It is a AWS Lambda function that filters and copies the entries that belong to a specific Usage Account ID.
Tim can get the correct data for any specific Account ID (e.g.: a sub account) from the Cost Report by taking the following steps:
When the Cost Report is placed into a Billing S3 bucket, an S3 event is triggered.
This event triggers an AWS Lambda function that will run on your account to filter the Cost Report and place it into another S3 bucket that Tim can access.
Tim will only have access to the S3 bucket with the filtered information and can never see the full Cost Report with this configuration. You will always have explicit control over the code of the function and can fully audit it and can adjust to your liking what is filtered and what isn’t.
The Taloflow Cost Report Filter function currently has some minor limitations:
- You cannot filter on the Payer Account ID. Why? Because of the logic's function, which filters the lines containing the given Account ID, every line also contains the Payer ID, so the resulting Cost Report file would also have those lines.
- You only filter by one Account ID. At this time, it is not possible to filter multiple accounts using this function.
To begin the deployment of the AWS Lambda Cost Report filter, click here to download the package. The video below also walks through the steps to getting it set up if you're ever lost.
- AWS CLI
- AWS SAM CLI
Deploy to project using AWS SAM.
- Update the following variables in template.yml.
||ID of usage account|
- Run the following command.
make package deploy
A new function should be added, we will need to add a trigger to listen to s3 events.
- Login to AWS Console
- Search and select Lambda
- Under Designer > Add Trigger, scroll down and click S3.
- Under Configure triggers, select the following:
Addto add trigger.
Saveat the top right to confirm the settings.