Question-5: You are working as a solution architect in an Investment bank. You are working with the accounting department. The bill generated by the AWS is consolidated and accounting team is not able to charge respective department because there is clear segregation department wise charges. You have been asked that next time bills are generated there should be clear segregations for each department like much each one using the AWS resources. How would you solve this problem?
- You will be creating multiple roles each designated for a department of your company in IAM, and all the users from respective department, will be assigned added in department specific role. And change the billing configuration to be generated for individual role.
- You will be creating a different root account for each department and all existing AWS resources will be given permission for new root accounts which are created for each individual department. In master root account you will be configuring these accounts, so that consolidated as well as for individual account bills will be generated.
- You will be using tags for each individual AWS resources, for each department you will be having a dedicated tag, which you will assign to AWS resource.
- You will be creating different VPC (Virtual Private Network) for each individual department and move existing AWS resources in new VPC. Change the configuration of billing to generate bills based on VPC.
Detailed Explanation: You can use tag to categorize and track your AWS costs. You can apply tags that represent business categories e.g. departments, cost centers, application name, owners etc. and based on that cost can be organized across multiple AWS services. When you add tags to AWS resources, AWS resources generates cost allocation report which is aggregated based on tags. Hence, for each individual AWS resource you can check the price based on tags as well.