An account within CloudCheckr is where you will be able to view the details, reports, cost data, and resource utilization for AWS accounts. You will want to create an account in CloudCheckr for each of your AWS Accounts.
NOTE: If you utilize AWS Consolidated Billing, you can create an account for the Payer account and see Cost data for all of your AWS Consolidated accounts within a single CloudCheckr account.
1. CREATING AN ACCOUNT WITHIN CLOUDCHECKR
To create your first account, simply click the Configure New Account button.
Give your account a unique identifying name. Be sure to select ‘Amazon Web Services’ as your Cloud Provider.
Under ‘Navigation Visibility’ you can choose to limit what main sections of CloudCheckr are viewable — this can also be modified at a later time.
2. CONFIGURING NAVIGATION VISIBILITY
The Navigation Visibility option gives you control over which main modules and sections of the CloudCheckr navigation column will be visible and accessible for this account.
You have the flexibility to configure visibility for the following modules/sections:
- Recently Viewed – Shows the 10 most recently accessed reports.
- Savings – The Cost Savings report, which shows you how to save the most amount of money in the shortest amount of time.
- Best Practices – The Best Practice Checks — valuable, actionable recommendations to optimize your Cloud deployment.
- Cost – The CloudCheckr Cost module, which includes all reports on your daily AWS spend, Reserved Instances, access to raw billing data, etc.
- Inventory – The CloudCheckr Inventory module, which has an ever-growing list of Summary, Detail, and Trending reports on the many AWS resource offerings.
- Security – The CloudCheckr Security module, which helps you audit, conduct forensics, and manage other security issues for your Cloud deployment. Includes CloudTrail and AWS Config reporting.
- Utilization – The CloudCheckr Utilization module, which provides metrics, visualization, analysis, and right-sizing recommendations for your environment based on CPU, memory, and more.
- Automation – The CloudCheckr Automation module, which provides useful functionality to automate administrative tasks related to security and DevOps maintenance.
When you have named your account and configured its Navigation Visibility, click Create.
Next, you need to give CloudCheckr access to the AWS API to collect metadata from your account.
3. ENABLING CLOUDCHECKR ACCESS TO AWS
Now that your account has been created, you will need to enable access to your AWS account. You will first add your AWS account credentials to connect your CloudCheckr account to your AWS account.
To best connect to your AWS account, CloudCheckr needs to be given a Cross-Account Role within the specified AWS account. Cross-Account roles are a best practice for securing programmatic access to your AWS accounts, as the Role can house various permissions that are easily updated as needed.
Click on this link for full instructions on creating a Cross-Account Role and adding the credentials to CloudCheckr.
After adding your credentials, click the Update button and CloudCheckr will automatically begin taking a snapshot of your AWS account and building reports based on its findings.
4. CONFIGURING NOTIFICATIONS WITHIN CLOUDCHECKR
After you have added your Credentials you can further configure your CloudCheckr account, choosing which email notifications to receive.
To configure these emails, on the report list on the left of the page open Account Settings and select Email Settings.
From this page you can configure which Alert emails and Daily/Weekly/Monthly emails will be sent to which recipients.
First, choose which email addresses you would like to receive reports. Separate multiple email addresses with a comma.
Note: The ‘Send emails to’ field is a global email address field for all the notification emails. You have the ability to override the global email setting on a per-notification basis, i.e., for each individual email you can add custom email recipients.
The first section allows you to choose and configure which alert emails you receive.
Send Billing Alert when daily bill fluctuates more than XX% – This is triggered when the daily cost of your AWS account increases or decreases more than the percentage threshold you define. The threshold can be set anywhere between 5 – 100% (in increments of 5). The
Alert email you receive will show you your costs for today, yesterday, and the costs for each AWS Service yesterday and today. This allows you to pinpoint exactly where your cost fluctuated.
Send AWS Health Alerts If Affected – This is triggered whenever a service disruption occurs within an AWS region in which you have resources. These triggering events can range from increased API errors to complete service outages. All disruption updates, through resolution, will be delivered for each outage.
Send All AWS Health Alerts – This is triggered for any AWS performance or service issue in any AWS Region. These triggering events can range from increased API errors to complete service outages. All disruption updates, through resolution, will be delivered for each outage.
Next, choose which daily emails you would like to receive, and at which time of the day you would like them delivered. Note: Time displayed is in GMT/UTC timezone.
Summary of Daily Bill – Provides statistics pertaining to your AWS costs for this specific account. It will show you how much you’ve spent for the day, for the month, and a breakdown of your bill by AWS Service. If you have Detailed Billing enabled within AWS, CloudCheckr will use this data to populate this email.
Best Practices – Contains a list of items within your deployment that CloudCheckr has determined may need your attention. These best practice encompass actionable recommendations categorized under Security, Cost, Availability, as well as incorporating Trusted Advisor (when applicable). This daily email will only include new issues discovered since the previous day, and will not include any items that you choose to ignore within the Best Practice report.
- Importance Level – Select the urgency of Best Practices to be notified on.
- Best Practice Check Types – Select the any of the types of checks to be notified on.
- Send daily Best Practices updates on the following days – Customize the exact days of the week on which you’d like to have Best Practice emails sent to you.
Change Monitoring – Contains a list of items from your AWS deployment (via the AWS Config service) that have either been added, deleted, or modified since the previous day.
Improperly Tagged Resources – Sends a daily email that reports on resources that break any Tagging Rules as configured under Cost > Tags.
Automation – Sends an email that reports on items found and/or processed by automation jobs.
Summary of Monthly Bill – Similar to the Summary of Daily Bill, but is only sent after AWS closes out the month (typically the 5th-6th of the following month) with the final summary for the month.
Daily Consolidated Billing Summary – This email provides a billing summary for all of your consolidated AWS accounts. You will receive total Net Bill, Month-to-Date Bill, and Monthly Predictions based on all of your accounts, as well as an account-by-account breakdown. If you do not utilize consolidated billing within AWS you can disable this report.
CloudTrail Summary – Send a daily summary of CloudTrail event counts by the Top 10 Users, Event Types, and Failed Event Types.
You can choose which emails you would like to receive on a weekly basis, and which day of the week you would like these delivered.
Inventory Report – Provides key statistics about each AWS Service you have deployed.
EC2 Trending Report – Shows how your EC2 deployment has fluctuated over the past week, providing tallies for each day. It shows the number of On-Demand, Spot, and Reserved instances, EBS Volumes, Elastic Load Balancers, Security Groups, as well as additional statistics.
S3 Summary Report – Provides statistics specifically for S3, including cost, storage used, total objects, and buckets.
Best Practices – This is a weekly-aggregated version of the Best Practices email. You can customize which importance level and check types you’d like to be notified of.
Lastly, you can choose which monthly emails to receive.
Summary of Monthly Bill – Sends a summary of your monthly bill and highlights any unusual activity such as spikes in spending.
Monthly Consolidated Billing Summary – Similar to the Daily Consolidated Billing Summary, but is only sent after AWS closes out the month (typically the 5th-6th of the following month) with the final summary for the month.
Best Practices – This is a monthly-aggregated version of the Best Practices email. You can customize which importance level and check types you’d like to be notified of. You can also specify the exact date of the month when the email will be generated.
Once you are satisfied with your selections, click the Update button at the bottom of the tab.