Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

AWS Budget Action Email Subscriber dont show in the console

0

I set a budget action to apply an SCP to deny invoking lambda in a specific account. The first question is that I cannot see options to choose an account in console, but in CloudFomation, it does provide targetID that can be an account number. I am curious if it is ok to set SCP to a specific account.

The second question is when I use the following template, there are 2 budget alerts, and all should have two subscribers. However, after creating resources, only the first alert has email subscribes. The subscribers for second alerts in the console are empty.

  'Fn::ForEach::Budget':
    - Customer
    - - 'Test'
    - '${Customer}Budget':
        Type: "AWS::Budgets::Budget"
        Properties:
          Budget:
            BudgetName: !Sub "${Customer}Budget"
            BudgetLimit:
              Amount: !Ref BudgetAmount
              Unit: USD
            TimeUnit: MONTHLY
            BudgetType: COST
            CostFilters:
              LinkedAccount:
                - !FindInMap ["AccountMap", !Ref Customer, "Account"]
          NotificationsWithSubscribers:
            - Notification:
                NotificationType: FORECASTED
                ComparisonOperator: GREATER_THAN
                ThresholdType: PERCENTAGE
                Threshold: 80
              Subscribers:
                - Address: !Select [0, !Ref AlertEmails]
                  SubscriptionType: EMAIL
                - Address: !Select [1, !Ref AlertEmails]
                  SubscriptionType: EMAIL

  'Fn::ForEach::BudgetAction':
    - Customer
    - - 'Test'
    - '${Customer}BudgetAction':
        Type: "AWS::Budgets::BudgetsAction"
        Properties:
          ActionThreshold:
            Value: 100
            Type: PERCENTAGE
          ActionType: "APPLY_SCP_POLICY"
          ApprovalModel: "AUTOMATIC"
          BudgetName: !Sub "${Customer}Budget"
          Definition:
            ScpActionDefinition:
              PolicyId: !Ref SCPPolicy
              # can apply SCP to OU or Account
              TargetIds:
                - !FindInMap ["AccountMap", !Ref Customer, "Account"]
          ExecutionRoleArn: !GetAtt BudgetRole.Arn
          NotificationType: "FORECASTED"
          Subscribers:
            - Address: !Select [0, !Ref AlertEmails]
              Type: EMAIL
            - Address: !Select [1, !Ref AlertEmails]
              Type: EMAIL

Enter image description here

Topics
Cloud Financial ManagementManagement & Governance
Tags
AWS BudgetsAWS Organizations
Language
English
asked a year ago149 views
2 Answers
2
Accepted Answer

First, it is possible to apply a Service Control Policy (SCP) to a specific account using AWS Budgets.

Second, it actually has two email settings. One is in the alert setting, when the budget is to exceed the threshold, notify the emails. The other one is in the Budget Action setting, when action is run, notify the emails. These two can be the same or different.

answered a year ago
EXPERT
reviewed a year ago
EXPERT
reviewed a year ago
1

Let me address your questions regarding AWS Budget Actions and the issues you're experiencing:

  1. Regarding applying an SCP to a specific account: Yes, it is possible to apply a Service Control Policy (SCP) to a specific account using AWS Budgets. While the console interface might not show this option explicitly, the CloudFormation template allows you to specify a target account ID. This is a valid approach, and you can use the TargetIds parameter in the ScpActionDefinition to specify the account number you want to apply the SCP to.

  2. Concerning the email subscribers not showing up for the second alert: The issue you're experiencing with email subscribers not appearing for the second alert in the console is likely due to a limitation or bug in how the AWS console displays this information. However, this doesn't necessarily mean that the subscribers aren't set up correctly.

    To troubleshoot and verify:

    • Double-check that your CloudFormation stack created successfully without any errors.
    • Use AWS CLI or SDK to describe the budget and its notifications. This might show the correct subscriber information even if the console doesn't.
    • If possible, test the alert by artificially triggering it to see if notifications are sent to both email addresses.

    If the issue persists, you may want to contact AWS support for further assistance, as this could be a console display problem rather than an actual configuration issue.

Remember that AWS services and their console interfaces can sometimes have discrepancies or limitations in how they display information, especially for more complex setups like those created through CloudFormation templates.

Sources
Configuring a budget action - AWS Cost Management
AWS Budgets - AWS Billing and Cost Management
Action - AWS Billing and Cost Management

answered a year ago
EXPERT
reviewed a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content