AWS Linked
SpendEffix supports the AWS Organizations service that allows linking several Data Sources in order to centrally manage data of multiple users while receiving all billing exports within a single invoice.
Selecting a AWS Linked tab will make the registration flow easier eliminating the option to input bucket information for billing purposes since this will be received through the root account, whose user will then be able to distribute periodic reports individually if intended by the company management. In this case, only Access Key and Secret Key are required.
Note: If you only specify a AWS Linked account without providing credentials for the main one, SpendEffix will not be able to import any billing data.
Use “Connect” to create a Data Source in SpendEffix. If some of the provided values are invalid, an error message will indicate a failure to connect.
Discover Resources
SpendEffix needs to have permissions configured in AWS for the user Data Source in order to correctly discover resources and display them under a respective section of the dashboard for the associated employee.
Make sure to include the following policy in order for SpendEffix to be able to parse EC2 resources data:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "SpendEffixOperations",
"Effect": "Allow",
"Action": [
"s3:GetBucketPublicAccessBlock",
"s3:GetBucketPolicyStatus",
"s3:GetBucketTagging",
"iam:GetAccessKeyLastUsed",
"cloudwatch:GetMetricStatistics",
"s3:GetBucketAcl",
"ec2:Describe*",
"s3:ListAllMyBuckets",
"iam:ListUsers",
"s3:GetBucketLocation",
"iam:GetLoginProfile",
"cur:DescribeReportDefinitions",
"iam:ListAccessKeys"
],
"Resource": "*"
}
]
}
Your AWS Data Source should now be ready for integration with SpendEffix! Please contact our Support Team at support@hystax.com if you have any questions regarding the described configuration flow.
