This work is licensed under CC BY 4.0 - Read how use or adaptation requires attribution

Segmentation Can Be a FinOps Game Changer

By Mark Szynaka

The re-engineering effort from multiple applications/products in single AWS accounts to separate AWS accounts transformed cost allocation from an arduous tagging effort to a finite chargeback solution. This story goes back a half dozen years, but for anyone not using AWS accounts or Azure subscriptions to segment cost allocation this story may be helpful.

I was using three AWS accounts to segment the Development, Test, and Production environments to support four products. I was relying on tagging for cost allocation, which as we all know does not cover all resource types. I was having to group misspelled tags in CloudHealth and chase down untagged resources to achieve 85%+ cost allocation.

Solution / implementation

As we sized up the migration of over 100 new products to AWS, we instituted dedicated Development, Test, and Production accounts for each product. To make this possible, we spent three months with two dedicated cloud architects to create a new automated onboarding process for new applications via AWS Landing Zones. The Cloud Architecture team took the lead on this process with input from the DevOps and Product application development teams.

Once the process was finished, we had an onboarding process for new accounts, which resulted in minimum viable accounts for Development, Test, and Production within 96-hour turnarounds.

Benefits of segmentation

With this segmentation, we could be certain to chargeback 100% of resources from each of the accounts to their respective billing code. We still used resource tagging within the accounts for several governance requirements, but we reduced the effort for cost allocation and increased accuracy.

This advice may be dated now for all who are in the walk and run phase but don’t underestimate the power of segmentation when it comes to cost allocation!