[Enhancement] Add details around expectations with AWS SCP and the Orphaned Resources savings report.

kubecost / docs

GitHub repository for the official Kubecost documentation.

http://docs.kubecost.com

91 stars 105 forks source link

[Enhancement] Add details around expectations with AWS SCP and the Orphaned Resources savings report. #756

Closed srpomeroy closed 11 months ago

srpomeroy commented 1 year ago

Description

When AWS Service Control Policies (SCP) are used to limit access to certain regions, Kubecost will log some errors about the inability to retrieve ec2 resources (EIPs and EBS volumes) from those disallowed regions.

These are false positives because AWS returns a 403. This typically indicates an IAM issue when in fact it is the SCP that is denying access.

I am not sure of the best place for this. Perhaps FAQ or Troubleshooting?

srpomeroy commented 1 year ago

A recent improvement to OpenCost may negate the need for this. Need to test.

srpomeroy commented 11 months ago

Confirmed. No longer needed.