As cloud-first strategies become the norm, managed service providers (MSPs) are becoming a popular choice for businesses looking to outsource public cloud management.
That’s great for MSPs looking to generate new business. However, cloud management for multiple client accounts can be time-consuming and complex. Every public cloud provider offers specialized tooling to help with this challenge. The native tools for solving this problem on the AWS platform are:
- AWS Organizations: An account management service that enables central management of multiple AWS accounts.
- AWS Consolidated Billing: A feature in AWS Organizations that combines billing and payment for multiple accounts into one bill.
While these tools are useful for basic AWS cloud management use cases, they can fall short of meeting the complex needs of modern MSPs. With that in mind, this article will explore the benefits and limitations of AWS Organizations and AWS Consolidated Billing for MSPs, detail some options such as Volume Discounts, Reserved Instances, and Savings Plans, and how MSPs can use these tools streamline their operations, reduce costs, and provide better services to their clients. Additionally, we’ll explain when these native AWS tools might not be enough and how third-party tools can better address several modern MSP use cases.
Summary of key AWS consolidated billing organizations concepts
The table below summarizes the key AWS Consolidated Billing concepts we will explore in this article.
AWS Consolidated Billing Concept | Description |
---|---|
AWS Organizations | AWS Organizations allow MSPs to centrally manage multiple client AWS Accounts. |
AWS Consolidated Billing | AWS Consolidated Billing allows MSPs to combine multiple AWS Accounts in a single payment method. This allows for greater flexibility in cloud cost efficiency. |
AWS Volume Discounts | AWS Volume Discounts are discounts offered by AWS designed to help customers who use large volumes of AWS services via AWS Organizations. |
AWS Reserved Instances (RIs) | AWS RIs help MSPs reduce costs by committing to use a specific amount of computing capacity over a period of time. |
AWS Savings Plans | Savings Plans allow MSPs to reduce costs by offering lower prices to on-demand levels in exchange for a specific usage commitment. |
How to manage costs effectively with AWS Consolidated Billing and Organizations
MSPs using AWS Organizations with Consolidated Billing features have greater flexibility and can maintain infrastructure more affordably in the cloud. Consolidating billing for multiple accounts can help MSPs achieve better economies of scale and reduce costs for their clients.
The sections below will explore why and how to use AWS Organizations and Consolidated Billing. We will also review AWS features that complement AWS Organizations and AWS Consolidated Billing, such as Savings Plans (EC2, Compute, SageMaker), Reserved Instances (RIs), and Volume Discounts.
AWS Organizations
AWS Organizations is a feature that allows MSPs and centralized IT teams in large enterprises to centrally manage multiple AWS accounts. It simplifies account creation, management, multi-account policy creation, and provides a unified view of all accounts. This makes it easier for MSPs to manage client accounts and provides clients with greater visibility and control over their AWS resources.
Using AWS Organizations, MSPs can manage multiple client accounts securely by creating Organization Unit (OU) structures, applying policies to entire organizations or specific OUs, using Service Control Policies, and monitoring activity. The hierarchical structure provided by OUs helps build a hierarchy in AWS accounts that allows MSPs to manage resources effectively and ensure that policies are consistently applied. One OU can contain one or many AWS accounts and child OUs in an organization.
AWS Organizations provides a range of features for managing access to resources, including cross-account access, identity federation, and role-based access control.
All of the features mentioned are part of one of the two AWS Organizations feature sets:
- All Features
- Consolidated Billing
The All Features set gives MSPs more advanced control over their OUs through Service Control Policies (SCPs) and Tag Policies.
SCPs determine which services and actions are available to users or roles for specified accounts. SCPs help enforce security and compliance requirements by restricting the actions taken within an AWS account or across multiple accounts in an organization.
SCPs do not grant access to resources or services. They act as a filter that can limit access. SCP policies are applied hierarchically, meaning they can be assigned to the root level of an organization or specific OUs. Policies set at the root level apply to all accounts in the organization, while policies set to OUs apply to all accounts within that OU and its child OUs.
Tag Policies enforce tag standardization across accounts in your organization. This enables MSPs to enforce tag compliance, which improves resource tracking. By combining the All Features Set and the Consolidated Billing, MSPs can enforce security on their clients’ AWS infrastructure and become more cost-efficient.
AWS Consolidated Billing
AWS Consolidated Billing is a feature of AWS Organizations that enables customers to consolidate billing and payment for multiple AWS accounts. With AWS Consolidated Billing, customers can group multiple AWS accounts under one payer account, making it easier to manage billing and track costs across multiple accounts.
It also allows MSPs to take advantage of volume discounts and cost optimization strategies, which can lead to significant client savings. These strategies involve sharing the savings from the discounts between multiple client AWS accounts by buying Reserved instances (RI), Savings Plans, and AWS Volume discounts. For example, AWS Organization can save up to 80% with RIs. The minimum annual commitment creates some risk, but strategic use of RIs can drastically reduce costs.
When using AWS Consolidated Billing, the payer account is responsible for paying for all the charges incurred by the linked accounts. This includes charges for services such as EC2, S3, and RDS and data transfer, storage, and other AWS services. The payer account can then view and analyze the usage and costs of each account in the billing console, as well as set up cost allocation tags to track costs by application, project, or department.
“The features and support CloudBolt provides will allow my team to spend more time focusing on the delivery of quality customer outcomes.”
AWS Consolidated Billing benefits
Key benefits of AWS Consolidated Billing for MSPs are:
- Streamlined billing: AWS Consolidated Billing combines billing for multiple AWS accounts into a single invoice, making it easier for MSPs to manage their clients’ AWS costs. However, the cost and use reports (CUR) provided by AWS are detailed and cryptic. Third-party providers like CloudBolt can help MSPs address this challenge and streamline the per-client cost allocation process.
- Improved cost control: MSPs can see all usage and costs across their clients’ AWS accounts in one place. This makes it easier to identify savings opportunities and monitor costs to ensure clients stay within budget. However, the AWS cost explorer is designed for individual enterprise use, not the multi-account environment MSPs operate in. This is where vendors such CloudBolt add value by visualizing costs across multiple client accounts.
- Taking advantage of AWS cost optimization services: By using Consolidated Billings in combination with Reserved Instances (RIs), Savings Plans, and Volume Discounts, MSPs and their clients can be more cost efficient in the cloud. That said, determining optimal resource utilization (removing unused and wasted capacity) and RI coverage (measuring the usage of prepaid reservation contracts) is a complex exercise. In many cases, third-party vendors, like CloudBolt, specializing in cost optimization can provide better results than native AWS tooling alone.
- Enhanced reporting and analytics: AWS Consolidated Billing provides MSPs with detailed usage and cost reports across all accounts, making tracking usage and identifying trends over time easier. This can help MSPs to optimize their clients’ AWS usage and identify areas for further cost savings. However, these reports are limited in granularity. Dashboards from third-party providers such as CloudBolt add insights and analytics not provided by native AWS tools.
Tips for maximizing AWS savings with AWS Consolidated Billing
Using AWS Consolidated Billing with these three features can help clients save even more. However, they’re not optimized for the multi-account use cases MSPs must address, so we’ve included MSP-specific recommendations where appropriate.
- Use Cost Explorer: Reserved Instances can help you save money on your EC2 usage, RDS, OpenSearch Service, and ElastiCache, but they need to be managed carefully.With CloudBolt’s Reserved Instance Report, which supports multiple cloud providers including Azure and AWS, you can create reports specialized for MSPs with multiple client accounts linked to their master payer account.
- Deploy Reserved Instances: Reserved Instances can help you save money on your EC2 usage, RDS, OpenSearch Service, and ElastiCache, but they need to be managed carefully. By using CloudBolt’s Reserved Instance Report which is offered for multiple cloud providers such as Azure and AWS, you can create reports specialized for MSPs with multiple client accounts linked to their master payer account
- Right size your AWS Environments: AWS Trusted Advisor is a service that provides best practices and recommendations to help you optimize your AWS Environments within a single enterprise. However, Trusted Advisor is not designed for MSPs. The CloudBolt Cost Service Adviser is a better option for MSPs by offering more sophisticated analytics and a more scalable platform for analysis across multiple client environments. For example, the AWS Trusted Advisor does not provide second-level granularity for measuring resource usage, which can result in miscalculating the short bursts in resource usage. Conversely, CloudBolt Cost Service Adviser does account for second-level granularity in resource measurements.
AWS Volume Discounts
AWS offers AWS Volume Discounts to customers who use large volumes of AWS services. These discounts reward customers who use more AWS services by reducing the cost of those services as the usage increases.
There are several types of volume discounts offered by AWS, including:
- Reserved Instance Volume Discounts
- EC2 Instance Savings Plans
- Compute Savings Plans
- SageMaker Savings Plans
AWS volume discounts can be an excellent way for customers to save money on their AWS usage, especially if they have predictable usage patterns or can commit to specific usage volumes.
AWS Reserved Instances
AWS Reserved Instances (RIs) provide compute capacity from Amazon Web Services (AWS) at a discounted rate. By committing to using a certain amount of compute capacity over a one or three-year term, customers can receive a discount of up to 75% compared to on-demand instance pricing.
AWS RIs are available for several types of compute instances, including Amazon Elastic Compute Cloud (EC2), Amazon Relational Database Service (RDS), and Amazon ElastiCache. Customers can choose between three types of Reserved Instances
- Standard Reserved Instances
- Convertible Reserved Instances
- Scheduled Reserved Instances
To learn more about RIs and its pricing, check out the AWS EC2 Reserved Instances documentation.
By combining Reserved Instances and AWS Consolidated Billing, you can share Reserved Instances between your accounts just by provisioning EC2 instances or RDS Instances in any of your other accounts, provided that you have available purchased RIs. This also includes Elasticache reserved node instances and Amazon OpenSearch reserved instances.
Reviewing your overall costs and savings when using RIs is critical because it can give you a better idea of your Reserved Instance utilization. Services like the AWS Reserved Instance Report by CloudBolt help you obtain deep visibility into RI utilization and associated savings. You can view the RI Coverage and RI Utilization, which help you see the difference between your used and unused RI instances. It also provides recommendations based on which you can potentially save on your spending related to reserved instances.
AWS Savings Plans
AWS Savings Plans are a flexible pricing model that offers cost savings of up to 72% on compute usage in Amazon Web Services (AWS). They are designed to provide a cost-effective solution for customers with predictable usage or those who can commit to use over a period of time.
Unlike AWS RIs, AWS Savings Plans are not tied to a specific instance type or region, providing greater flexibility for customers. They can be used across multiple accounts, making it easier for customers to optimize their AWS usage across their organization.
Savings Plans offer three types of pricing models:
- Compute Savings Plans: These offer savings on EC2 and Fargate usage, regardless of instance family, size, OS, or tenancy. Customers commit to a specific amount of usage, measured in dollars per hour, for a one- or three-year term.
- EC2 Instance Savings Plans: These offer savings on a specific family and size of EC2 instance, such as M5 or C5. Customers commit to a specific amount of usage, measured in dollars per hour, for a one- or three-year term.
- SageMaker Savings Plans: These offer savings to eligible SageMaker ML instances, including SageMaker Studio Notebook, SageMaker on-Demand Notebook, Sagemaker Processing ,and many more types regardless of instance family size or region.
You can also share savings plans using AWS Consolidated Billing. For more information on how AWS calculates potential savings percentage, reference the How Savings Plans apply to usage documentation.
Learn more about the growing complexity and the widening skills gap causing this dissatisfaction.
Limitations of native AWS tools
Native AWS tools can help you better understand and analyze your cloud costs and operations. For example, the AWS Cost and Usage Reports (CUR) can help track costs. However, native AWS tools lack essential features MSPs need to meet business demands like filtering services by type (e.g., compute, database, data transfer) or group options, such as DB engines, API operations.
AWS offers Billing Dashboards and Reports as part of the AWS Budgets and CUR, but the reports do not provide the necessary granularity and segmentation for MSPs. The dashboards provided are usually based on accounts, regions, or services and lack personalization capabilities that can limit their usefulness. For example, engineers need capacity usage details while executives are interested in long-term spending trends. Separate dashboards that fit the needs of a specific department enable better cost visibility throughout the organization.
Additionally, while AWS Cost Explorer forecasts costs and budget, it caters to individual enterprises and lacks the features required to support MSPs in forecasting client expenditures and overall costs and profit margins in a multi-account environment.
How third-party tools can address key MSP cost management use cases
MSPs can address the limitations of native AWS cost reporting with a third-party tool such as Cloudbolt Cost Reports for AWS. Cloudbolt Cost Reports for AWS enables more granular and customized cost reports with visibility into costs at the specific unit, resource group, and instance levels. It also provides personalized dashboards and reports created specifically for personas such as engineers or FinOps professionals.
You can also filter by service type, all costs, or you can group resources by accounts, services, regions, or tags as shown below:
The customization provided by Trusted Advisor is limited compared to a third-party tool such as the Cloudbolt Cost Service Adviser. The Trusted Advisor offers recommendations, but doesn’t account for seasonality in its calculations. The short bursts or spikes in usage are not accounted for which could result in incorrect recommendations.
With CloudBolt’s Cost Service Adviser you can categorize optimization types into idle/unused services and un-optimized and rightsizing recommendations. You can leave comments under each decision you take, which can help with auditing. You can ignore recommendations for some time if a resource is unnecessary today but could be needed in the future.
One of the biggest limitations is that AWS tools are primarily designed to be used with AWS Services, which makes them an incomplete solution in multi-cloud environments. With a single standardized platform, like CloudBolt, to handle various reporting, forecasting, and budgeting for each cloud provider, the process is greatly streamlined, reducing the need for additional labor and enhancing governance practices. This approach improves efficiency and ensures a cohesive management system across multiple cloud providers.
Conclusion
Using Amazon Organizations and the features enabled by AWS Consolidated Billing, such as Savings plans and RIs, MSPs can:
- Increase margins
- Enable better decisions with better data
- Help ensure accurate billing
However, native tools lack some features that can help MSPs gain the visibility and flexibility they need to maximize their cost savings. That’s where third-party services can help. Using the right cost management tools, MSPs can increase operational effectiveness and build customer trust with clear and accurate billing.
Related Blogs
The New FinOps Paradigm: Maximizing Cloud ROI
Featuring guest presenter Tracy Woo, Principal Analyst at Forrester Research In a world where 98% of enterprises are embracing FinOps,…
FinOps Evolved: Key Insights from Day One of FinOps X Europe 2024
The FinOps Foundation’s flagship conference has kicked off in Europe, and it’s set to be a remarkable event. Attendees familiar…