1. Home
  2. Setup
  3. Manually Configure your AWS Account for PyraCloud

Manually Configure your AWS Account for PyraCloud

Important: Follow the steps in this article only if instructed to do so by a SoftwareONE employee. Following these steps without assistance from SoftwareONE will not result in your AWS account being fully integrated with PyraCloud.

Before You Start

The following information is required before you start. Make a note of these values so they can be sent to your SoftwareONE representative for integration with PyraCloud.

The information you need to send to SoftwareONE is listed at the end of the article. Please review this list before starting the process.

Create a random external ID

First, you must create an external id. For PyraCloud, this external id is in the format, “pyracloud:aws:extid:{16 random alphanumeric characters}“. An example of this is “pyracloud:aws:extid:13kcy2czfja01dfx”.

You should generate the random string yourself, or use a random string generator like the one at https://www.random.org/strings/. The following options are suitable:

Figure 1: Select these options at random.org

Make a note of your external ID.

Execute the PyraCloud CloudFormation Script

Sign in to the AWS Console

Navigate to https://aws.amazon.com/console/ and sign in to the AWS Console as a user with permission to modify IAM resources and execute CloudFormation scripts.

Figure 2: Log in to the AWS Console

In the AWS console, click the Services menu item to open the list of services. Under the Management & Governance group click the CloudFormation item.

This image has an empty alt attribute; its file name is image-1-1024x521.png
Figure 3: Click Services, then CloudFormation

At the top-right of the CloudFormation Screen, select the region you wish to execute the CloudFormation script in.

Figure 4: Select the region

Create the Stack

Click the Create Stack button.

Complete the Create Stack page as follows:

  1. In the Prerequisite – Prepare template section, under the Prepare template heading, select Template is ready.
  2. In the Specify template section, under the Template source heading, select Amazon S3 URL.
  3. In the Specify template section, under the Amazon S3 URL heading, enter the folowing URL: https://iepapp0168sda.s3-eu-west-1.amazonaws.com/pyracloud_onboarding.json

Click Next.

Note: Click the link above to examine in detail exactly what actions the CloudFormation script will take.

Figure 5: Create stack page

Complete the Specify stack details page as follows:

  1. In the Stack name section, under the Stack name heading, enter the name of the stack. The recommended stack name is “PyraCloud-Onboarding” (without quotes). If you do not use this recommended name, make a note of the name you use and include with the other information listed above to give to SoftwareONE.
  2. In the Parameters section, under the ExternalId heading, enter the external id you generated above.
  3. In the Parameters section, under the PyraCloudProcessId heading, enter the empty guid value, “00000000-0000-0000-0000-000000000000” (without quotes).
  4. In the Parameters section, under the PyraCloudTenantId heading, enter the empty guid value, “00000000-0000-0000-0000-000000000000” (without quotes).

Click Next.

Figure 6: Specify stack details page

On the Configure stack options page, no additional settings are required.

Click Next.

Figure 7: Configure stack options page

On the Review PyraCloud-Onboarding page, review all the settings associated with the stack. If you are satisfied with the settings and wish to continue, check the box I acknowledge that AWS CloudFormation might create IAM resources with custom names.

Click Create stack.

Wait for the stack to complete

After you click Create stack, the following page will be displayed. To refresh the progress of the stack, click the circular arrow refresh icon at the top right.

Figure 8: The stack is being created

Wait for the status to be CREATE_COMPLETE.

Figure 9: CREATE_COMPLETE

Configure Cost & Usage Reports

Important: When AWS Organizations is enabled, the following steps are only required in the master account. There is no need to perform these steps in a linked account.

If you do not have AWS Organizations enabled, then you should perform the following steps.

Create an S3 Bucket

In the AWS console, click the Services menu item to open the list of services. Under the Storage group click the S3 item.

Click Create bucket.

Figure 10: Click S3

Complete the Name and region page as follows:

  1. In the Name and region section, under the Bucket name heading, enter a unique name for the bucket. The recommended value for this is “pyracloud.{account number}”. For example, “pyracloud.123456789012”. Make a note of this name to share with SoftwareONE.
  2. In the Name and region section, under the Region heading, select the region to create the bucket in. Make a note of this region to share with SoftwareONE.

Click Next.

Figure 11: S3 Bucket, name and region

On the Configure options page, leave the values as default.

Click Next.

Figure 12: S3 Bucket, configure options

On the Set permissions page, leave the values as default.

Click Next.

Figure 13: S3 Bucket, set permissions

On the Review page, review the new bucket settings.

Click Create bucket.

Figure 14: S3 Bucket, review

Create Cost & Usage Report

In the AWS console, click the account menu item at the top right.

Click My Billing Dashboard.

Figure 15: My Billing Dashboard

In the left navigation menu, click Cost & Usage Reports.

Click Create report.

Figure 16: Cost & Usage Reports, Create report

Complete the Report content page as follows:

  1. Under the Report name – required heading, enter a name for the report. The recommended value for this is “PyraCloudCostAndUsage”. Make a note of this name to share with SoftwareONE.
  2. Under the Additional report details heading, check the Include resource IDs checkbox.
  3. Under the Data refresh settings heading, check the Automatically refresh your Cost & Usage Report when charges are detected for previous months with closed bills checkbox.

Click Next.

Figure 17: Cost & Usage Reports, Report content

Complete the Delivery options page as follows:

  1. Under the S3 bucket – required heading, click Configure.
    1. On Step 1 of 2: Configure S3 Bucket, on the left side, Select existing bucket created above from the drop-down. Click Next.
    2. On Step 2 of 2: Verify policy, check the I have confirmed that this policy is correct checkbox. Click Save.
  2. Under the
  3. Under the Time granularity heading, select Daily.
  4. Under the Report versioning heading, select Create new report version.
  5. Under the Enable report data integration for heading, deselect all options.
  6. Under the Compression type heading, select GZIP.

Click Next.

Figure 18: Cost & Usage Reports, Delivery options

On the Review page, review the Cost & Usage Report settings.

Click Review and Complete.

Figure 18: Cost & Usage Reports, Review

The report is created.

Figure 19: Cost & Usage Reports, report created

Grant PyraCloud Access to the S3 Bucket

Create a Policy

In the AWS console, click the Services menu item to open the list of services. Under the Security, Identity, & Compliance group click the IAM item.

Figure 20: Navigate to IAM

Click Policies in the left hand navigation menu.

Figure 21: IAM, policies

Click Create policy then click the JSON tab.

Figure 21: IAM, new policy

Paste the following JSON policy into the window. Be sure to replace the bucketname values with the real name of your bucket (e.g. “pyracloud.123456789012” in the examples above). Replace any existing text already in the JSON window.

Click Review policy.

{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowPyraCloudToAccessBillingBucket",
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::bucketname",
"arn:aws:s3:::bucketname/*"
]
},
{
"Sid": "AllowPyraCloudToListAllBuckets",
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets",
"s3:HeadBucket"
],
"Resource": "*"
}
]
}
Figure 22: IAM, paste the policy with correct bucket name

Complete the Review policy page as follows:

  1. Under the Name heading, enter a name for the policy. The recommended value is “PyraCloudAllowBillingBucketAccess”.
  2. Under the Description field, enter a description. This can be left blank.

Click Create policy.

Figure 23: IAM, name and description

Assign the Policy to the PyraCloud Role

Click Roles in the left hand navigation menu.

Figure 24: IAM, roles

Click the PyraCloudRole role in the list on the right.

Figure 25: IAM, PyraCloudRole

Click Attach policies.

Figure 26: IAM, Attach policies

Search for the policy created above and check the box next to it.

Click Attach policy.

Figure 27: IAM, Attach policy

The policy is attached.

Figure 28: IAM, policy attached

Contact SoftwareONE with Details

At this point, your AWS account is ready to be integrated with PyraCloud. SoftwareONE will need to perform some steps internally to complete this. In order to do this, you will need to provide the following details to SoftwareONE:

DetailExample Value
AWS Account Number123456789012
AWS Organizations Enabled?Yes
AWS Organizations Master Account?Yes
CloudFormation Stack NamePyraCloud-Onboarding
CloudFormation RegionIreland (eu-west-1)
External IDpyracloud:aws:extid:13kcy2czfja01dfx
Bucket Namepyracloud.123456789012
Bucket RegionIreland (eu-west-1)
Report NamePyraCloudCostAndUsage
Report Path PrefixPyraCloudCostAndUsage

Enable your Enterprise Discount Program (EDP) commitment amounts in PyraCloud

If you are taking advantage of AWS’ EDP you can view your commitment amounts in PyraCloud. PyraCloud will show you how you are spending against your commitment, so that you can track and plan for upcoming spend. Please reach out to our support team to get setup today.

Figure 29 – Enabling EDP in PyraCloud
Updated on February 26, 2020

Was this article helpful?

Related Articles