Account Management, Billing & Support Section Flashcards
AWS Organizations
Cost Benefits:
• Consolidated Billing across all accounts - single payment method
• Pricing benefits from aggregated usage (volume discount for EC2, S3…)
• Pooling of Reserved EC2 instances for optimal savings
- API is available to automate AWS account creation
- Restrict account privileges using Service Control Policies (SCP)
Service Control Policies (SCP)
- Whitelist or blacklist IAM actions
- Applied at the OU or Account level
- Does not apply to the Master Account
- SCP is applied to all the Users and Roles of the Account, including Root user
- SCP must have an explicit Allow (does not allow anything by default)
AWS Consolidated Billing
When enabled, provides you with:
• Combined Usage – combine the usage across all AWS accounts in the AWS Organization to
share the volume pricing, Reserved Instances and Savings Plans discounts
• One Bill – get one bill for all AWS Accounts in the AWS Organization
AWS Control Tower
Easy way to set up and govern a secure and compliant multi-account
AWS environment based on best practices (Organizations)
Pricing models in AWS
• Pay as you go: pay for what you use, remain agile, responsive, meet scale
demands
• Save when you reserve: minimize risks, predictably manage budgets, comply
with long-terms requirements. Reservations are available for EC2 Reserved Instances, DynamoDB Reserved Capacity, ElastiCache Reserved Nodes, RDS Reserved Instance, Redshift Reserved Nodes
• Pay less by using more: volume-based discounts
• Pay less as AWS grows
Free services & free tier in AWS
- IAM
- VPC
- Consolidated Billing
- Only pay for resources created (Elastic Beanstalk, CloudFormation, Auto Scaling Groups)
- Free Tier (EC2 t2.micro instance for a year; S3, EBS, ELB, AWS Data transfer)
Pricing - EC2
- Only charged for what you use
- Number of instances
Instance configuration: • Physical capacity • Region • OS and software • Instance type • Instance size
• ELB running time and amount of data processed
Pricing - Lambda
- Pay per call
* Pay per duration
Pricing - ECS
• EC2 Launch Type Model: No additional fees, you pay for AWS resources stored and created in your application
Pricing - Fargate
Pay for vCPU and memory resources allocated to your applications in your containers
Pricing- S3
- Storage class
- Number and size of objects: Price can be tiered (based on volume)
- Number and type of requests
- Data transfer OUT of the S3 region
- S3 Transfer Acceleration
- Lifecycle transitions
Pricing - EBS
- Volume type (based on performance)
- Storage volume in GB per month provisionned
- IOPS:
- General Purpose SSD: Included
- Provisioned IOPS SSD: Provisionned amount in IOPS
- Magnetic: Number of requests
- Snapshots:
- Added data cost per GB per month
- Data transfer:
- Outbound data transfer are tiered for volume discounts
- Inbound is free
Pricing - RDS
• Per hour billing
- Database characteristics:
- Engine
- Size
- Memory class
- Purchase type:
- On-demand
- Reserved instances (1 or 3 years) with required up-front
• Backup Storage: There is no additional charge for backup storage up to
100% of your total database storage for a region
- Additional storage (per GB per month)
- Number of input and output requests per month
- Deployment type (storage and I/O are variable):
- Single AZ
- Multiple AZs
- Data transfer:
- Outbound data transfer are tiered for volume discounts
- Inbound is free
Pricing - Content Delivery – CloudFront
- Pricing is different across different geographic regions
- Aggregated for each edge location, then applied to your bill
- Data Transfer Out (volume discount)
- Number of HTTP/HTTPS requests
AWS Compute Optimizer
- Reduce costs and improve performance by recommending optimal AWS resources for your workloads
- Uses Machine Learning to analyze your resources’ configurations and their utilization CloudWatch metrics
- Supported resources:
- EC2 instances
- EC2 Auto Scaling Groups
- EBS volumes
- Lambda functions
Billing and Costing Tools
Estimating costs in the cloud:
• TCO Calculator
• Simple Monthly Calculator / Pricing Calculator
Tracking costs in the cloud: • Billing Dashboard • Cost Allocation Tags • Cost and Usage Reports • Cost Explorer
Monitoring against costs plans:
• Billing Alarms
• Budgets
AWS Total Cost of Ownership (TCO) Calculators
• The TCO calculators allow you to estimate the cost savings when using
AWS and provide a detailed set of reports that can be used in executive presentations.
• Compare the cost of your applications in an on-premises or traditional
hosting environment to AWS
Simple Monthly Calculator / Pricing Calculator
Estimate the cost for your architecture solution.
AWS Billing Dashboard
Visualization dashboard of costs and billing
Cost Allocation Tags
- Use cost allocation tags to track your AWS costs on a detailed level
- AWS generated tags vs user defined tags
Cost and Usage Reports
• The AWS Cost & Usage Report contains the most comprehensive set of AWS cost and usage data available, including additional metadata
about AWS services, pricing, and reservations (e.g., Amazon EC2 Reserved Instances (RIs)).
• The AWS Cost & Usage Report lists AWS usage for each service
category used by an account and its IAM users in hourly or daily line
items, as well as any tags that you have activated for cost allocation
purposes.
• Can be integrated with Athena, Redshift or QuickSight
Cost Explorer
- Visualize, understand, and manage your AWS costs and usage over time
- Create custom reports that analyze cost and usage data.
- Analyze your data at a high level: total costs and usage across all accounts
- Or Monthly, hourly, resource level granularity
- Choose an optimal Savings Plan (to lower prices on your bill)
- Forecast usage up to 12 months based on previous usage
Billing Alarms in CloudWatch
- In us-east-1
- Billing data are for overall worldwide AWS costs
- Simple alarm
AWS Budgets
- Create budget and send alarms when costs exceeds the budget
- 3 types of budgets: Usage, Cost, Reservation
- For Reserved Instances (RI)
AWS Trusted Advisor
Free/already in place: analyze your AWS accounts and provides recommendation on 5 categories: • Cost optimization • Performance • Security • Fault tolerance • Service limits
7 Trusted Advisor Core Checks
- S3 Bucket Permissions
- Security Groups – Specific Ports Unrestricted
- IAM Use (one IAM user minimum)
- MFA on Root Account
- EBS Public Snapshots
- RDS Public Snapshots
- Service Limits
Full Trusted Advisor Checks
• Full Checks available on the 5 categories
• Ability to set CloudWatch alarms when
reaching limits
• Programmatic Access using AWS Support API
