AWS Troubleshooting

The Billing section is empty when I generate an AWS Document.

  • Billing is based on Cost Explorer so you need to make sure Cost Explorer is activated
  • Once you ensure that Cost Explorer is activated, you need to ensure the user you are using to log in has access to Cost Explorer. Typically, if you use the Read-only role, it does not have access to Cost Explorer. If you want to only add Cost Explorer permissions, you can create a policy as follows and add it to the Read-only user:
{
	"Version": "2012-10-17",
	"Statement": [
		{
			"Effect": "Allow",
			"Action": [
				"ce:*"
			],
			"Resource": [
				"*"
			]
		}
	]
}

How can I improve the generated Diagrams?

I have created an IAM user with read-only access and it cannot access the S3 bucket where I want to drop the document.

  • You need to create the following policy and add it to your IAM User
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::YOURS3Bucket"
            ]
        }
    ]
}
  • From the Storage Account, click on Permissions and then Bucket Policy. Ensure you have the following statement (replace the IAM User Arn and Resource)
{
    "Version": "2008-10-17",
    "Id": "Policy1335892530063",
    "Statement": [
        {
            "Sid": "Stmt1335892526597",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::xxxx:user/xxxxxxx"
            },
            "Action": "s3:PutObject",
            "Resource": "arn:aws:s3:::yourS3Bucket/*"
        }
    ]
}

I want to extract the warnings from AWS Trusted Advisor. What rights are required ?

  • Ensure that the user you have created has the following policy attached:
{
	"Version": "2012-10-17",
	"Statement": [
		{
			"Sid": "VisualEditor0",
			"Effect": "Allow",
			"Action": [
				"support:DescribeTrustedAdvisorCheckResult",
				"support:DescribeTrustedAdvisorChecks"
			],
			"Resource": "*"
		}
	]
}