jdxlabsWhen working on the cloud, the question of costs is essential.
Tailwarden is a tool designed to help you have a global supervision of your costs and also supports you on the security part.
It supports the 3 main cloud providers (AWS, Google Cloud and Azure), it will be all the more effective in a multi-account and hybrid strategy.
I will give you a demonstration of the different functionalities that the tool will offer you.
Connect your cloud accounts
At the beginning, you have access to a "Getting started".
You will be able to connect your different accounts, in my case an AWS account and a GCP account.
If you want detailled informations, you have to enable the cost insight feature :
The main dashboard
You will have direct access to the main dashboard, which gives you an overall view of your costs per month.
You will be able to classify them by cloud provider, regions and resource types.
The assets inventory
The inventory is the heart of Tailwarden, that’s where you will find all the resources handled by the software. You can consult, classify them, know the cost of each one and export them for your needs.
Create your first custom view
From the inventory, you can apply filters, to obtain Custom views, which will allow you to organize the vision of your infrastructure, according to the criteria that interest you.
In the following example, I simply display the list of S3 buckets :
Tagging
Identify untagged resources
The Tags audit page will allow you to explore the tags of your resources.
In order to find your untagged resources, you can create a Custom view by selecting the "Empty tags" filter :
Set a tagging strategy
It is important to establish a tagging strategy, you can follow the Tagging Best Practices shared by Tailwarden.
We can discern 4 main categories:
- Technical tags
- Automation tags
- Business tags
- Security tags
Consider that your fleet will potentially be hybrid one day, it is better to put provider-agnostic tags.
For the demonstration, we will choose a very basic tagging strategy, with this tags :
- Env (Dev/Prod/Shared)
- Region
- Sensitive (true/false)
- Project (null by default)
We can set a policy to show which resources are in compliance or not :
Apply and monitor your tagging strategy
You can modify directly the provider’s tags, or define virtual tags inside Tailwarden.
Virtual tags allow you to quickly edit your resources in groups and to comply.
You will then have the possibility to either synchronize the provider tags, or to apply a different strategy within the provider.
Compliance is monitored and you have the possibility to put alerting, in case there are drifts.
Enable Cost insights
You must setup CUR (Cost and Usage Report), to activate Cost Insights :
This will allow for more cost detail, more accurately for your resources.
Create your first Cost report
In the Cost Report section, you will have a global view on your costs, for each provider :
Set your first Budget alert
From a view in the inventory, you have the possibity to setup notifications by mail, on different triggers :
For example, you can set an email notification when your overall costs exceed an amount you decide, withe the Budget alert:
View Compliance insights
In the Risk Assessment section, you can consult different compliance frameworks to apply on your resources :
- AWS CIS (Center for Internet Security) v1.4.0 : The security framework from AWS
- GPDR (General Data Protection Regulation) : The european privacy data protection
- PCI DSS (Payment Card Industry Data Security Standard) : A framework you must follow if you host credit card informations
Custom dashboards
In the Reports sections, you can set specific dashboards for your needs, you can totally customize your dashboards and widgets, but you can also select pre-defined templates.
For instance, there is an Invoice Breakdown dashboard, to see the costs specific to each resource :
Pricing
Tailwarden is a managed service aimed at businesses, it offers a starter package at $500/month, with additional costs if there are more than 3 cloud accounts.
It can also offer more support for larger companies.
Another option is a similar product offered by Tailwarden, which is open source. It will offer a few different options and the hosting part will be up to you. This is Komiser, whose code is available on Github, and which provides a Docker image.
What’s next
To manage your costs and monitor the security of your infrastructure, Tailwarden is a good option that will give you a global vision very easily.
It is a young product but also very active and promising, with a public roadmap available, which promises new features in particular on the Anomaly detection and Custom dashboard parts.
