AWS Account Settings

This section provides instructions on creating a Paying Account, Creating and Configuring S3 Bucket and ensuring that the usage data is appropriately obtained.
Note: You should have valid permissions or attach AmazonS3ReadOnlyAccess policy in AWS Console to obtain the Usage Data.

Creation and Configuration of S3 Bucket

AWS provides two types of accounts: Paying & Linked. The Paying account details are the one that you must use.

S3 Bucket is used for storing the usage file created by AWS. This file is updated with the usage data on a daily basis automatically by AWS. Follow the below steps to create a new S3 Bucket. If you already created a S3 Bucket, click here to follow the steps.

  1. Launch AWS Console and click Sign In to the Console.
  2. Login to AWS Console using your Paying Account credentials.

  3. Navigate to Services > Storage > S3 page on the AWS console.
  4. ClickCreate Bucket.

    • If you already created a Bucket, then the screen would look as shown below:
  5. Provide the bucket name and the region under which the bucket should be created and click Next.
    • If the bucket name already exists, then you will have to provide a different & unique name. Please note that the bucket name has to be unique across all accounts. Click Next.

    • Set properties tab would let you enable Versioning, server access logging, Tags, object-lelvel logging and default encryption.

    • Set Permissions would give you control to manage users, Access for other AWS account, Manage Public Permissions and Manage system permissions.

    • Review and click Create Bucket.

  6. Once a valid bucket name is provided, the newly created bucket will be listed.
    • Click on the newly created bucket.
  7. Click Permissions, and then Add Bucket Policy.
  8. Replace <Bucket Name> with the Bucket Name that you have created and add the following text in the pop-up box. In the below script the bucket name demopmjc which was now created has been input in 3 places within the script.
    {
 "Version": "2008-10-17",
 "Id": "Policy1335892530063",
 "Statement": [
 { 
 "Sid": "Stmt1335892150622",
 "Effect": "Allow",
 "Principal": {
 "AWS": "arn:aws:iam::386209384616:root"
 },
 "Action": [
 "s3:GetBucketAcl",
 "s3:GetBucketPolicy"
 ],
 "Resource": "arn:aws:s3:::demopmjc"
 },
 {
 "Sid": "Stmt1335892526596",
 "Effect": "Allow",
 "Principal": {
 "AWS": "arn:aws:iam::386209384616:root"
 },
 "Action": "s3:PutObject",
 "Resource": "arn:aws:s3:::demopmjc/*"
 },
 {
 "Sid": "Stmt1353408075866",
 "Effect": "Allow",
 "Principal": {
 "AWS": "arn:aws:iam::386209384616:root"
 },
 "Action": "s3:GetObject",
 "Resource": "arn:aws:s3:::demopmjc/*"
 }
 ]
}
    • Once you enter the the bucket in the script, click Save.
  9. Select My Billing Dashboard from the Paying Account drop-down list.
    • The sytem will re-directs you to the Dashboardpage.
    • Once you land in this page click Preferences which is listed on the left side of the page.

  10. Provide the bucket name and click Verify button.
    • Select the relevant check-box which you require as shown below:
  11. Select My Billing Dashboard from the Paying Account drop-down list and navigate to Cost Allocation tags page.

    • (b) Provide a Key Value pair as "server_meta_key" and Name" and click Save.
    • Select the Tag Key check-box and click Activate.
  12. Go to EC2 console and click Launch Instance and follow the steps below:

    OR

    Using JSDN, launch an instance now. This would end up creating few tags that we need. Once the instance is launched through JSDN, then go ahead and terminate as well.

  13. Keep the defaults as is and click Next. Configure Instance Details.
  14. Keep the defaults as is and click Next. Add Storage.
  15. Keep the defaults as is and click Next. Add Tags.
  16. Input Key and Value eg : Key can be your client and value can be your client name and click Next. Configure Security group.
  17. ClickAdd Rule.

  18. Add HTTP and HTTPS in the add rule. This is required to access the JSDN portal after the instance is launched and click Review and Launch.

  19. You will be re-directed to launch the instance, use the scroll bar on your right to review all the details you have entered and then Click Launch.

  20. Once you click Launch you will be asked to select an existing key pair or create a new key pair, as you are doing it for the first time you would have to give a key pair name and download the key pair. This is required to log into the Red Hat linux os which you would have selected.

  21. The .pem file will get downloaded to you local machine only after this is complete you can launch the instance.

  22. Once you click Launch, you will land on the following page which would give you the launch status.

  23. Use the scroll bar on the right and drag down to click View Instances.
  24. Your can see the public IP address below which has appeared following the instance creation. This complete the launch of an instance and concludes the S3 Bucket Configuration.

Creation of Access Key and Secret Key

You need to perform the following steps at every account level (including Linked accounts) to get the Access keys and Secret keys.

Access keys consist of an access key ID and secret access key, which are used to sign programmatic requests that you make to AWS. If you don't have access keys, you can create them by using the AWS Management Console.
Note: Security credentials are account specific, so if you have access to multiple AWS accounts, you must use credentials that are associated with the account that you want to access.

To create access keys, perform the below steps:-

  1. Log into AWS Console as a paying account admin.
  2. Hover the mouse on the account name and click My Security Credentials option from the drop-down.

  3. On the security credentials page, click Access Keys (Access Key ID and Secret Access Key)’ and expand the field. You can create new security credentials by clicking on Create New Access Keytab.

  4. After clicking the Create New Access Key,a pop-up window is displayed requesting you to download the newly generated key pairs. Click Download Key File and save the security credentials. The downloaded key file will have both Access Key and Secret Key. These keys will be used to access a remote computer through a secure way.
    Note: If you do not write down the key or download the key file to your computer before you press "Close" or "Cancel" you will not be able to retrieve the secret key in future. Then you'll have to delete the keys which you created and start to create new keys.

Here's the downloaded file sample.

Report Creation

  1. Log in (as Paying Account) into AWS Console.
  2. Hover the mouse on the account name and click My Billing Dashboard option from the drop-down.

  3. Click Reports from the menu options.
  4. Click Create Report.
  5. Enter the details on the Create Report page and click Next.
    • Report name* - aws-cost-allocation
    • Time unit* - Select Daily radio button
    • Include - Select Resource IDs check box
  6. On the Select Delivery Options page, enter the values as mentioned below and click Next.
    • S3 Bucket* - <<enter_proper_s3_bucket_name>> Click Verify to validate.
    • Report path prefix - jamcracker

  7. Validate the details on the Delivery Options page, and then click Review and Compete.

    The newly created report is displayed.