# AWS FinOps Onboarding *** ## Decisions to Make **Report Format** * [Legacy CUR Export](#id-2.-select-report-format) * [Focus 1.0 (Standard Data Export)](#2-select-report-format) **Report Source** * [Existing Report](#32-finding-an-existing-report-in-aws-console) * [New Report](#3-choose-between-existing-or-new-report) **IAM Role** * [Use Existing IAM Role](#3-choose-between-existing-or-new-report) * [Create via CloudFormation](#311-create-via-cloudformation) * [Create Manually](#312-create-manually) *** ## Summary Sedai’s AWS FinOps Onboarding swiftly ingests your AWS Cost & Usage Reports (CSV/gzip/zip), converting raw billing data into AI-driven spend insights and automated savings recommendations—just choose your report format and source to start optimizing 💡 **Reports format:** `CSV` 💡 **Supported compression:** `gzip` & `zip` *** ## 1. Prerequisites **Data Organization:** Data for each month should be in the following structure: This structure aligns with how AWS currently dumps the data by default, helping us keep things organized. * `///<>, <>` Ensure your IAM role includes the following permissions: * **Billing API permissions:** `savingplans:DescribeSavingsPlans` `ce:GetReservationCoverage` `ce:GetReservationPurchaseRecommendation` `ce:GetReservationUtilization` `ce:GetSavingsPlanPurchaseRecommendationDetails` `ce:GetSavingsPlansCoverage` `ce:GetSavingsPlansPurchaseRecommendation` `ce:GetSavingsPlansUtilization` `ce:GetSavingsPlansUtilizationDetails` * **S3 permissions:** `s3:Get*` `s3:List*` * **Invocation pattern:** `Periodic` *** ## 2. Add FinOps Billing Account Integration ### 1. In Sedai console, go to ### **Settings → Integrations →** ![](https://718462512-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FrF70A0mjyczIwzn72g6Y%2Fuploads%2FVroKFWEwOUcYWnCYSQTW%2Fsedai-settings-image.png?alt=media\&token=14748c06-80f8-4c93-b3d8-14475b66325c) ### **Add Integration →**![](https://718462512-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FrF70A0mjyczIwzn72g6Y%2Fuploads%2Fcs9XeTpFSwOFV1fS7b7W%2Fadd-integration.png?alt=media\&token=2a45f005-9723-4ea5-9a55-b4c99fb77743) ### **Billing Account → AWS**. ![](https://718462512-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FrF70A0mjyczIwzn72g6Y%2Fuploads%2FNCiOgNwrNFbXhxAwd9t2%2Fadd-integration-billing-account.png?alt=media\&token=4f39f12b-a194-49ad-b01e-e2bfa3b6a64b) ### 2. Select Report Format

* As of today, Sedai prefers `Legacy CUR Export` because it contains more data for calculating discounts. * `Focus 1.0 with AWS Columns` standard is still evolving as it adds more columns related to calculating discounts for various services; it would be a viable option to choose this. ### 3. Choose between Existing or New report

💡 If you’re choosing an existing report please make sure that the above [prerequisites ](#id-1.-prerequisites)constraints are satisfied. ❓ [Finding a report in AWS Console](#7-finding-an-existing-report-in-aws-console) ### 4. Add Policy

1. [Use Existing IAM Role](#id-5.-enter-role-arn-and-s3-bucket-info) (💡Verify role meets all [prerequisites](#id-1.-prerequisites)) 2. [Create New IAM Role](#3-create-iam-role) ### 5. Enter Role ARN and S3 bucket info After completion, copy and paste the **Role ARN** back into Sedai.

Enter the bucket name, region and report path prefix.

❓[Finding a report path prefix](#33-how-to-find-the-report-path-prefix) ### 6. Test & Save 1. Update Account Nickname and Click **Test Connection**\ ![](https://718462512-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FrF70A0mjyczIwzn72g6Y%2Fuploads%2Fz929A0jEYL7hwsYiOU0h%2Fnickname-and-test-connection.png?alt=media\&token=8b39bf35-0924-46d9-983a-94037c6081f1) 2. On successful test, click **Save Integration**.\ ![](https://718462512-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FrF70A0mjyczIwzn72g6Y%2Fuploads%2FMVe3Yd4c0kRKh65nXeAE%2Ftest-successfully.png?alt=media\&token=4425df46-fc48-4d1a-ad94-2664f13c18d1) 3. If errors, correct settings and retry.\ ![](https://718462512-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FrF70A0mjyczIwzn72g6Y%2Fuploads%2FkczMwi5QvcCf7Uq1R4Bg%2Ftest-failed.png?alt=media\&token=fb144707-60d8-485f-a15b-37bc9ea10c47) > ### 🏁 Sedai will start collecting the data from the specified S3 and the API and after a few hours you should be able to see the data in the Cost Observability dashboard in Sedai console. ## 3. Quick Resource Guide ### 3.1 Create IAM Role #### 3.1.1 Create via CloudFormation 1. After clicking **"No, Create a new IAM Role"** during the Billing Account Integration **Step 3 (Policy)** * Click Next → **Then** **Launch CloudFormation**\ ![](https://718462512-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FrF70A0mjyczIwzn72g6Y%2Fuploads%2FU2DQqgLi2W8hnCQtSHBM%2Fnew-iam-launch-cloudformation.png?alt=media\&token=566595e2-1966-49da-b0e3-6041df661401) 💡In AWS, create the stack by giving relevant details. After creating the stack CloudFormation will automatically create the specified resources and give the role ARN as the output, in the output tab. 2. After completion, copy and paste the **Role ARN** back into Sedai.\ ![](https://718462512-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FrF70A0mjyczIwzn72g6Y%2Fuploads%2FUYzpRLmCLJ3D7qEv9ohj%2Fenter-iam-role-arn.png?alt=media\&token=5bf70b34-870b-4f85-9eb3-2d8cf6639ee7) #### 3.1.2 Create Manually 1. Open AWS console and goto [IAM Dashboard](https://us-east-1.console.aws.amazon.com/iam/home?region=us-east-1#/home) 2. Go to [Roles](https://us-east-1.console.aws.amazon.com/iam/home?region=us-east-1#/roles) in the left sidebar 3. Click on [Create role](https://us-east-1.console.aws.amazon.com/iam/home?region=us-east-1#/roles/create)

4. Select Trusted entity type as `AWS account` 5. In the section below choose `Another AWS account` 6. Enter Sedai’s AWS Account ID: `504216784688` > **Optional:** If you want to add an external id, check Require external ID checkbox. Generate a random password and paste it there 7. Click Next, you will be directed to policy selection page 8. If you’ve already created the policy, add the policy to this role 9. Click Next, you will be directed to review and create page 10. Give a name to the role 11. Click Create role *** ### 3.2 Finding an existing report in AWS console 1. Go to [Data exports](https://us-east-1.console.aws.amazon.com/costmanagement/home?region=us-east-1#/bcm-data-exports) in AWS Console 2. Find a report type as per your selection in Step 1: * For Legacy export: Export type will be **Legacy CUR export** * For Focus export: Export type will be **Standard data export** with data table as **FOCUS 1.0 with AWS columns** 3. Open the export and there you can see the S3 bucket in which the data will be dumped *** ### 3.3 How to find the report path prefix? If you’ve created a new bucket the bucket path prefix should be visible in the [Data export](https://us-east-1.console.aws.amazon.com/costmanagement/home?region=us-east-1#/bcm-data-exports) under Delivery and storage option, or while creating the data export you will specify the export prefix.

> ### If you have an existing bucket the path prefix should be pointing to this directory, in this example the prefix is, costandusage/resource *** ### 3.4 Attaching policy to Role ARN 1. Open AWS console and goto [IAM Dashboard](https://us-east-1.console.aws.amazon.com/iam/home?region=us-east-1#/home) 2. Goto [Roles](https://us-east-1.console.aws.amazon.com/iam/home?region=us-east-1#/roles) in the left sidebar 3. Find and open the role that you want to attach the policy 4. Click on Add permissions drop down and select Attach policies 5. Select the policy that was created in the above section and click on Add permissions *** ### 3.5 Backfill Request Template ``` Subject: [Your Org] – Historical CUR Data Backfill Request Hello AWS Support Team, Our organization requires historical data backfill for Legacy CUR export: - Export Name: [Sedai Legacy CUR Export name] - S3 Bucket: [Bucket name] - Date Range: [Start date] to [End date] Please backfill this data as CSV files in the specified bucket and notify us when complete. Thank you, [Your Name] [Your Org] ```