Get Started with CloudCheckr CMx

CloudCheckr CMx Frequently Asked Questions

Email Settings in CloudCheckr CMx

Customize Your App in CloudCheckr CMx

Configure a Google Cloud Account in CloudCheckr CMx

Configure a CSP Account in CloudCheckr CMx

Modify an AWS Account in CloudCheckr CMx

Modify an Azure Account in CloudCheckr CMx

Modify a Google Cloud Account in CloudCheckr CMx

Get Started with AWS Control Tower

Access Management in CloudCheckr CMx

Users in CloudCheckr CMx

Roles in CloudCheckr CMx

Permission Sets and Permissions in CloudCheckr CMx

Clients in CloudCheckr CMx

CloudCheckr CMx Cost Reports

Summary Report in CloudCheckr CMx

Pivot Explorer Report in CloudCheckr CMx

Dashboard Panes in CloudCheckr CMx

Service Categories in CloudCheckr CMx

Leverage Savings Plan Data in Cost Reports

Finding My Reports in CloudCheckr CMx

Custom Dashboards in CloudCheckr CMx

Savings Plans Analytics

Overview of Single Sign-On in CloudCheckr CMx

Configure IdP-Initiated Single Sign-On in CloudCheckr CMx

Configure SP-Initiated Single Sign-On in CloudCheckr CMx

Configure Single Sign-On in AWS for CloudCheckr CMx

Configure Single Sign-On in Azure Active Directory for CloudCheckr CMx

Configure Single Sign-On in Google for CloudCheckr CMx

Configure Single Sign-On in Okta for CloudCheckr CMx

Configure Single Sign-On in OneLogin for CloudCheckr CMx

Configure Single Sign-On in PingOne for CloudCheckr CMx

Onboard Your AWS Account Using the Cost and Usage Report

Onboard Your AWS Account Using the Detailed Billing Report

Create an Account in CloudCheckr

Create Least Privilege Policies

Create a Cross-Account Role Manually

Create a Cross-Account Role Using CloudFormation

Enable Tags for Cost Reports

Enable Detailed Billing Reports

Configure the Cost and Usage Report in AWS

Configure the Cost and Usage Report in CloudCheckr

Create AWS Credentials Using IAM Access Keys

Create an IAM User Group

Create an IAM User

Configure a GovCloud Account Using IAM Access Keys

Enable Payee List Cost

CSV Account Upload

Set Up Reseller Links for AWS in CloudCheckr

Onboard Your Azure Accounts

Configure a CSP Account in CloudCheckr

Configure an EA Account

Configure an Active Directory or O365 Account

Configure a Subscription Account in Azure

Customize Your CloudCheckr Environment

View Billing Data for a Single Subscription

Edit Billing Configuration: Pay-as-You-Go Subscriptions

Set Up Reseller Links for Azure in CloudCheckr

Enable Permissions for Azure Cache for Redis (Redis Cache)

Enable Permissions for Web App Backup Data

Enable Permissions for Storage Accounts

Create and Configure Your Google Cloud Account in CloudCheckr

Customize Your App in CloudCheckr

Configure Notifications in CloudCheckr

Create Multi-Account Views in CloudCheckr

Create a User Group in CloudCheckr

Configure Your CloudCheckr Reports

Overview of Single Sign-On in CloudCheckr

Configure IdP-Initiated Single Sign-On in CloudCheckr

Configure SP-Initiated Single Sign-On in CloudCheckr

Configure Single Sign-On for AWS in CloudCheckr

Configure Single Sign-On for Azure Active Directory in CloudCheckr

Configure Single Sign-On for Google in CloudCheckr

Configure Single Sign-On for Okta in CloudCheckr

Configure Single Sign-On for OneLogin in CloudCheckr

Configure Single Sign-On for PingOne in CloudCheckr

Integration Configurations

Integration Configurations – Understanding Your Options

Integrate with Amazon SNS

Integrate with Jira

Integrate with PagerDuty

Integrate with ServiceNow

Integrate with Slack

Integrate with Syslog

CloudCheckr Metrics in AppDynamics

Extension for AppDynamics

IP Requests

New Relic Plugin

Datadog Integration with CloudCheckr CMx

CloudCheckr Education and Certification

CloudCheckr Labs

Resources

Glossary

Cost Alerts

Azure Cost Alerts

Configure a Microsoft Azure Cost Alert

Configure a Microsoft Azure Cost (Percent) Alert

Configure a Microsoft Azure Enterprise Agreement Overage Cost Alert

Generate Invoices

Payee Support Charges

Reprocess Billing Reports

Account Families

Copy Billing Data (Account Families)

Copy Billing Data (Payees)

Proportional Payee Amortization

Analyzing Your Reserved Instance Purchases

Analyzing Your AWS Marketplace Charges

AWS Marketplace Product Name Tag Key

Partner Sys Admin Main Features

Create Custom Memos

Custom Usage Rate

Custom Usage Hourly Rate

Manage AWS Credits in CloudCheckr

Assign Credits

Generate Invoices in Azure

Reload a Usage Report in Azure

Custom Billing Charges in Azure

What Is a Subscription Family?

Create a Subscription Family in CloudCheckr

Configure a Subscription Family in CloudCheckr

Custom Credit Memos in Azure

Custom Usage Rates in Azure

Configure Reserved Instances in Azure

Custom Billing Charges

Add a Percent Discount or Premium for All Custom Billing Charges

Add a Monthly Percent Custom Billing Charge or Credit

Add a Fixed Custom Billing Charge or Credit

Add a Per Usage Hour Custom Billing Charge or Credit

Add a Per Virtual Machine Custom Billing Charge or Credit

Configure Custom Costs in AWS

Configure Custom Cost in Azure

Standard Reserved Instance Amortization

Custom Fee Based on On Demand Cost

CloudCheckr List Cost

AWS Savings Plans

RI Consuming Account Based Allocation

Tagging

Search Tags

Lookup Resources

Tagging Rules

Improperly Tagged Resources

Tag Mapping

Cost Allocator

Configuring AWS Config Alerts

Azure Alerts

CloudTrail Alerts

Sending CloudTrail Alerts to Lambda Functions

How To Set Up Resource Alerts in CloudCheckr

CloudCheckr Alerts

AWS Config Reports

Enabling AWS Config Reports

Setting Up Aggregate AWS Config Collection in CloudCheckr

CloudTrail Reports

Enabling CloudTrail Reports

Configure CloudTrail in AWS

Aggregate CloudTrail Collection in CloudCheckr

Automation

Copy Tags to Volumes

Copy Tags to Volumes: Configure Automation

Copy Tags to Volumes: EC2 Tags

Copy Tags to Volumes: Ignore List

Copy Tags to Volumes: Show History

AWS Best Practice Report

Configure Best Practices Check Notifications

Customize Service Limits Best Practice Checks

Custom Best Practices

Total Compliance

Total Compliance Standards and Regulations

CIS Benchmark

AWS Advanced Grouping Report

Consolidated Account Reserved Instance Management

List Cost Analysis

Saving Showback Report

Single Day Billing Summary Report

Consolidated Billing Report

Single Month Billing Summary Report

Profit Analysis

Reserved Instance Management

Summarization

Spend Analysis

Historical Monthly Summary Report

Reserved Instances and EC2 Instance Size Flexibility

Billing Cost Changes Reports

Cost View Report

Cost Savings

Inventory Reporting

Tagged/Untagged Resource Reporting

Custom Reports

EC2 Reserved Instance Summary Report

IAM Summary Report

Trending

Inventory Trending Reports: EC2 Instances

List of IAM Users Report

RDS Reserved Instance Reports

Using CloudCheckr to See What Is Running in S3

Get Started with the Well-Architected Workloads Report

VPC Reports

VPC Flow Logs – Summary

VPC Flow Logs – Events

VPC Flow Logs – Setup

VPC Flow Logs – Connections

Change Monitoring

Security Groups

AWS Utilization

The EC2 Instance Right Sizing Report

Right-Sizing – How to Configure User Groups and Workflows

How to Set Up a CloudWatch Agent

Access and Leverage Memory Metrics for Azure

Home Page in CloudCheckr CMx

Header Bar in CloudCheckr CMx

Left Navigation Pane in CloudCheckr CMx

How To Dock/Undock CloudCheckr CMx Content

Account Switcher in CloudCheckr CMx

Settings Menu in CloudCheckr CMx

Account Hierarchy Page in CloudCheckr CMx

Customers in CloudCheckr CMx

Accounts in CloudCheckr CMx

Multi-Account Views in CloudCheckr CMx

Attributes in CloudCheckr CMx

AWS: General

AWS: Assigned Credits

AWS: Cost and Billing

AWS: Monthly Rollover

AWS: Onboarding

AWS: Transition from DBR to CUR

Azure: General

Azure: Azure Plan (CSP)

CloudCheckr: General

AWS: L2 CUR Functionality

Bookmarks

Create and Modify Custom Dashboards in CloudCheckr

Edit Account Name in CloudCheckr

User Management in CloudCheckr

Create a User in CloudCheckr

Edit a User in CloudCheckr

Configure What Costs Are Visible to a User

User Groups

Use the Access Control List

Select Account Types to Assign to a Group

Edit a User Group

Clone a User Group

Remove a User Group

CMx Federal

CMx High Security

Finance Manager: Frequently Asked Questions

Finance Manager Specification Sheet

Introduction to Finance Manager

How to Install CloudCheckr FinanceManager

Install CloudCheckr FinanceManager in On-Premise Data Center

Deploy CloudCheckr FinanceManager from the Azure Marketplace

CloudCheckr FinanceManager Concepts

CloudCheckr FinanceManager: Datadate

CloudCheckr FinanceManager: Datasets

CloudCheckr FinanceManager: Program Directory

CloudCheckr FinanceManager: Home Directory

CloudCheckr FinanceManager: RDFs

CloudCheckr FinanceManager: Services

CloudCheckr FinanceManager: Azure Stack

Introduction to Reports in CloudCheckr FinanceManager

Accounts Report in CloudCheckr FinanceManager

Services Report in CloudCheckr FinanceManager

Summary Report in CloudCheckr FinanceManager

Services Page in CloudCheckr FinanceManager

Rates Page in CloudCheckr FinanceManager

Adjustment Policies in CloudCheckr FinanceManager

Extraction in CloudCheckr FinanceManager

Configure Extractors in CloudCheckr FinanceManager

Integration Templates in CloudCheckr FinanceManager

Script Basics in CloudCheckr FinanceManager

Parslets in CloudCheckr FinanceManager

Language for Extract Statements in CloudCheckr FinanceManager

CloudCheckr FinanceManager Extract Statement: aws_sign_string

CloudCheckr FinanceManager Extract Statement: basename

CloudCheckr FinanceManager Extract Statement: buffer

CloudCheckr FinanceManager Extract Statement: clear

CloudCheckr FinanceManager Extract Statement: csv

CloudCheckr FinanceManager Extract Statement: discard

CloudCheckr FinanceManager Extract Statement: encode

CloudCheckr FinanceManager Extract Statement: encrypt

CloudCheckr FinanceManager Extract Statement: escape

CloudCheckr FinanceManager Extract Statement: exit_loop

CloudCheckr FinanceManager Extract Statement: foreach

CloudCheckr FinanceManager Extract Statement: get_last_day_of

CloudCheckr FinanceManager Extract Statement: gosub

CloudCheckr FinanceManager Extract Statement: hash

CloudCheckr FinanceManager Extract Statement: http

CloudCheckr FinanceManager Extract Statement: if

CloudCheckr FinanceManager Extract Statement: json

CloudCheckr FinanceManager Extract Statement: loglevel

CloudCheckr FinanceManager Extract Statement: loop

CloudCheckr FinanceManager Extract Statement: match

CloudCheckr FinanceManager Extract Statement: pause

CloudCheckr FinanceManager Extract Statement: print

CloudCheckr FinanceManager Extract Statement: return

CloudCheckr FinanceManager Extract Statement: save

CloudCheckr FinanceManager Extract Statement: set

CloudCheckr FinanceManager Extract Statement: subroutine

CloudCheckr FinanceManager Extract Statement: terminate

CloudCheckr FinanceManager Extract Statement: unzip

CloudCheckr FinanceManager Extract Statement: uri

CloudCheckr FinanceManager Extract Statement: var

Transform (Transcript) in CloudCheckr FinanceManager

Configure Transformers in CloudCheckr FinanceManager

Language for Transform Statements in CloudCheckr FinanceManager

CloudCheckr FinanceManager Transform Statement: aggregate

CloudCheckr FinanceManager Transform Statement: append

CloudCheckr FinanceManager Transform Statement: calculate

CloudCheckr FinanceManager Transform Statement: capitalize

CloudCheckr FinanceManager Transform Statement: convert

CloudCheckr FinanceManager Transform Statement: copy

CloudCheckr FinanceManager Transform Statement: correlate

CloudCheckr FinanceManager Transform Statement: create

CloudCheckr FinanceManager Transform Statement: csv

CloudCheckr FinanceManager Transform Statement: default

CloudCheckr FinanceManager Transform Statement: delete

CloudCheckr FinanceManager Transform Statement: export

CloudCheckr FinanceManager Transform Statement: finish

CloudCheckr FinanceManager Transform Statement: if

CloudCheckr FinanceManager Transform Statement: import

CloudCheckr FinanceManager Transform Statement: include

CloudCheckr FinanceManager Transform Statement: lowercase

CloudCheckr FinanceManager Transform Statement: normalize

CloudCheckr FinanceManager Transform Statement: option

CloudCheckr FinanceManager Transform Statement: rename

CloudCheckr FinanceManager Transform Statement: replace

CloudCheckr FinanceManager Transform Statement: round

CloudCheckr FinanceManager Transform Statement: service

CloudCheckr FinanceManager Transform Statement: services

CloudCheckr FinanceManager Transform Statement: set

CloudCheckr FinanceManager Transform Statement: split

CloudCheckr FinanceManager Transform Statement: terminate

CloudCheckr FinanceManager Transform Statement: time columns

CloudCheckr FinanceManager Transform Statement: timerender

CloudCheckr FinanceManager Transform Statement: timestamp

CloudCheckr FinanceManager Transform Statement: update service

CloudCheckr FinanceManager Transform Statement: uppercase

CloudCheckr FinanceManager Transform Statement: var

CloudCheckr FinanceManager Transform Statement: where

GUI Automation

Examples

Azure-AD

Auth0

Integrate

Reports in CloudCheckr FinanceManager

Workflows in CloudCheckr FinanceManager

Metadata in CloudCheckr FinanceManager

User Management in CloudCheckr FinanceManager

Users in CloudCheckr FinanceManager

Groups in CloudCheckr FinanceManager

Settings in CloudCheckr FinanceManager

Configure CloudCheckr CMx API

Use CloudCheckr CMx Access Tokens to Manage Existing API Calls

API User Guide

Admin API Reference Guide

API Reference Guide (AWS)

API Reference Guide (Inventory)

API Reference Guide

Finance Manager API Guide

Budgets

Data Sources

Accounts

Rate Limits

Authentication

Metadata

JSON: API Interface

Related Resources

Introduction

General

Catalog

Error Responses

Authentication

Authorization

Configure Single Sign-On in AWS for CloudCheckr CMx

In this topic, you will learn how to set up Single Sign-On (SSO) for your AWS account in CloudCheckr CMx by configuring:

AWS (the Identity Provider or IdP)
CloudCheckr CMx (the Service Provider or SP)

Prerequisite

You must be an enterprise customer to use IdP-initiated SSO.

Workflow

If you have any questions about the configuration process, please contact Support.

Log in to the AWS Management Console.
In the Find Services text field, type AWS SSO
From the Dashboard, click Applications.
Click Add a new application.

The AWS SSO Application Catalog opens.
Click Add a custom SAML 2.0 application.
In the Details section:
1. Type CloudCheckr CMx in the Display name field.
2. Type Cloud Management Platform In the Description field.
In the AWS SSO metadata section:

Click Download to download the AWS SSO SAML metadata file and send it to Support.

Under Session duration in the Application properties section, select Custom duration for and select 900 seconds.
In the Application metadata section:

Click the link, If you don't have a metadata file, you can manually type your metadata values.

Choose the Application ACS URL and Application SAML Audience that match the AWS region you use to access CloudCheckr:

Region	Application ACS URL	Application SAML Audience
US	https://auth-us.cloudcheckr.com/auth/sso/saml2/Acs	https://auth-us.cloudcheckr.com/auth
EU	https://auth-eu.cloudcheckr.com/auth/sso/saml2/Acs	https://auth-eu.cloudcheckr.com/auth
AU	https://auth-au.cloudcheckr.com/auth/sso/saml2/Acs	https://auth-au.cloudcheckr.com/auth
GOV	https://auth-gov.cloudcheckr.com/auth/sso/saml2/Acs	https://auth-gov.cloudcheckr.com/auth
Federal	https://auth-fed.cloudcheckr.com/auth/sso/saml2/Acs	https://auth-fed.cloudcheckr.com/auth

Type the values you just selected into the appropriate fields.
Click Save Changes.

Click Attribute Mappings.
Perform the following actions in this tab:
1. For the Subject User attribute, type ${user:email} and leave the format as emailAddress.
2. Click Add new attribute mapping.
3. For the name attribute, type${user:email} and leave the format as unspecified.
Click Assigned users.
Click Assign users to assign users you would like to access CloudCheckr CMx from your directory.
Once Support has added your metadata to your account, select CloudCheckr CMx from your AWS apps list to log in.

Create a support ticket in the CloudCheckr Service Desk Portal that indicates you configured your SAML information.
Attach the XML file that you downloaded in the previous procedure to your ticket.
Although CloudCheckr will provision your users for the first-time logon, your organization must enable specific permissions and account access for your CloudCheckr CMx users. For more information, see the Access Management and Roles topics.

Configure Single Sign-On in AWS for CloudCheckr CMx

Prerequisite

Workflow

How did we do?

Related Articles Configure Single Sign-On for AWS in CloudCheckr Configure Single Sign-On in Google for CloudCheckr CMx Configure Single Sign-On in PingOne for CloudCheckr CMx

Contact

Related Articles

Configure Single Sign-On for AWS in CloudCheckr

Configure Single Sign-On in Google for CloudCheckr CMx

Configure Single Sign-On in PingOne for CloudCheckr CMx