Billing Flashcards
AWS Organizations
Allows to manage multiple accounts as Global Service
Consolidated Billing
Aggregate Usage
Pooling of reserved EC2 instances
Use of service control policies(SCP)
SCP (Service control policies)
Centrally manage all users and roles permissions in your organization
Whitelist or Blacklist iAM actions
Apply at OU(Org unit) or account level and not at Master Account level
You can allow or deny access to your AWS account services to the OU or Account
Advantages of consolidated billing
Combined Usage - Share volume pricing, reserved instances, savings plan discount
One bill
AWS Control Tower
Set up and govern a secure multi-account AWS environment with best practices for your organization
Automate the setup of accounts
Automate ongoing policy management using guardrails
Detect the policy violations and remediate them
Monitor your compliance through an interactive dashboard
AWS RAM (Resource access manager)
Share resources(owned by your account) with other accounts
AWS Service Catalog
Self Service Portal to launch AWS services (pre configured by cloudformation templates) by the users
To use pre-defined tracks defined by admins
Pricing Models
- Pay as you go (Pay by sec/min on running instance)
- Save when you reserve
- Pay less by using more
- Pay less as AWS grows
Save when you reserve
Allows you to minimize risks, predictably manage budgets, and comply with long-term requirements, and is available for EC2, DynamoDB, ElastiCache, RDS, and Redshift
Pricing for Lambda
Pay per call + Pay per duration (times * RAM)
Pricing for ECS
Pay for the EC2 instance once launched else you dont pay
Pricing for Fargate
Pay for CPU + RAM used by each container. Dont pay by EC2 unlike ECS
Pricing for S3
Number and size of objects
Number and type(IN and OUT) requests
Data transfer OUT of S3 region (Sending IN data is free)
S3 Transfer Acceleration
Lifecycle transitions
Pricing for EBS(Elastic Block Store)
Volume Type
Size (GB/month)
IOPS
Snapshots
Data OUT and NOT Data IN
Pricing for RDS
Per hour billing
Database characteristics
Purchase type - On demand or Reserved
Backup Storage - No charge upto 100% of the db storage for the region
No of Input and Output requests per month
Additional storage
Deployment type - Single or Multi AZ
Data OUT and NOT Data IN
Pricing for CloudFront
Pricing by region
No of HTTP/HTTPS requests
Data OUT and NOT Data IN
Pricing for networking
Talking using private IP between instances in same or different AZs is free
Across region talking between EC2 instances is charged
Savings plan EC2
You commit for a fixed price / hours for an instance family and irrespective of instance size, tenancy and OS
Savings plan for compute
You commit for a fixed price / hours and irrespective of instance family, size, tenancy, OS and region
It covers EC2, Fargate, Lambda
Savings plan for ML
For SageMaker
AWS Compute optimizer
Supported resources to suggest cost optimization
EC2, EC2 ASG, EBS Volumes and Lambda Fx
Pricing Calculator
To estimate cost in AWS and can be used by who does not have AWS account
Track Cost
Billing Dashboard, Cost Allocation Tag, Cost and Usgae Report and Cost Explorer
Monitor Cost against cost plan
Billing Alarms and Budgets
Cost usage report
Used for tracking cost. Shows when, why and how much the cost was incurred
Can be integrated with Athena, QuickSight or RedShift
Cost Explorer
High level tracking compred to Cost usage report
Forcast the bill upto 12 months based on past usage
Can suggest Savings plan for reserved instances
AWS Budgets
Alarm when cost exceeds the budget or forcast exceeds the budget
AWS cost anomaly detection
Uses ML to detect cost anaomaly
Monitor cost->Get Alerted->RCA
AWS Service Quotas
Notify when you are close to your service quota value threashold
Create CloudWatch Alarms
Request to increase service quota
Trusted Advisor
High level AWS account assessment
Recommendation on 5 categories:
-Cost Optimizations
-Performance
-Security
-Fault Tolerance
-Service Limits
7 Core checks for basic and developer plans
-S3 bucket permissions - Making sure bucket is not public
-Security group, making sure that some ports are not unrestricted, such as SSH.
-IAM Use so making sure that we have at least one,
-IAM user in our accounts.
-Ensuring we don’t have any EBS public snapshots
-Ensuring we do not have any RDS public snapshots
-Looking at service limits in AWS
Full Checks for business and enterprise plans
- Full checks in all 5 categories above
- Set cloudwatch alarms
- Programatic access to AWS Support API
Basic support plan
- 24/7 access to customer service and documentation
- AWS Trusted Advisor - 7 core checks
- AWS PHD
Develper support plan
- Business hour email access
- Unlimited access to cases and 1 primary contact
- Response time <12 hrs to <24 hrs
Business support plan
- Full access to AWS Trsusted Advisor + API access
- 24/7 phone, email and chat access
- Unlimited access to cases and unlimited contacts
- Infrastructure event management for additional fee
- Response time <1 to <24 hrs
Enterprise on-ramp support plan
- Access to a pool of technical account managers (TAMs)
- Concierge support team (for billing)
- Infrastructure event management and well architected and operations review
- Response time <30 mins to <4 hrs
Enterprise support plan
1 Access to designated technical account manager (TAM)
2. Concierge support team (for billing)
3. Infrastructure event management and well architected and operations review
4. Response time <15 mins to <4 hrs