Merge pull request #182 from vantage-sh/random-updates

Random Fixes and Site Updates

docs/connecting_gcp.md

@@ -43,23 +43,30 @@ If your GCP billing data is typically displayed in a currency other than USD, Va
 
 Open a new browser tab, and navigate to the [Vantage GCP Settings page](https://console.vantage.sh/settings/gcp). You should see your customer-specific service account displayed at the top of the integration page. Keep this page open.
 
-### Step 1: Grant the Vantage Service Account Permission to Access BigQuery {#service-account-permissions}
+### Step 1: Grant the Vantage Service Account Permission to Access BigQuery and Active Resources {#service-account-permissions}
 
-Back in GCP, navigate to the [IAM console](https://console.cloud.google.com/iam-admin/iam), and complete the steps below to grant the Vantage service account permission to access BigQuery.
+Back in GCP, navigate to the [IAM console](https://console.cloud.google.com/iam-admin/iam), and complete the steps below to grant the Vantage service account permission to access BigQuery. To enable [active resources](/active_resources), you must also grant the **Viewer** role to the Vantage GCP service account. This role allows read-only access to all resources in the project, enabling Vantage to gather data on active resources.
+
+:::info
+For a list of all supported GCP active resources, see the [GCP Supported Services](/gcp_supported_services) documentation.
+:::
 
 1. At the top of the IAM console, select the project that hosts the BigQuery dataset with your Cloud Billing export data.
-2. Configure the following permission:
+2. Configure the following permissions:
    - In the center of the page, under **Permissions for project "My Project ABCD"**, click **+ GRANT ACCESS**.
    <details><summary>Expand to view example image</summary>
    <div>
    <img alt="GCP project permissions menu" width="80%" src="/img/connect-gcp/gcp-project-permissions-menu.png"/> </div>
    </details>
    - In the **New principals** field, under **Add principals**, paste the value for your Vantage service account. This value is the one displayed on the [Vantage GCP Integration page](https://console.vantage.sh/settings/gcp) you opened earlier.
    - In the **Role** field, under **Assign roles**, search for and select **BigQuery Job User**.
+   - Click **+ ADD ANOTHER ROLE**.
+   - Under **Assign roles**, click **Basic** and select the **Viewer** role from the **Role** list. This adds the role needed for active resources. 
    <details><summary>Expand to view example image</summary>
    <div>
    <img alt="Grant GCP project access" width="80%" src="/img/connect-gcp/gcp-grant-project-access.png"/> </div>
    </details>
+
 3. Click **SAVE**.
 
 ### Step 2: Grant the Vantage Service Account Permission to Access the BigQuery Dataset {#bigquery-permissions}
@@ -117,31 +124,6 @@ Keep BigQuery open in one of your browser tabs. Go back to the [Vantage GCP Inte
 It typically takes a few hours for data to start appearing. Cloud Billing data is added retroactively for the current and previous month when detailed usage cost data is configured. Full data for the current and previous month can take 24–48 hours to fully propagate.
 :::
 
-### Step 4: Add Support for Active Resources {#gcp-active-resources}
-
-To enable [active resources](/active_resources), you must grant the Viewer role to the Vantage GCP service account. This role allows read-only access to all resources in the project, enabling Vantage to gather data on active resources.
-
-:::info
-For a list of all supported GCP active resources, see the [GCP Supported Services](/gcp_supported_services) documentation.
-:::
-
-1. Open the **IAM Console**.
-2. At the top, select the project where you want to enable active resources. You will need to enable active resources on a per-project basis.
-3. In the center of the page, under **Permissions for project "Your Project Name"**, click **+ GRANT ACCESS**.
-   <details><summary>Expand to view example image</summary>
-   <div>
-   <img alt="Add permissions for project" width="80%" src="/img/connect-gcp/active-resources-1.png"/> </div>
-   </details>
-4. Under **Add principals**, add the Vantage GCP service account displayed on the Vantage console integration page.
-5. Under **Assign roles**, click **Basic** and select the **Viewer** role from the **Role** list. 
-   <details><summary>Expand to view example image</summary>
-   <div>
-   <img alt="Add viewer role for service account" width="80%" src="/img/connect-gcp/active-resources-2.png"/> </div>
-   </details>
-6. Click **SAVE**.
-
-Repeat these steps for each project where you want to enable active resources, and ensure the Vantage GCP service account is added to all relevant projects.
-
 ### Next Steps: Manage Workspace Access
 
 Once your costs are imported, select which workspaces this integration is associated with. See the [Workspaces](/workspaces#integration-workspace) documentation for information.

docs/kubernetes_agent.md

@@ -36,6 +36,14 @@ At this time, the agent does not support custom rates for on-premises servers. N
 
 As long as the cost data for an underlying cluster instance is ingested into Vantage via a cloud integration, it is possible to calculate the corresponding pod costs.
 
+### Google Kubernetes Engine (GKE) Autopilot {#gke-autopilot}
+
+For [GKE Autopilot](https://cloud.google.com/kubernetes-engine/docs/concepts/autopilot-overview) users, you don’t need to install the agent. These costs will already be present under **Cost By Resource** for the **Kubernetes Engine** service in a [Cost Report](/cost_reports).
+
+<div style={{display:"flex", justifyContent:"center"}}>
+    <img alt="GKE Autopilot filters on a Cost Report" width="80%" src="/img/gke-autopilot.png" />
+</div>
+
 ## Install Vantage Kubernetes Agent {#install-vantage-kubernetes-agent}
 
 ### Prerequisites {#prerequisites}

docs/network_flow_reports.md

@@ -40,6 +40,18 @@ See the [AWS documentation](https://docs.aws.amazon.com/vpc/latest/userguide/flo
 
 When you enable VPC Flow Logs, you incur both S3 storage costs and CloudWatch data ingestion costs on your AWS bill. These charges are represented in the costs for the S3 bucket where your flow logs are written to as well as an `S3-Egress` fee from CloudWatch. Unfortunately, there is no way around these costs being incurred. Vantage has contacted various AWS platform teams to attempt to remove this cost, but this is likely a limitation that AWS is unwilling to change or remove.
 
+These logs are considered [Vended Logs](https://aws.amazon.com/cloudwatch/pricing/#Vended_Logs). You can create a [Cost Report](/cost_reports) that monitors these charges:
+
+- Set **Provider** to **AWS**.
+- Set **Subcategory** to **AmazonCloudWatch contains VendedLog**.
+
+Note that Vended Logs can include other cost sources besides VPC Flow Logs, but you can expect an increase in those costs after enabling them. The filters for this Cost Report are provided below.
+
+<div style={{display:"flex", justifyContent:"center"}}>
+<img alt="Cost Report with filters for Vended Logs" width="80%" src="/img/vended-logs.png" />
+</div>
+<br/>
+
 :::info
 For more information about VPC Flow Logs pricing, see this [Cloud Cost Handbook article](https://handbook.vantage.sh/aws/services/vpc-flow-logs-pricing/).
 :::
@@ -49,6 +61,9 @@ For more information about VPC Flow Logs pricing, see this [Cloud Cost Handbook
 1. From the top navigation bar, click **Active Resources**.
 2. From the side navigation bar, select **Network Flow Reports**.
 3. Click **Configure VPC Flow Logs**.
+   :::note
+   See the [Troubleshooting](/network_flow_reports#troubleshooting) section if you are running into issues with seeing some of your flow logs on the onboarding workflow.
+   :::
 4. All flow logs that have been synced as active resources in Vantage are displayed in the left panel of the onboarding workflow. Click the checkbox next to any listed flow log to select all log files. You can also click the down arrow to the right of any flow log and select or deselect specific log files listed.
    :::tip
    If you do not see specific flow log files, check whether they are [synced as active resources](https://console.vantage.sh/resources/new?filter={"||"%3A[{"^"%3A[{"%3D"%3A["provider_id"%2C1]}%2C{"||"%3A[{"%3D"%3A["type"%2C"ProviderResource%3A%3AAws%3A%3AVpcFlowLog"]}]}]}]}&resource_type=ProviderResource%3A%3AAws%3A%3AVpcFlowLog&title=VPC+Flow+Logs) in Vantage. Ensure that all accounts where there are flow logs have [active resources enabled](/active_resources/#aws-active-resources) in Vantage.
@@ -91,6 +106,18 @@ When you click **Check Permissions** during the onboarding process, an error is
 
 An error is displayed for buckets that are encrypted with AWS Key Management Service (KMS). You will need to either remove encryption on these buckets or provide Vantage the necessary permissions to decrypt (i.e., `kms:Decrypt`).
 
+#### No Logs Displayed
+
+You may see a message indicating _No VPC flow logs with log destination found. If you have recently created these resources it may take up to 24 hours for Vantage to sync the metadata._ Wait at least 24 hours if you recently created new resources. This can also be an issue if you have not enabled active resource syncing. To enable syncing:
+
+1. Navigate to the [Workspaces](https://console.vantage.sh/settings/workspaces) section of the console.
+2. Select the workspace your AWS integration is set up.
+3. At the top, ensure **Active Resource Syncing** is turned on.
+
+<div style={{display:"flex", justifyContent:"center"}}>
+<img alt="Active Resource Syncing in the Workspaces UI" width="80%" src="/img/active-resource-sync.png" />
+</div>
+
 ### Manage Existing Integrations
 
 You can view your integration status and add additional flow logs from the [VPC Flow Logs integration](https://console.vantage.sh/settings/aws?vpc_flow_logs=true) page. At the top of the **Manage Connected VPC Flow Logs** panel, click **Manage**. The **Manage Flow Logs** pop-up window is displayed. After the initial import, you can perform the following actions from this window:
@@ -120,6 +147,7 @@ Follow the steps below to create a new Network Flow Report:
    </div>
    - In the table below the diagram, the network flow information is displayed along with the volume of traffic (in bytes). The table is sorted in descending order by the **Estimated Cost** column. Click any column header to change the sort order. Each flow shows the estimated cost associated with that specific traffic route, helping you identify the most expensive data transfers. (See the [section below](/network_flow_reports#estimated-cost) for details on how the Estimated Cost column is calculated.)
    - For each listed resource, a link to the [**Active Resources** screen](/active_resources) is provided. Click this link to view additional metadata about the resource. From the **Active Resources** screen, click the **Relationships** tab to view any associated resources, such as a corresponding IGW for a VPC resource.
+
 5. You can update the criteria displayed in the Sankey diagram with the following options:
    - By default, both egress and ingress traffic are displayed. Expand the **Flow Direction** menu above the diagram to change the flow to only **Egress** or **Ingress**.
    - From the top right of the diagram, update the date range that’s displayed. Click the calendar icon and select an option, such as **Last 7 Days**, **This Month**, etc.
@@ -399,7 +427,7 @@ To add additional columns to the table and diagram, expand the **Group By** menu
     </div>
 </div>
 
-###  Adjust Flow Weight {#flow-weight}
+### Adjust Flow Weight {#flow-weight}
 
 By default, the Sankey diagram is weighted by estimated cost. You can change this view to be weighted by bytes, or volume. Above the chart, click the **Flow Weight** menu and select **Costs** or **Bytes**. The Sankey diagram is updated accordingly. When you hover over a flow, the corresponding cost or volume in bytes is displayed in the tooltip.
 

docs/report_notifications.md

@@ -42,7 +42,7 @@ Vantage users can add Vantage to their team's Slack account in a specific channe
   </div>
 </details>
 
-To add the integration to a private channel, add the Vantage app with `/invite @Vantage`. See the [Set Up Cost Report Notifications](/report_notifications#create-notifications) section for instructions on how to set up notifications for specific reports.
+To add the integration to a private channel, open the channel in Slack, create a new message in the channel, and type `/invite @Vantage`. See the [Set Up Cost Report Notifications](/report_notifications#create-notifications) section for instructions on how to set up notifications for specific reports.
 
 ## Set Up Microsoft Teams Integration {#ms-teams}