Skip to main content

Onboarding Cloud Accounts

To get started with CloudYali, you need to connect your cloud accounts. Currently, CloudYali supports both Amazon Web Services (AWS) and Google Cloud Platform (GCP), making it easier for you to manage cloud costs across multiple providers. This guide will walk you through the onboarding process for both cloud providers.

Overview

Onboarding your cloud accounts with CloudYali allows you to:

  • Gain insights into your cloud spending across AWS and GCP.
  • Track costs, optimize resource usage, and get recommendations in a unified dashboard.
  • Set alerts to monitor spending and prevent budget overruns.

This guide will help you onboard both AWS and GCP accounts, ensuring you make the most out of CloudYali's features.

Onboarding AWS Accounts

To start managing your AWS cloud costs, you need to onboard your AWS account to CloudYali. Here's what the process involves:

Step 1: Create an IAM Role for CloudYali

  1. Log in to the AWS Management Console using an account with administrative permissions.
  2. Navigate to the IAM Console.
  3. Create a new IAM Role with the following configurations:
    • Role Type: Choose Another AWS Account.
    • Account ID: Enter CloudYali's AWS Account ID (provided during the onboarding process).
  4. Attach Policies:
    • Add the Read-OnlyAccess and CostExplorerFullAccess policies to provide CloudYali with the necessary permissions.

Step 2: Establish Trust Relationship

  • Edit the trust relationship of the IAM Role to grant CloudYali access.
  • Use the policy provided in our AWS Permissions Guide.

Step 3: Save Role ARN in CloudYali

  • Copy the IAM Role ARN and paste it into the AWS onboarding form within the CloudYali platform.

For more detailed instructions, refer to our Step-by-Step AWS Onboarding Guide.

Onboarding GCP Organizations

If you use Google Cloud Platform (GCP), onboarding your account to CloudYali provides valuable insights into your spending and helps you optimize your cloud usage.

Step 1: Set Up a Service Account

  1. Log in to the Google Cloud Console.
  2. Create a New Project if you don't have one specifically for cost management.
  3. Navigate to IAM & Admin > Service Accounts.
  4. Create a new Service Account and assign the following roles:
    • Viewer
    • Billing Account Viewer

Step 2: Enable APIs

  • Enable the following APIs for the project:
    • Cloud Billing API
    • Cloud Resource Manager API

For more detailed steps, refer to our Step-by-Step GCP Onboarding Guide.

Step 3: Generate a Key for the Service Account

  • Generate a JSON key for the service account and upload it securely to the CloudYali platform during the onboarding process.

Security and Permissions

At CloudYali, we prioritize security and follow best practices to ensure your data remains safe:

  • Minimal Permissions: We require only the permissions necessary to provide cost analysis and insights.
  • Data Encryption: All data exchanged between CloudYali and your cloud accounts is encrypted in transit and at rest.
  • Compliance: CloudYali adheres to industry standards like GDPR and SOC 2 to maintain data security and privacy.

Learn more about the required permissions in our Understanding Permissions and Security documentation.

Troubleshooting Onboarding Issues

AWS Onboarding Issues

  • Error: Missing Permissions
    Solution: Ensure that the IAM Role has both Read-OnlyAccess and CostExplorerFullAccess policies attached.

  • Error: Cost Explorer Not Enabled
    Solution: Enable AWS Cost Explorer in your AWS Console to allow CloudYali to access cost data.

GCP Onboarding Issues

  • Error: API Access Denied
    Solution: Make sure you’ve enabled the required APIs. Refer to the GCP Permissions Guide for detailed help.

  • Error: Service Account Key Not Working
    Solution: Verify that the JSON key has not expired or been deleted. You may need to regenerate the key.

Best Practices for Onboarding

  • Plan Permissions Ahead: Make sure you have admin or billing admin permissions in AWS or GCP.
  • Use Dedicated Accounts for CloudYali: For security reasons, consider creating dedicated roles or service accounts specifically for CloudYali integration.
  • Keep Service Accounts Secure: Regularly rotate keys and restrict access to the JSON keys for GCP.

Next Steps After Onboarding

Once your accounts are onboarded, you can:

  • Access the Unified Dashboard: View your cloud spend across AWS and GCP in one place. Check out our Dashboard Overview to get started.
  • Set Budget Alerts: Avoid surprises by setting spending alerts. Follow our Setting Up Budget Alerts guide.
  • Receive Cost Optimization Insights: Start receiving actionable recommendations for optimizing your cloud costs.

Frequently Asked Questions

How Long Does It Take to Onboard an Account?

  • The onboarding process typically takes 10-15 minutes depending on the permissions setup. Data will begin syncing once the onboarding is complete.

Can I Onboard Multiple AWS Accounts?

  • Yes! CloudYali supports multi-account setups. Follow the AWS Onboarding Guide for each account you need to onboard.

Need Help?

If you encounter any issues or need more assistance:

© 2024 CloudYali. All rights reserved.

This documentation is continuously updated. Check back often for the latest information.

Last updated on by Nishant Thorat