Sign In

Amazon Web Services

This topic describes how you can add your AWS data sources to the FinOps platform. FinOps for Cloud supports both AWS organizations and individual AWS standalone accounts.

AWS terminology

The following table contains the terminology that applies to AWS data sources.

Term
Definition

Management account

A management account is an AWS account you use to create your AWS Organization. The owner of the management account is responsible for paying for all usage, data, and resources used by the accounts in the organization.

A management account is also called a root account, master account, billing account, or payer account.

Member account

A member account is an AWS account, other than the management account, that is part of an AWS Organization. The management account is responsible for paying for all member accounts in the organization.

A member account is also referred to as a linked account, child account, usage account, or sub-account.

Standalone account

A standalone account refers to an account that is not part of an AWS Organization. It stands on its own, without being linked to any other accounts for consolidated billing, management, or policy control.

A standalone account is also referred to as an individual account, non-organizational account, or unlinked account.

FinOps for Cloud terminology

The following terminology is used in FinOps for Cloud when adding an AWS data source.

Term
Usage

Root

Use this option when:

  1. Adding an AWS organization management account.

  2. Adding an AWS organization member account (when you don't have access to a management account)

  3. Adding an AWS standalone account.

Linked

Use this option when adding an AWS organization member account, and the management account is already added.

Configuring your AWS accounts

AWS organizations

Depending on the access to your management account and other member accounts, there are different ways to add AWS data sources to FinOps for Cloud.

If you connect the root account but don't connect the linked accounts, all expenses from the unconnected linked accounts are ignored, even if they exist in the data export file. To retrieve expenses from both linked and root accounts, connect all AWS accounts (not just the root). FinOps for Cloud ignores data from unconnected linked accounts.

With access to the management account

If you have access to create a Cost and Usage Report (CUR) and Identity and Access Management (IAM) users in your management account, follow these steps:

When the member accounts are added, FinOps for Cloud automatically identifies the management account and uses the imported cost and usage data from that account.

Without access to the management account

If you don't have access to your management account, you can create individual CURs in each member account and add them to FinOps for Cloud as if they were AWS Root Accounts.

To add your member account to FinOps as an AWS Root account:

  1. Create a Cost and Usage report in AWS.

  2. Create the FinOpsForCloudBillingImport IAM policy.

  3. Create the FinOpsForCloudResourceDiscovery IAM policy.

  4. Create the FinOpsForCloudUser IAM user.

  5. Create an access key for the FinOpsForCloudUser IAM user.

  6. Add the member account to your FinOps for Cloud data sources as an AWS Root account.

AWS standalone accounts

To add a standalone AWS account:

  1. Create a Cost and Usage report in AWS.

  2. Create the FinOpsForCloudBillingImport IAM policy.

  3. Create the FinOpsForCloudResourceDiscovery IAM policy.

  4. Create the FinOpsForCloudUser IAM user.

  5. Create an access key for the FinOpsForCloudUser IAM user.

  6. Add the standalone account to your FinOps for Cloud data sources as an AWS Root account.

PreviousData SourcesNextCreate Cost and Usage Reports

Last updated

Was this helpful?