DX Infrastructure Manager

Expand all | Collapse all

AWS probe billing concerns

  • 1.  AWS probe billing concerns

    Posted 02-20-2019 03:25 PM

    Hello,

     

    We are tested the AWS probe v 5.4 several time and in different ways. It always comes down to the same conclusion. Out of all the accounts being monitored (with the same role/policies) only 1 (the same one) will report AWS service billing data.

     

    We have satisfied the policies required by CA and I can see the billing data from the AWS console on those accounts but the CA probe can't.

     

    Anyone have similar issues? What all permissions and requirements are needed by the probe to provide billing data?

     

    p.s. an interesting note is that the account we can see data through CA probe, WILL NOT let us see billing metrics through the AWS console. Yes the ones we can see from the Console, we can't from the CA probe

     

    A



  • 2.  Re: AWS probe billing concerns

    Posted 02-20-2019 08:29 PM

    The probe requires access to at least the following policies on AWS:

    ReadOnlyAccess
    AmazonS3ReadOnlyAccess

     

    The probe requires the following policies to monitor account billing details, in addition to ReadOnly access for CloudWatch service:

    AWSAccountUsageReportAccess
    AWSAccountActivityAccess



  • 3.  Re: AWS probe billing concerns

    Posted 02-21-2019 01:33 PM

    David,

     

    We have all these policies set on the role we use to issue the secret key and accesses key, yet it still does not work. As stated only 1 AWS account from about 10 works (they all use the same role to issue the the secret/access keys)

     

    A



  • 4.  Re: AWS probe billing concerns

    Posted 02-27-2019 04:53 PM

    Since the problem is user specific it seems like there must be something beyond just the role that is different and preventing the others from getting the billing info.