SAP-C02 Amazon AWS Certified Solutions Architect Professional – New Domain 4 – Cost Control part 1

1. Implementing Resource level tags

Hey everyone, and welcome back to the Knowledge Pool video series. And in today’s lecture, we’ll be speaking more about the tagging strategies. Now generally, whenever you create a resource, let’s assume easy to instance during the creation time if you will see it asks you for tagging related information. So I have my four instances which are running currently, and if I go into the tags currently I only have a single tag. However, in an enterprise organization, having a good tagging strategy is extremely important. So let me give you one of the examples where your AWS bill is rising a lot and the CFO has come to you and it is and he’s asking about which team is using how much money within the AWS account.

So there can be multiple teams like Payments Team, Recon Team, and CFO wants to know on how much resource each team is using as far as the monitorial value or the financial value is concerned. And you will not be able to answer that specific question unless and until you have a good tagging strategy. So what do I mean by this? So let me show you. So generally in the organizations where generally I do consult testing on I create a tags, or we generally create a tags for each and every resource that we create. So the tag is called as the team, followed by the team name. Then you have tag of team followed by the team name. So here you have various different team name. So each and every resource that we create, it gets created with a specific tag.

So if the EC to instance belongs to the Payments Team, we add a tag called as Payments. So let’s try this out. So within the add tag, we can create a new tag call as Team. And here I’ll say payments. So I’ll click on save. Within the second instance I’ll add one more tag call as Team and I’ll say DevOps. So at the end of the month, if you have proper billing setup, you can look into how much money it has costed for the resource belonging to a specific tag. So if you want to know on how much money it has costed you for the resource which has a tag of team and the value of payments, so this becomes much more easier for you to look into. So now once we have tagged all of our resource, you have to enable the billing to include tagging related information as well.

So how can we do that? So now if I go to my billing dashboard now just go to preferences and here you have an option of receive billing reports. So let me just click on here and here you just put the AWS bucket name. So let’s try this out. So I’ll do a s three and I’ll click on Create a new bucket. I’ll name this as KP Labs Hyphen Billing. And I’ll click on Save. Now we have to put the bucket name as a KP Lab Hyphen billing. Along with that you need to enable a bucket policy. So just click over here and this will create a sample bucket policy for you. So just copy this bucket policy and paste it in the S Three bucket. So this is the bucket policy which got generated. I’ll paste this here and I’ll click on Verify. So it will successfully verify. Now what it has given is whatever report which will be generated and it will be uploaded to S Three bucket.

What should it contain? And here there is one very important parameter which is detailed billing report with resources and tags. So now what will happen is whatever billing report AWS will save to the S Three bucket, it will have a good amount of information related to which tags is costing us how much money. So click on Manage Report tags here and you need to basically activate certain tags. So basically we had created a tag for this team. So I’ll click on Team and I’ll click on Activate. So let me just activate this tag and this has been activated. Perfect. So this is something that you need to do. Now if I just go to preferences because we had not saved let’s do Kplab’s billing. I’ll quickly verify we have our tags which are activated and you click on Save Preferences. So after this, after your billing cycle has completed, whenever S Three will upload, or whenever AWS will upload your data to S Three, it will contain information related to the tags as well.

So this is it, about this lecture. In the upcoming lecture we will look into how exactly that report would really look like. Since I don’t have the report right now because I just activated our first tag for our AWS account, I’ll be uploading the video once the file has been uploaded to the AWS S Three account. So this is it, about this lecture. Now, a few important things to remember is that depending upon your organization, you can have multiple tags. So here I have a tag of Team which helps us understand on which team is using more resources. This basically used to help us a lot in one of the organization that I was working in, because there the developer used to blindly tell DevOps that we need ten instances, we need 15 instances. And at the end of the month that Team used to the resources that the DevOps launched.

For that team, the amount of money were more than like five thousand dollars to six thousand dollars. So after that, a CFO came to the Dev Ops team and asked why so much money? And the DevOps team blindly shown him that out of the total AWS bill, 5000 or $6,000 belong to just one team. So this is how it really helps you. So that is why you should have an effective tagging strategy. Tagging strategy will also help you. Specifically, if you have just a single account, you can have a tag for prod stage and depth, so that at the end, end of the month, you can know on how much money each of these environment is costing you. So this is it. About this lecture. I hope this has been informative for you and I look forward to seeing you in the next lecture.

2. Detailed Billing Report with Tags

Hey everyone, and welcome back to the Knowledge Pool video series. So, in the early lecture, we were actually looking into how we can activate the detailed billing reports, which includes the tags that we generate for our EC to resources or for our AWS resources. So if you look here in the report, we have actually activated this specific option of detailed billing report with the resource tag. So whatever report that will be generated at the end of the month, that report will also have the tags which are associated with the AWS resources. So this specific detailed billing report, we are saving it to a bucket called SKP Labs Hyphen Billing. So this is the S Three bucket that we are saving this report to. So let’s do one thing. Let’s go to the S Three and look into the bucket that has been created.

So let’s do a KP labs. Hyphen billing. And this is the s three bucket. So now you will see where your AWS has actually dumped the CA Three file for the reports for various months, which is December, January as well as February. So let’s do one thing. Let’s download the January billing report and we’ll look into what exactly are the contents of this specific detailed billing report. Perfect. So the billing report has been downloaded. So, what I’ll do is this is a zip format. I’ll just extract this and we’ll get the CSV file. So I’ll open this up with the CSV and you will see this is the detailed billing report, which gives you a lot of information. So this is quite wide, so we’ll not be able to cover everything if we zoom at 100%. Let me just minimize the zoom to a certain extent, so that it becomes much more visible. Perfect. So the last column that you see over here, I’ll just try and maximize the important columns that we can look for.

So this last column that you see over here, this column is specific for the tags that we had created. So let me just maximize it again, so it becomes much more clear. So we have created tags for lot of AWS resources, which includes EBS volume, S Three buckets, EC, two instances where we had divided it into teams. So a team is equal to payments, team is equal to DevOps. So at the end of the month, if you’ll see over here, I have certain resources which have the tag of payments. So these resource belongs to the team payments. So if you’ll go a bit down, again, this is a resource which belongs to team payment. So if you’ll see on the left hand side, this is basically the resource which is owned by this team. So this is basically the EBS volume. So now if you go a bit down, you also have certain resource where team is equal to DevOps.

So there can be multiple teams in an organization. So for our testing purposes, we had created two teams where team is equal to DevOps and team is equal to payments. So at the end of the month we can actually know. So if you see over here this specific resource which is associated with the tag where team is equal to DevOps, this is basically an easy to instance ID. And then you can also have the cost which is associated with the specific resource. So this becomes quite a valuable asset for the finance team because they come to know exactly for which resources belonging to which team, how much cost is getting incurred for the organization. And this is something that Solutions Architect should definitely know. So this is it about the detailed building report with Tax. I hope this has been informative for you and I look forward to seeing you in the next lecture.

3. Resource Groups

Hey everyone and welcome back. Now in the earlier lecture we were looking into how we can use the tagging based approach to know on which team is using how much budget within your AWS organization. So today, continuing the similar journey, today we’ll be looking into the resource tags. So, as discussed in the earlier use case, we were looking that the monthly AWS bill has been quite high and the CFO has approached you to design a strategy to give visibility on which teams resource is costing how much. So this is one of the real world scenarios that you might face typically if your organization bill is quite high and if you are into a DevOps team. Now, the best solution to achieve this use case is by tagging strategy where you tag the AWS resource with a team followed by the team name.

So that at the end of the month when AWS will put a bill to your S three bucket, you can exactly get the numbers on which team is responsible for how much budget within your AWS bill. So there is one more use case typically which I have faced and this becomes sometimes challenging where looking into this tagging strategy, let’s assume that the payments team already knows that they are one of the highest beneficiaries of that AWS bill. So the payments team manager has come to you requesting you to show all the resource belonging to the team payment stack so that he can see what all belongs to him and how will you achieve this use case. Now this is a very interesting use case where someone wants to see on what are the resource that belongs to a specific tag.

Now, the reason why this becomes a bit challenging is because let’s assume that you have your EC two instances over here. Now you can actually easily distinguish here. So if I search by the tag of team and the name of payments, so I can easily see on how many easy to instance belongs to the team payments. But this will not show the resource which belongs to other region. So there are many regions over here. So if there are more resources which belongs to other regions like Singapore, so now I have to go to Singapore, I have to again create a filter with the name team and tag payments. Now, this is one aspect, second aspect is that this is covering only EC two.

Now, there can be a lot of other resources like Elastic load balancers, VPCs s three buckets, elastic beanstalk as well as more other resource which might belong to the team payments and we cannot really show in such approach. So what is the best approach to achieve this use case and that is the resource groups. So my bad, it should be resource groups so I’ll just quickly change it to resource groups. So how you can do it is so if you type resource groups, let me press enter. So within the resource group you can actually search for the resource which belongs to a specific tag. Now let me search by a team and the team name would be payments. So what this will basically do is that resource groups will go across all the regions.

So you see this is the region where we have all the regions and the resource types is all the supported resource type. So it will go to all the region, it will scan all the regions and it will tell you on what are the resource which belongs to a tag call as team with the value of payments. So in the EC two instance it is telling there is one instance of KP Labs Heifer two B. Now if you go a bit down, it is also showing that there is one more load balancer which has the tag of payments. Now if you go a bit down you see within the S three bucket section also it is showing that there is one bucket called Kplabs Hyphen payments which has the tag associated of payments. And last but not least there is one more resource of VPC and this also has the tags of payments.

Now one important thing to remember, although not all the AWS services supports tagging, but now AWS is increasingly putting the support of tags across lot of services. So currently these are the services which supports tags. In the future the amount of service which will be supported will be much more higher. So if you want to see on how many resource belongs to a specific tag then the resource group is one of the optimal solution. Now you can actually create a resource group. So I’ll say payments group and I’ll click on save. So now next time I don’t really have to do the searching again. So if I create a resource group over here, I can easily search by the resource group and I don’t have to create a search filter again.

So this is it about this lecture, I hope the overview about the resource group has been informative for you and I look forward to seeing you in the next lecture. Hey everyone. And just for a quick update, so for those who because this will create a bit of confusion so I just thought to start a recording again. So we had created a resource group of payments and here you do not really see any group. So where is the group? So if you go to the resource group at the top you will see you will have a payments group over here and when you click into the payments group you will be able to see all the resources which belongs to this specific group. So I just thought to rerecord this specific part. So to avoid the confusion related to the resource group. So this is it. I hope this has been informative for you and for the last time I’ll see you in the next lecture.

4. AWS Budget Alarms

Hey everyone and welcome back to the Knowledge Fold video series. So in the previous month, I did a little bit of mistake. Let me just show you. So currently, whenever we create a course, we try to be within the free tire. However, in one of the courses, security specialty to be exact. So if you look into my January bill, you see it’s a whooping $68. And the reason behind this is because I actually forgot to delete the resources like the VPN connection that we created in AWS. And at the end of the month, I got a little surprise. So this is the reason why I always say always terminate the resources once you complete it. I forgot it for the first month and I got a good will anyways. So learning for this is definitely you should have a good policy of terminating the resources which are not longer needed.

But along with that, you should always also have the budget alarms. So within the AWS Billing Management console, if you look into the budget step, this is where you can actually create your budget. So let’s assume that you are staying under free tire. So maybe you can put a budget of $5. So if the AWS cost is increasing more than $5, you should receive an alarm saying that this is the budget alarm. I did not set the budget alarm and this is the reason why at the end of the month, I got a huge bill. So, good learning. So let’s go ahead and look into how we can create a new budget alarm. So I’ll click on create a budget and within this there are a lot of options over here. One of the important options over here is the last one where you should be notified when the actual or when the forecasted.

So if your forecasted future budget is going to be extended for maybe more than $100 or maybe more than $10, for those who are under free tire, you should be receiving an alarm saying that your forecasted budget is estimated to be an X amount. Now, second is when the actual budget so forecasted budget is something which will be in the future, actually is something which has already happened now.So you can do one among them. So let’s quickly try it out. So, I’ll create a name. I’ll say Kplabsilling period will be on the monthly basis budget alarm. I’ll set it as maybe say ten USD, notify me. When the forecasted budget is greater than let’s say 90% of the budget amount, or I can say equal to 100% of the budget alarm.

So as soon as the forecasted budget is assumed to be $10 per month, this is the alarm that will be sent. So within the email contacts, I’ll just put instructors at the rate KP Labsor in. You can also put the SNS topic ARN. So again, there are a lot of things in which you can refine your budget too. So you can actually select a specific service as well. So within the service, if you want your budget only for say S three should be $10 per month or $100 per month. This is something that you can refine from your budget estimation. So you can go ahead and click on create a budget and this is the budget that is being created. So within this, if you will see current vase, the budget tab, this is not a very nice I think they are planning to update the GUI which is of the billing console. But this is where you can actually modify various parameters. So currently, if you will see, I have a certain amount which has been created.

So as soon as my budget reaches $10 next time AWS will alert me over email. So this is something that you should be looking for. And if you’re working in a startups which have a very tight budget and you don’t really want unexpected costs, I still remember one of my colleagues, he works in a small startup and one little mistake that he did and at the end of the month, he got a huge bill. And the CEO called him and asked him, why did they get such a huge AWS bill? And this is the reason why it’s always emphasized that you should always create an AWS budget alarm so that at the end of the month you should not have an unexpected payment. So this is it about the budget alarms. I hope this has been informative for you and I hope you have set in your AWS account. So this is it. I hope this has been informative and I look forward to seeing you in the next lecture.