As a part of the free nOps platform, we analyze your Cost and Usage Report (CUR) and provide you with Auto Scaling recommendations that you can automate.

In order to extract the full potential of the nOps Auto Scaling recommendations, you need permissions for two nOps features:

  • ShareSave Auto Scaling Recommendations: To get the scheduling recommendations.

  • Scheduler (One Time Configuration - Dynamic Configuration): To automate the scheduling of resources based on the ShareSave Auto Scaling recommendations.

Note: To enable Scheduler recommendations for any child account, it is necessary to get the account fully configured. I.e to enable the ReadOnly policy access at the child account level.

Access CUR Data to Analyze Utilization

The permissions required at the payer and Child account for basic ShareSave Auto Scaling analysis are:

{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"ce:GetCostAndUsage",
],
"Effect": "Allow",
"Resource": "*"
}
]
}

Scheduler Permissions: Lambda and Eventbridge

nOps requires AWS-managed AWSLambdaBasicExecutionRole permissions along with the following permission for Scheduler Lambda Function to automatically create schedules with the help of EventBridge:

These permissions are required on the child account or master account where the resources to be scheduled reside.

{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": [
"autoscaling:UpdateAutoScalingGroup"
"ec2:StartInstances",
"ec2:StopInstances",
"events:PutEvents",
"rds:StopDBInstance",
"rds:StartDBInstance",
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject",
"s3:GetObjectTagging",
"sts:AssumeRole",
"lambda:InvokeFunction",
"logs:PutLogEvents",
"logs:CreateLogGroup",
"logs:CreateLogStream",
],
"Resource": [
"*"
]
}]
}

To get the full CloudFormation YAML template, see nOps Scheduler Lambda Function.

Did this answer your question?