Preparing AWS for Insight data collection

Your AWS account must be properly configured to allow Insight to collect cloud cost data.

About this task

The following steps are done through your AWS account. See the Amazon documentation for more information: http://docs.aws.amazon.com. If you are unfamiliar with setting up an AWS cloud account, contact your cloud provider for assistance.
Note: These steps are provided here as a courtesy and are believed correct as of the time of publication. NetApp makes no guarantee of the correctness of these steps. Contact your cloud provider or AWS account holder for information or assistance on configuring your AWS account.

Best practice: Insight recommends that you create a master IAM user on the same account that owns the S3 bucket where the billing reports are uploaded, and use this user to configure and collect AWS billing data.

To configure your AWS account to allow Insight to collect data, perform the following steps:

Steps

  1. Log in to your AWS account as an Identity Access Management (IAM) user. For proper collection, log in to the master IAM account, as opposed to a group IAM account.
  2. Go to Amazon S3 to create your bucket. Enter a unique bucket name and verify the correct Region.
  3. Turn on your Amazon Cost and Usage Report. See https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-reports-gettingstarted-turnonreports.html for information.
    1. Go to the AWS Billing and Cost Management Dashboard and choose Reports.
    2. Click on Create report and enter in the Report Name. For Time unit, choose Daily. Check the box to include Resource IDs, and click Next.
    3. Click on the Sample Policy link in the Select delivery options page. Copy the Sample Policy text in the box to the clipboard. Click Close.
    4. Go back to the S3 Bucket that was created, click on the Permissions tab and select the Bucket Policy button.
    5. Paste the text from the Sample Policy, and replace <bucketname> with your actual bucket name in each line that contains the following: "Resource": "arn:aws:s3:: <bucketname>". Save the policy.
    6. Go back to your Create Report screen, enter in your S3 Bucket and click the Verify button. Click Next.
    7. Verify your information and click Review and Complete.
  4. You must grant permissions in order for Insight to collect data from AWS. The following link provides details on how to grant permissions to List All Buckets (Step 4.1) and set permissions on the objects in the folder (Step 5.2): https://docs.aws.amazon.com/AmazonS3/latest/dev/walkthrough1.html.
  5. In the IAM console, go to Policies and click Create policy.
  6. Enter a name in the Policy Name field, and click Create policy at the bottom.
  7. In the IAM console, select your user, then select Add Inline Policy at the bottom of the screen.
  8. Click on Choose a service and select S3.
  9. Go to the JSON tab. Copy the JSON sample text from step 5.1.2.g of the AWS walkthrough into the JSON box.
  10. Replace the companybucket and Development fields in the JSON with your S3 information.
  11. Click Review Policy to review your policy settings.