Unable to connect multiple AWS Accounts

[Panchakshari Rc]

Team,

We are trying to configure multiple AWS accounts, but able to connect only one account.

We have taken a image and exporting all the AWS env variables.  What we observed is, with these set of variables (given below), we can only configure only 1 account.   

Would someone help us here to configure multiple AWS accounts.

#################################

# Variables needed for the Billing Data (Holistic) approach with AWS:
AWS_USE_BILLING_DATA=true
AWS_ATHENA_DB_NAME=your-athena-db-name
AWS_ATHENA_DB_TABLE=your-athena-db-table
AWS_ATHENA_REGION=your-athena-region
AWS_ATHENA_QUERY_RESULT_LOCATION=s3://your-athena-query-results-location
AWS_BILLING_ACCOUNT_ID=your-billing-account-id
AWS_BILLING_ACCOUNT_NAME=your-billing-account-name

# Variables needed for the Cloud Usage API (Higher Accuracy) approach with AWS:
AWS_ACCOUNTS=[{"id":"your-account-id","name":"Your AWS Account"}]

############################

[C. G.]

Hello,

I have a lot of questions first :

- Did you enable "Cost and Usage Report" in all of your account ?

- Did you configure IAM role in all your account ?

- Did you correctly configure in AWS CLI, all your "aws access_key_id"; "aws_secret_access_key" ; "region" and "output" ?

- Did you configure your .env file in /packages/api/.env and in /packages/client/.env ?

For my configuration, I configure Cost and Usage report only in my "master_account" that can see all other account. With this, I didn't needed to configure all my account and did action only one time.

[Panchakshari Rc]

Hi Julliet,

Thanks for the reply.

Please find below my inline comments in Blue color.

- Did you enable "Cost and Usage Report" in all of your account ? - YES

- Did you configure IAM role in all your account ? - YES

- Did you correctly configure in AWS CLI, all your "aws access_key_id"; "aws_secret_access_key" ; "region" and "output" ? - YES, but for only one account.

- Did you configure your .env file in /packages/api/.env and in /packages/client/.env ? - YES, used default configuration

Here, we do not have Master account, hence we are creating the Role, buckets in each account.  And if we look at the /api/.env file, we have one variable AWS_ATHENA_QUERY_RESULT_LOCATION, which accepts the S3 bucket name.  As you know, S3 name should be unique, we can't have same name in all the accounts, we are finding difficulty in providing the details for the other accounts.

Or, may be our approach itself is wrong, would you please help us how to proceed.

Regards,

Panch

[C. G.]

Hello Panch,

I think the issue may come from AWS CLI configuration or from /packages/api/.env ... I didn't meet this kind of issue so I will let someone else answer to you.

My solution is to use the master account, because it's my configuration. It could be different from your's...

Regards,
Clement

[Panchakshari Rc]

Hi Clement,

Thanks for the updates.

You may be right here, having the master account to store the billing reports from different accounts would solve this issue.  In the dashboard, will it show the data account wise ? I doubt, would you please confirm this.

In /packages/api/.env, we have option tp env variables for only one account, it is very clear.

Regards,

Panch

[C. G.]

Hello Panch,

Yes, in CCF you will able to filter by AWS account in the search bar at the top of the website. And in the CarbonComparisonCard, you can display results by service or by account. 

For me, in the search bar, my accounts (around 100) are displayed by their account number so it's difficult to know which account belongs to which department in my company. I need to search the information somewhere else. 

In the opposite, with Azure, Accounts are displayed by their Subscription Name, so it's better for reporting and more understandable for human being.

Regards,

Clement

[Panchakshari Rc]

Thanks Clement for the updates.

Now, we are trying the approach you have suggested.  We are making one AWS account as master and pushing the billing reports from other accounts to the S3 bucket in master account.  And, updating account details in the environment variable AWS_ACCOUNTS.  Is this the right approach to do ? Please let me know if anything else needs to be taken care.

Regards,

Panch

[C. G.]

Yes, normally you could follow indications in this link : https://www.cloudcarbonfootprint.org/docs/aws

Don't forget to create the role "ccf-role" from your master account, report ID + secret + region in AWS CLIv2 , activate Cost and Usage report from your master account. And of course configure .env in api and client.

Be sure that Athena is working fine from AWS and buckets are functionnal with the results of athena query.

I configured data to be filtered by month with variable " REACT_APP_GROUP_BY" and query will be faster.

One more thing to know, AWS CUR don't store historical data. So if you activate CUR on 1st May 2022, you only will be able to see data from 1st May to Today. And it will be probably the same for all your AWS accounts. So you have to be patient once CCF is working to retrieve data. :)

I hope it will work fine for you !

Regards,

Clement

[Panchakshari Rc]

Thanks Clemet for the details.

Yes, we will follow all instructions, if any blockers will let you know.

Regards,

Panch