- Overview
- Architecture of Foundational Dashboards
- Cost
- Prerequisites
- Regions
- Deployment Steps
- Cleanup
- FAQ
- Changelogs
- Feedback
- Security
- License
- Notices
The Cloud Intelligence Dashboards is an open-source framework, lovingly cultivated and maintained by a group of customer-obsessed AWSers, that gives customers the power to get high-level and granular insight into their cost and usage data. Supported by the Well-Architected framework, the dashboards can be deployed by any customer using a CloudFormation template or a command-line tool in their environment in under 30 minutes. These dashboards help you to drive financial accountability, optimize cost, track usage goals, implement best-practices for governance, and achieve operational excellence across all your organization.
Cloud Intelligence Dashboards Framework provides AWS customers with more then 20 Dashboards.
- Foundational Dashboards - A set of main Dashboards that only require Cost and Usage Report(CUR)
- Advanced Dashboards - Require CID Data Collection and CUR
- Additional Dashboards - Require various custom datasources or created for very specific use cases.
We recommend starting with deployment of Foundational Dashboards. Then deploy Data Collection and Advanced Dashboards. Check for Additional Dashboards.
- AWS Data Exports delivers daily the Cost & Usage Report (CUR2) to an Amazon S3 Bucket in the Management Account.
- Amazon S3 replication rule copies Export data to a dedicated Data Collection Account S3 bucket automatically.
- Amazon Athena allows querying data directly from the S3 bucket using an AWS Glue table schema definition.
- Amazon QuickSight creates datasets from Amazon Athena, refreshes daily and caches in SPICE(Super-fast, Parallel, In-memory Calculation Engine) for Amazon QuickSight
- User Teams (Executives, FinOps, Engineers) can access Cloud Intelligence Dashboards in Amazon QuickSight. Access is secured through AWS IAM, IIC (AWS IAM Identity Center, formerly SSO), and optional Row Level Security.
The following table provides a sample cost breakdown for deploying of Foundational Dashboards with the default parameters in the US East (N. Virginia) Region for one month.
| AWS Service | Dimensions | Cost [USD] |
|---|---|---|
| S3 (CUR Storage) | Monthly storage | $5-10/month* |
| AWS Glue Crawler | Daily scans | $3/month* |
| AWS Athena | Daily scans | $15/month* |
| QuickSight Enterprise (Authors) | 3 authors ($24/month/author) | $72/month** |
| QuickSight Enterprise (Readers) | 15 readers ($3/month/reader) | $45/month** |
| QuickSight SPICE Capacity | 100 GB | $10-20/month* |
| Total Estimated Monthly Cost | $100-$200 |
* Costs are relative to the size of your Cost and Usage Report (CUR) data
** Costs are relative to number of Users
Additional Notes:
- Free trial available for 30 days for 4 QuickSight users
- Actual costs may vary based on specific usage and data volume
Pleas use AWS Pricing Calculator for precise estimation.
You need access to AWS Accounts. We recommend deployment of the Dashboards in a dedicated Data Collection Account, other than your Management (Payer) Account. We provide provides a CloudFormation templates to copy CUR 2.0 data from your Management Account to a dedicated one. You can use it to aggregate data from multiple Management (Payer) Accounts or multiple Linked Accounts.
If you do not have access to the Management/Payer Account, you can still collect the data across multiple Linked accounts using the same approach.
The ownership of CID is usually with the FinOps team, who do not have administrative access. However, they require specific privileges to install and operate CID dashboards. To assist the Admin team in granting the necessary privileges to the CID owners, a CFN template is provided. This template, located at CFN template, takes an IAM role name as a parameter and adds the required policies to the role.
Make sure you are installing data collection in the same region where you are going to use the data to avoid cross region charges. CFN deployment is only available in a limited number of regions, while CLI deployment is region agnostic.
| Region Name | Region Code | Support CLI | Support CFN |
|---|---|---|---|
| Africa (Cape Town) | af-south-1 | ✔️ | |
| Asia Pacific (Tokyo) | ap-northeast-1 | ✔️ | ✔️ |
| Asia Pacific (Seoul) | ap-northeast-2 | ✔️ | ✔️ |
| Asia Pacific (Mumbai) | ap-south-1 | ✔️ | ✔️ |
| Asia Pacific (Singapore) | ap-southeast-1 | ✔️ | ✔️ |
| Asia Pacific (Sydney) | ap-southeast-2 | ✔️ | ✔️ |
| Asia Pacific (Jakarta) | ap-southeast-3 | ✔️ | |
| Canada (Central) | ca-central-1 | ✔️ | ✔️ |
| China (Beijing) | cn-north-1 | ✔️ | |
| Europe (Frankfurt) | eu-central-1 | ✔️ | ✔️ |
| Europe (Zurich) | eu-central-2 | ✔️ | |
| Europe (Stockholm) | eu-north-1 | ✔️ | ✔️ |
| Europe (Milan) | eu-south-1 | ✔️ | |
| Europe (Spain) | eu-south-2 | ✔️ | |
| Europe (Ireland) | eu-west-1 | ✔️ | ✔️ |
| Europe (London) | eu-west-2 | ✔️ | ✔️ |
| Europe (Paris) | eu-west-3 | ✔️ | ✔️ |
| South America (São Paulo) | sa-east-1 | ✔️ | ✔️ |
| US East (N. Virginia) | us-east-1 | ✔️ | ✔️ |
| US East (Ohio) | us-east-2 | ✔️ | ✔️ |
| AWS GovCloud (US-East) | us-gov-east-1 | ✔️ | |
| AWS GovCloud (US-West) | us-gov-west-1 | ✔️ | |
| US West (Oregon) | us-west-2 | ✔️ | ✔️ |
There are several ways we can deploy dashboards:
- Using cid-cmd tool from command line
- CloudFormation Template using cid-cmd tool in Amazon Lambda. (Recommended)
Please refer to the deployment documentation here.
Please refer to the documentation here.
Please refer to the documentation here.
For dashboards please check Change Logs here For CID deployment tool, including Cli and CFN please check Releases
Please reference to this page
When you build systems on AWS infrastructure, security responsibilities are shared between you and AWS. This shared responsibility model reduces your operational burden because AWS operates, manages, and controls the components including the host operating system, the virtualization layer, and the physical security of the facilities in which the services operate. For more information about AWS security, visit AWS Cloud Security.
See CONTRIBUTING for more information.
This library is licensed under the MIT-0 License. See the LICENSE file.
Dashboards and their content: (a) are for informational purposes only, (b) represents current AWS product offerings and practices, which are subject to change without notice, and (c) does not create any commitments or assurances from AWS and its affiliates, suppliers or licensors. AWS content, products or services are provided “as is” without warranties, representations, or conditions of any kind, whether express or implied. The responsibilities and liabilities of AWS to its customers are controlled by AWS agreements, and this document is not part of, nor does it modify, any agreement between AWS and its customers.
