51 lines
2.1 KiB
Markdown
51 lines
2.1 KiB
Markdown
---
|
||
title: "Public Cloud Learning Sessions - Budget Control - 20240319"
|
||
type: source
|
||
tags:
|
||
- AWS
|
||
- Budget-Control
|
||
- FinOps
|
||
- Cloud-Monitoring
|
||
date: 2024-03-19
|
||
---
|
||
|
||
## Source File
|
||
- [[raw/Cloud & DevOps/Public-Cloud-Learning-Sessions/05_FinOps/public-cloud-learning-sessions-budget-control-20240319-160204-meeting-recording.md]]
|
||
|
||
## Summary
|
||
- 核心主题:AWS账户预算控制自动化,提供账户所有者详细的支出警报和成本分析报告,实现成本控制
|
||
- 问题域:AWS账户成本失控、无法识别成本驱动因素、缺乏 enforce 机制
|
||
- 方法/机制:AWS Budget Alerts + Lambda 处理 + Step Functions + SNS 触发 + SCP 限制
|
||
- 结论/价值:
|
||
|
||
- 警报类型:forecast、actual、severe、enforcement 四级
|
||
- 详细报告:top services、top users、资源级别的成本明细
|
||
- 执行机制:8小时评估间隔,100%阈值触发SCP阻止新资源创建
|
||
|
||
## Key Claims
|
||
- 预算控制自动化解决 AWS 账户蔓延和成本削减不可持续的问题
|
||
- 源身份追踪确保跨角色切换时 CloudTrail 仍能追踪原始登录身份
|
||
- 评分系统考虑账户规模和月末时间,避免惩罚月末轻微超支的账户
|
||
|
||
## Key Quotes
|
||
> "The budget control automation aims to address uncontrolled AWS account sprawl and unsustainable cost reduction efforts."
|
||
|
||
> "This is the first time that we were able to get to this level of granularity."
|
||
|
||
## Key Concepts
|
||
- [[Budget Control]]:AWS账户预算控制自动化系统
|
||
- [[AWS Budget Alerts]]:AWS预算警报服务,四级警报类型
|
||
- [[SCP]]:Service Control Policy,组织策略用于限制AWS服务使用
|
||
- [[Source Identity]]:源身份追踪,记录跨角色切换前的原始登录身份
|
||
|
||
## Key Entities
|
||
- [[SRE Core Team]]:预算控制自动化开发团队(Daniela、Evan、Alan)
|
||
- [[FinOps]]:云财务运营团队,负责预算审批和成本管理
|
||
|
||
## Connections
|
||
- [[AWS]] ← uses ← [[Budget Alerts]]
|
||
- [[SRE Core Team]] ← develops ← [[Budget Control]]
|
||
- [[FinOps]] ← approves ← [[Budget Enforcement Actions]]
|
||
|
||
## Contradictions
|
||
- 无冲突记录 |