Welcome to Tim's documentation

Tim, the Taloflow Infrastructure Manager, reveals the cost of every AWS cloud resource in real-time. This helps you make better decisions relating to budgeting, cost mitigation, and optimization on the AWS cloud.

Get Started    

Connect Tim to AWS (Basic Setup)

Learn how to connect Tim to your AWS account. Tim connects to your AWS account through IAM Roles. You'll also need to turn on hourly AWS Expense Reports and forward CloudWatch events to Tim.

Granted Permissions

Taloflow's AWS account will talk to your account through IAM Roles that limit what Tim has access to. Here are some things you should know about the Roles we require:

  • Tim does not become a User within your AWS account.
  • The Role is not authorized to add or modify any code.
  • Tim's event listener is registered to yours so we can listen to specific events.
  • The Role itself is an identity that has the required permissions.
  • The Role is not authorized to read data or even the log files.
  • The Role is not authorized to perform actions.
  • The Cost Report Tim has access can be limited to a sub account's information by following these additional steps.


You need an AWS Account, but if you happen to lack access to AWS Billing, please ask your AWS administrator to do this for you or ask them to change the permissions for your account before moving on:

1. Log into the IAM Console (https://console.aws.amazon.com/iam/home)
2. Go to **Users** in the left navigation panel,
3. Click on the individual's account
4. In the next screen, select the tab **Attach existing policies directly**
5. Search or filter for **Billing** permissions
6. Select and apply it to the individual's account


Step 1: Create a new AWS Cost and Usage Report

  • Sign in to the AWS Management Console and open the Billing and Cost Management console.
  • In the navigation pane to the left, choose Cost & Usage Reports under Cost Management in the left panel, and click Create report.
  • Give your Cost Report a name. For example, general-cost-report.

Please note down the Name of the Cost Report

  • Make sure that both Include resource IDs and Data refresh settings are checked, and click Next
Create report content

Create report content

  • Under Delivery options, press Configure and create a new bucket and give it whatever name you like.

Please note down the Name AND the Region of the S3 Bucket

  • If you get a prompt to add a Default Bucket Policy, accept it.

Please ensure you create a top level bucket

Please ensure that you create a new top level bucket for your Cost Reports and that you don't nest a Cost Reports Folder inside another existing folder in your S3 Bucket.

  • Create a Report Path Prefix, for example main.

Please note down the Report Path Prefix

  • Please ensure that you've selected Hourly, GZIP and Create New Report Version in the options, then click Next, then click Review and Complete.
Delivery options page

Delivery options page

Step 2: Delete the S3 Bucket Policy

  • Go to the S3 Console.
  • Click on the bucket with the Cost Report. (the one you created in Step 1)
  • Click Permissions, and then Bucket Policy, and click Delete Policy.

Recommended: Assign a Lifecycle Policy of 5 days to your S3 Bucket

By default, Taloflow stores your past reports so that less recent reports (more than 5 days old) do not increase your bill for S3.

Read more

Step 3: Run CloudFormation Template

  • Click on this link to run the CloudFormation Template on your account
  • In the console, keep both pre-selected options as Template is ready, and Amazon S3 URL, and leave the URL as is, then click Next
  • Recall the names of the S3 Bucket with the Cost Report, the AWS Region where the S3 Bucket is located, and the Report Name and Report Prefix for the Cost Report you just created.
  • For the External ID Field, you can use pretty much any External ID, (e.g.: tim-ext-id).

Special Characters for External ID

The External ID cannot have the following characters: $, #

  • Click Next
  • On the following page scroll down and click Next again
  • On the following page scroll down, acknowledge that this template might create IAM resources by checking the box, then click Create Stack.
  • In the next page, you will have to wait 2-3 minutes for the stack to get created. You can click the refresh icon in the Console.
  • When all is green, you are ready to go save for one more optional step.

Step 4: Forward CloudWatch Events (Optional)

By default, the CloudFormation Script forwards Events to Tim for only the US-East-1 AWS Region. Forwarding CloudWatch Events for the other regions you use will produce a better Running Cost. If this is important to you, please repeat the steps below for each CloudWatch region you are in beyond US-East-1.

The information forwarded are the EC2 events, including instance IDs and whether the instances are on or off.

  • Go to the CloudWatch Console
  • Click on Rules under Events in the left navigation pane and then click Create rule
  • Under Event Source, make sure that Event Pattern is the selected option.
  • Click Edit in the Event Pattern Preview text area and copy and paste the following snippet into the pop up text area and click Save.
 "source": [
  • To the right of the screen, click Add target
  • In the drop-down selector, scroll down and select Event bus in another AWS account
  • In the Account ID field, add Tim's AWS account ID: 845897643164
  • Just below, please select Use existing role
  • Under Use existing role search and select the taloflowInvokeEventBusRole.
  • Scroll down and click Configure details to move onto the next page.
  • Please give the Rule the name taloflowInvokeEventBusRule and click Create rule
Create Event Bus Rule

Create Event Bus Rule

Connect Tim to AWS (Basic Setup)

Learn how to connect Tim to your AWS account. Tim connects to your AWS account through IAM Roles. You'll also need to turn on hourly AWS Expense Reports and forward CloudWatch events to Tim.

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.