CloudCheckr CMx Frequently Asked Questions

Getting started in a new product can be daunting, but to help you out, we have compiled a list of Frequently Asked Questions (FAQs) that focus on CloudCheckr CMx.


Frequently Asked Questions

We have organized our FAQs by category. Click into a category and drill into the questions to view more information.

Click to get answers to your general onboarding questions:

It’s easy: just log in to a CloudCheckr region using one of the following new URLs and type your current username and password:

Platform

Current URL

New URL

US Production

https://app.cloudcheckr.com

https://app-us.cloudcheckr.com

Europe

https://eu.cloudcheckr.com

https://app-eu.cloudcheckr.com

Australia

https://au.cloudcheckr.com

https://app-au.cloudcheckr.com

Gov

https://gov.cloudcheckr.com

https://app-gov.cloudcheckr.com

Federal

https://fed.cloudcheckr.com

https://app-fed.cloudcheckr.com

Only administrators will have access to CloudCheckr CMx. Administrators must provide access permissions to all other users before they can log in to CloudCheckr CMx.

If you have an existing Azure or AWS account in the current CloudCheckr product, you don't need to do anything. We use your existing credentials to transfer your data and billing configuration into CloudCheckr CMx.

If you need help setting up your Azure CSP account, follow the instructions in Configure a CSP Account in CloudCheckr CMx.

If you have Google Cloud data, follow the instructions in Configure a Google Cloud Account in CloudCheckr CMx.

The What's New section in our Success Center and in the application will provide updates on new functionality that we deliver during our incremental software releases.

You can submit Support tickets through our Support portal or send a Support email just like you do with our current CloudCheckr product.

Our Support engineers will triage the tickets, so that the teams working on CloudCheckr CMx will see them promptly.

The following functionality will become available in upcoming software releases:

  • Enhancements to the existing reports such as improved filtering, better drill-through features, and data export support
  • Multi-cloud and cross-account reporting for AWS, Azure, and Google Cloud data
  • A rules engine for the manipulation of the cost data similar to how List cost functions in our current CloudCheckr product
  • Additional data source processing
  • Full billing and invoicing functionality
  • Performance improvements

Click to learn more about what has changed in our user interface:

Yes! This release doesn't replace your access to the current UI and API. You can switch back and forth between the two UIs and compare them side-by-side.

The biggest improvements for our customers include:

  • A platform built from the ground up to be scalable and performant
  • A modern design that is more visually appealing, which can scale across multiple device sizes
  • A dynamic account hierarchy that brings organization to your account list by allowing up to 11 layers of account groupings
  • An API-first model that ensures UI and API functionality remains consistent

The CMx UI includes these innovative features:

Feature

Highlights

Improved Navigation

  • Improved search functionality
  • Account Switcher makes jumping from one account to another quick and painless
  • Reorganized menu and layout

Account Hierarchy

  • Organize accounts into groups for streamlined account management and scalable permissions
  • Apply attributes across accounts for automatic categorization
  • Group accounts easily into multi-account views (MAVs)

Role Based Access Control

  • Create roles that define a set of users, permissions, and accounts
  • Establish permission sets that serve as reusable templates of permissions
  • Align roles to the account hierarchy for at-scale user and account management

New Ingestion Engine + Cost Reporting

  • Ingests AWS Cost and Usage Report (CUR) data in a fraction of the amount of time
  • Offers robust, interactive cost reports and dashboards
  • Provides a Pivot Explorer feature, so you can create on-the-fly reporting and analysis

The topic, Get Started with CloudCheckr CMx, gives an overview of all of the new features and provides links to the topics specific to these features.

Yes. Using CloudCheckr CMx doesn’t impact your access to the reports and functionality that you’re familiar with in the current CloudCheckr product.

You can switch back and forth between the new reports and the current reports in the CloudCheckr CMx environment by toggling the in the Left Navigation pane. For some of the existing CloudCheckr features, like Custom reports and dashboards, you will need to access them from the Search bar rather than from the left navigation pane.

This initial release provides the foundation for our future CloudCheckr CMx strategy. Some of the enhancements we are working on include the following:

  • Account Management UX improvements: Simplifying account creation—providing more contextual information and making it easier to manage accounts within the new hierarchy
  • Account Credentialing: Improving the onboarding workflow when credentialing a new account in CloudCheckr
  • Customer (Partner) Management: Rolling out a new user experience for creating and managing customers and plans

Click to learn more about the new account structure, account hierarchy:

Our new account hierarchy introduces the concept of account groups that create a parent-child folder structure which allows you to organize your accounts as you see fit. This organization simplifies navigation and user permissions.

  • Accounts: No change to accounts as you know them. These are the various cloud provider accounts that you have added to CloudCheckr.
  • Account Groups: As mentioned earlier, account groups are like folders for your accounts. You can use them to organize your accounts in a hierarchy—up to 11 levels deep—and administer access management at the group or account level using roles.
    An account can only exist in one parent folder, but a folder can contain multiple accounts from different cloud providers.
  • Multi-Account Views (MAVs): No change to MAVs as you know them. MAVs allow you to look at all the resources in multiple accounts through a single lens. You can tag individual accounts and designate tags in the MAV to identify the accounts you want to combine. With MAVs, you can create complex views across large sets of accounts and slice and dice data across multiple tags.

Use cases for organizing accounts may include:

  • Match a complex organizational structure by creating groups for various divisions, business units, reporting lines, and other categories
  • Align your account hierarchy by region and provider
  • Enable accounts from multiple cloud providers to exist in the same account group

The account hierarchy combines with the Role Based Access Control (RBAC) to streamline the administration of CloudCheckr CMx. After establishing a logical account hierarchy, you can apply user roles to accounts and account groups that exist at any level of the hierarchy.


Click to learn more about how you can administer and manage access to CloudCheckr CMx:

RBAC is a method of managing user access based on the roles assigned to those users. This is a hub-and-spoke model, where the role object acts as the hub for all access management. Permissions, users, and accounts are all applied to the role, and the intersection of those objects determines who has access to what in the system.

To further simplify things, we have introduced the concept of permission sets to Cloudcheckr CMx access management. Permission sets are templates of permissions that you can apply as a group to roles instead of having to apply or remove individual permissions each time a role is created or modified.

  • Users: The actual end-users who received a username (email address) and password that allows them to log in to the application
  • Clients: Services that access the CloudCheckr CMx API to make a request and return a response or data based on that request
  • Roles: The collection of permissions that a user inherits which enable them to perform certain tasks or operations in the CloudCheckr CMx application
  • Permissions: The individual privileges in CloudCheckr CMx that allow any user with that permission to perform a function or task such as view cost alerts and manage account groups
  • Permission Sets: A collection of privileges that you can apply as a group to your CloudCheckr CMx roles. For example, you might have a View-Only permission set that includes all View-Only permissions

Roles allow you to organize your users based on similar access and job function. For example, all members of your finance team may exist in a singular role that grants each member access to cost and billing reports for all accounts. When a new team member joins, you can add them to the role so that they inherit the same entitlements as their peers.

RBAC allows you to organize your users and the account hierarchy allows you to organize your accounts. By marrying the two, you can broadly administer access management across your accounts and user base. While the goal is to standardize access management, you still can apply fine-grained entitlements when needed.

You don't need to recreate existing users or passwords. However, these users won't have access via the RBAC model until you assign them roles. Since this is a new permissions model, we recommend creating permission sets and roles that meet the access needs of your user base.

Our team is ready to help. If you’re not sure how best to define your user roles, please reach out to schedule a session to review.

Also, we won't migrate API access keys over from CloudCheckr since the client/secret key functionality in RBAC is more robust and secure.


Click to learn more about our new data engine and how its design will meet your processing requirements:

We have built the data engine from the ground up with the newest and most effective modern technologies—allowing CloudCheckr CMx to process cloud billing files in a fraction of the time it takes in our current product.

And our development team continues to purposefully construct that data engine in a way that sets us up to be a truly multi-cloud solution.

As a result, CloudCheckr CMx will be able to gather billing files from multiple cloud providers—and transform data into a cloud-agnostic data model. This major enhancement will enable us report back to customers across various cloud providers in a unified manner.

Today, the data engine can process the AWS Cost and Usage (CUR) files, Google Cloud billing data, and Azure Plan for Cloud Solution Providers (CSPs).

We are also working on functionality that will allow us to process Azure Enterprise data billing data.

Eventually, the data engine will be able to process data from other sources such as security data from Amazon Web Services (AWS) CloudTrail.

CloudCheckr CMX won’t support legacy billing types such as the AWS Detailed Billing Report (DBR) file or legacy Azure CSP.

Since we use a different data engine to run and process the new CloudCheckr CMx features, you will see faster results to your queries, loading of UI pages, and data refreshing than you do in our current CloudCheckr product.

The CMx Cost pipeline will now automatically lock billing months once your cloud provider marks those files as finalized.


The following are some enhancements you will see as part of CMx API:

  • A platform built from the ground up to be scalable and performant
  • A new and improved documentation system built on Swagger.io
  • A more intuitive user experience—including search parameters, filtering, and ordering—that leverages the OData standard
  • More consistent response formatting and pagination
  • A dynamic account hierarchy brings organization to your account list by allowing up to 11 layers of account groupings
  • An API-first model that ensures UI and API functionality remains consistent

Account-related functionality includes:

  • Retrieve all accounts, account groups, and MAVs
  • Retrieve parents of accounts, account groups, and children of account groups
  • Update accounts and account groups
  • Create new account groups
  • Delete account groups
  • Move accounts and account groups throughout the hierarchy


How did we do?