CloudFix allows you to connect multiple AWS accounts so that you can review all your recommendations from a single dashboard. If there are no AWS accounts connected, CloudFix will ask you to connect an AWS account as soon as you login. If you already have one ore more AWS accounts, you can connect even more AWS accounts by going to AWS Account -> Add new AWS Account.
Cloud Formation is used to configure your account with the appropriate permissions so that CloudFix can both identify and execute fixes.
Read permissions are used to monitor resource usage and identify cost optimizations. Recommended fixes can be applied using the CloudFix dashboard. Fixes are run in an automated fashion by CloudFix using permissions to create snapshot backups and modify EBS volumes in a safe manner with no downtime.
To connect your account with CloudFix and establish the necessary permissions, click the Run Template button.
This will open a Cloud Formation page in the AWS console with all of the necessary information populated. The Quick Create Stack interface lists the CloudFix template that will be used and a default template name. Scroll to the bottom of the page and click Create Stack to connect your account.
Resources Created by the Cloud Formation Stack
The CloudFix Cloud Formation stack creates two IAM roles in your account that are assumed by CloudFix. These roles are used to find recommendations and apply fixes.
- The Finder role is used to monitor resource usage and identify cost-savings opportunities. This includes permissions to APIs such as ec2:DescribeVolumes, config:DeliverConfigSnapshot, and cloudwatch:GetMetricData.
- The Fixer role is used to safely automate and orchestrate cost optimization changes. This includes permissions such as ec2:ModifyVolume, ec2:ModifyInstanceAttribute, and dlm:CreateLifecyclePolicy.
If you’d like to explore what’s in the CloudFormation template, please check the JSON file here. Note that both roles include permissions that will be used in forthcoming releases which include additional cost savings optimizations.