Connect your AWS account
To retrieve your billing info and understand your infrastructure, Holori needs to be granted an access to your AWS account. This procedure is made in full compliance with AWS's access rules. We will guide you step by step through this configuration process.
Step 1:Create a cross account on the AWS console
- In Holori App, click on your username at the bottom left of the page, then select the ""Integrations" tab and click on "+Connect now" under the AWS logo.
- Below, click on the "AWS IAM Console" link. A new tab will open redirecting you to the AWS console login page (or the role creation page directly if you are already logged in).
Alternatively, use this link: https://console.aws.amazon.com/iamv2/home#/roles/create?awsAccount=112070389366&externalId=f97fd11c-3fcc-4c28-bcf4-b327179915c2&policies=arn%3Aaws%3Aiam%3A%3Aaws%3Apolicy%2FReadOnlyAccess&isThirdParty=true&step=review&trustedEntityType=AWS_ACCOUNT
- You will be redirected to the “create role page”on AWS. Holori will have already pre-filled information. All you need to do is to double check the fields.
The information are the following :
Trusted entity type : AWS Account Account ID : 112070389366 Checkbox for Require external ID: checked A unique external ID is auto generated and filled and should match the one from the Holori app Checkbox for MFA option: unchecked
The information follows AWS best practices and security recommendations.
- Click next,
Step 2: Verify the new policy
-
On the second page make sure that: "ReadOnlyAccess" permission is selected
-
Click next,
Step 3: Name and Create role
On the third and last page :
-
Give the name "holori" to this role
-
In “Step 2 : Add permissions” you can check once again the permissions and it should be : “ReadOnlyAccess”.
- Now click on "Create role" at the bottom of the page.
Congratulations, your AWS role should now be created.
Step 4 : Add the cross account role to Holori app
-
Give a name to your provider account, this name will be used to identify it in Holori software.
-
Copy your ARN and come back to the Holori tab to paste it.
Step 5 : Enable cost retrieval from your AWS account
Cost Explorer
Enable Cost Explorer: https://console.aws.amazon.com/cost-management/home Then navigate to Cost Management preferences, and to the Cost Explorer tab. Make sure that the following configuration is selected:
- Enable Historical data up to 38 months
- Resource level data at daily granularity (up to 14 days)
Cost Optimization Hub
AWS Cost Optimization Hub must be activated: In the navigation panel, go to Cost Optimization Hub: https://console.aws.amazon.com/cost-management/home
AWS Compute Optimizer
AWS Compute Optimizer must be activated. Make sure you opted in: https://console.aws.amazon.com/cost-management/home
Once you have performed all the steps above, on Holori App, click Save at the bottom of AWS integration page. Your account will be synchronized in the following minutes. Go grab a coffee and start exploring your cost and infra.