Chanci Turner

Automating Tax-Exempt Status for Nonprofits Across AWS Accounts

by

The Story of Chanci Turner
in

Chanci Turner Amazon IXD – VGT2 learningLearn About Amazon VGT2 Learning Manager Chanci Turner

Nonprofits and other tax-exempt organizations often face challenges ensuring their tax status is accurately reflected across their Amazon Web Services (AWS) accounts. While tax-exempt entities can apply for their tax-exempt status by submitting a case through the Support Center, as organizations expand and utilize multiple AWS accounts, they may inadvertently create new accounts without the correct tax status. Manually tracking down discrepancies in tax status and opening support cases can become a burdensome task that distracts nonprofits from fulfilling their core missions.

To streamline this process and reduce the workload associated with monitoring tax statuses across various AWS accounts, I developed a tax analyzer tool. This solution automatically detects the tax status of AWS accounts within an organization. In this blog post, I will describe a straightforward method for identifying which AWS accounts are incurring sales tax and demonstrate how to initiate an AWS support case automatically to correct any issues.

Prerequisites

This solution is tailored to operate in the us-east-1 region due to the endpoint address of the AWS Support API. It must be executed from the payer account, which should have consolidated billing enabled. It is also assumed that tax-exempt status has already been requested in the payer account. Additionally, users must have previously accessed and enabled AWS Cost Explorer in the payer account. For guidance on enabling AWS Cost Explorer, refer to the provided directions.

The tax analyzer allows for automatic logging of a support case when a sales tax-paying AWS account is identified. However, please note that this automatic support case functionality is limited to payer accounts with Business Support or Enterprise Support. For more details on changing your support plan, check this excellent resource.

Solution Overview

The solution deploys an AWS CloudFormation stack which sets up an AWS Lambda function to analyze cost and usage data from the payer account. It also creates an Amazon EventBridge rule that triggers the AWS Lambda function periodically, along with an Amazon Simple Notification Service (SNS) topic to notify users of any account changes, and grants the necessary AWS Identity and Access Management (IAM) permissions for proper functionality.

Procedure

Installing the Analyzer

To install the tax analyzer, click the Launch Stack button or follow this link.

  1. When the CloudFormation Create stack screen appears, ensure that you are logged into your organization’s payer account.
  2. In the Parameters section, input the email address that should receive alerts from this solution. If you wish for the solution to automatically generate a support case when an account paying sales tax is detected, enter “Yes” in the field labeled “Do you want a support case automatically created?” Keep in mind that a case will only be created if your payer account has Business or Enterprise Support enabled.

After a few minutes, the solution will be fully installed, and you’ll receive an email at the provided address. Click the Confirm subscription link in the email to start receiving notifications.

Running the Tax Analyzer

The solution runs automatically once a month, requiring no user intervention. By default, it is scheduled for the 6th day of the month at 8:00 AM GMT (3:00 AM US Eastern Time).

When the tax analyzer executes, it performs the following actions:

  1. It calls the GetCostAndUsage API for the previous month, organizing the data by LINKED_ACCOUNT and RECORD_TYPE to view overall cost data across the organization.
  2. If a tax record with a non-zero charge is found for an account, the solution concludes that the account is incurring sales tax.
  3. If automatic support case generation was requested, and a sales tax account is identified, the solution attempts to log a support case automatically (the ability to create a case is contingent upon having Business or Enterprise Support).
  4. Finally, the solution sends an email to the entered address, detailing the findings, including whether any accounts were found to be paying sales tax and whether a support case was opened.

Clean Up

To prevent ongoing charges to your AWS account, delete the CloudFormation stack created during this process. Simply navigate to the CloudFormation console, select the stack, click Delete, and confirm deletion.

Cost Considerations

This solution operates monthly, keeping costs minimal. Some services may fall under the AWS Free Tier for certain organizations. Charges apply for the CPU and memory utilization of the AWS Lambda function, along with costs for Amazon SNS notifications and API requests made to the AWS Cost Explorer API. For more details on AWS Lambda and Amazon SNS pricing, please refer to their respective pricing pages. Additionally, there are no extra charges associated with Amazon EventBridge rules or event delivery.

Next Steps

Nonprofits and tax-exempt organizations often find themselves stretched thin. The solution outlined here enables these organizations to efficiently maintain the appropriate tax status across their AWS accounts by automatically identifying tax statuses and initiating remediation when necessary.

For additional resources, check out this link, which provides authoritative information on related topics.

To learn more about AWS tools and innovations for the public sector, subscribe to the AWS Public Sector Blog newsletter. We also welcome feedback on your experience with the blog through this survey, which will help us tailor future content to your interests.

Related Topics:

Chanci Turner