping cost allocation in mind, the best way to assign business-context details to specific resources is by using tags. Later on in the process, this enables you to carry out a more valuable analysis based on your cost data and facilitates company-specific decision making by a well-evaluated foundation of data. If you take bill analysis into consideration, tags can add business dimension and context to ease the allocation process.
Tags are used to identify which item or resource in your cloud is attributed to each of your business services. So you can always tell exactly which resources are used for which service in your company. Nevertheless, keep in mind that tags are only meaningful to their respective user or a customer. They literally do not have any semantic meaning. You can name them whatever you like and assign a value to them. However, when used correctly, they can help read and analyze your data and even automate your analysis with the right setup.
In AWS, you can manage tags in the service console or accessing the API through AWS CLI, although this limits you to only one resource at a time. If you want to add, edit, or delete tags on multiple resources, it is best to use a service, for example, the AWS Tag editor. Once you have tagged your resources, you can enable Cost Allocation Tags in the Billing and Cost Management sections. We will discuss how to tag and activate the Cost Allocation tags in a minute. One significant thing to note here is that tagging existing resources retroactively is pretty annoying. So make sure to tag your resources from the very beginning.
In the best case, policies can prohibit the deployment of new resources without the appropriate tags. But more about that later. If you want to analyze a cost report after the fact with unlabeled or poorly labeled resources, you will have a hard time understanding the exact usage of each resource, and will likely not be able to identify the exact costs and usage by resource. So, it is advised to start tagging resources as soon as possible and stay consistent with your tagging strategy.
Planning out a tagging strategy or a tagging standard is essential, and the best time to implement one is before a company launches its cloud resources. It's best to keep tagging simple and easy to grasp. Don't overdo it for the sake of it. After all, you want to gain visibility, not cause confusion. The best thing to do is to learn about predefined tags and choose the ones suitable for your business. It's also advisable to adjust your tags to follow your KPIs once you determine them.
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.
Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.