Skip to content

Bill splitting scheme

To meet the needs of bill splitting when multiple projects share resources, and to satisfy management precision and isolation requirements in different scenarios, three types of solutions have been formed. Each solution differs significantly in operational logic, scope of application, and functional characteristics:

1. Isolation Solution Based on Resource Groups

Core Logic: Realize the binding of projects and resources through the division of resource groups. Resources of different projects are classified into corresponding resource groups. Projects only call resources within their own resource groups, and the system will automatically aggregate various expenses by resource group to generate independent bills.

Operation Points:

  • Administrators need to create resource groups in the console and clearly define the project name corresponding to each resource group;

  • Regularly move newly added resources into corresponding resource groups according to project ownership to ensure the accuracy of resource classification;

  • After bills are generated, the cost details of the target project can be quickly filtered through resource group labels.

Advantage Analysis:

  • The configuration threshold is extremely low. There is no need for complex permission allocation processes, and daily management can be completed only by mastering basic operations of resource groups;

  • Resource groups support dynamic adjustment. When the resource requirements of a project change, resources can be flexibly migrated between different groups without affecting historical bill data.

Disadvantage Limitations:

  • Resource isolation only stays at the logical level, lacking technical access restrictions. If personnel of a project obtain the resource endpoint of another resource group through informal channels, they can still initiate calls, leading to deviations in cost attribution;

Applicable Scenarios:

  • Small teams or start-up projects where there is a high level of trust among team members and no strict permission control is required;

  • Situations where only a preliminary calculation of the cost of each project is needed as a reference for budget allocation.

2. Isolation Solution Based on Sub-accounts

Core Logic: Take sub-accounts as the unit for expense statistics. Configure independent sub-accounts for each project. All resource calling behaviors of the project are executed through sub-accounts. The system will record the operation trajectory of each sub-account and the corresponding resource consumption, and finally generate expense bills by sub-account.

Operation Points:

  • The main account needs to create sub-accounts for each project in the user management module;

  • When a sub-account calls resources, the system will automatically count the cost of the called resources to ensure the accuracy of cost attribution.

Advantage Analysis:

  • The accuracy of expense statistics is high, which can accurately track the cost of each resource call of each project, facilitating cost analysis and budget control;

  • Bill data is linked with sub-account operation logs, making it easy for the audit department to trace the specific reasons for the generation of expenses.

Disadvantage Limitations:

  • Resource visibility is not isolated. After all sub-accounts log in to the console, they can view all resource information in the system, posing a risk of information leakage;

Applicable Scenarios:

  • Scenarios with high requirements for expense accounting accuracy but strong demand for resource sharing between projects;

  • Situations where there are unified resource management specifications within the team and sub-account users have good operating discipline;

  • Scenarios where cross-project resource scheduling is required frequently and it is not desired that isolation settings affect work efficiency.

3. Isolation Solution Combining Workspace and Sub-accounts

Core Logic: Construct a two-layer isolation system of "workspace + sub-account". Each project corresponds to an independent workspace with an exclusive sub-account; the main account assigns permissions to sub-accounts through the console to only access the corresponding workspace. Resources in the workspace are deployed independently and do not communicate with each other. Bills can be counted in both workspace and sub-account dimensions.

Operation Points:

  • The main account needs to first create a workspace and configure an independent environment;

  • Create an exclusive sub-account for each workspace, and strictly limit the operation scope of the sub-account through the permission matrix, allowing access only to resources within the workspace;

  • When deploying resources, the affiliated workspace will be clearly specified to ensure the boundary of resource isolation;

Advantage Analysis:

  • Achieve complete isolation of resources, including resource/log viewing and resource calling, technically eliminating the possibility of cross-project resource calling;

  • The bill statistics dimension is flexible. It can view the overall cost of the project by workspace, or analyze the cost generated by specific operations by sub-account, meeting management needs at different levels;

  • Compliant with equal protection requirements. For projects involving sensitive data, potential risks of data leakage can be reduced through strict isolation settings.

Disadvantage Limitations:

  • The configuration process is complex, requiring the main account to complete multiple operations such as workspace creation, sub-account configuration, permission allocation, and resource deployment to multiple workspaces, which has high requirements for the professional ability of administrators;

Applicable Scenarios:

  • Group enterprises where various business lines or subsidiaries are independent accounting units and projects have high information sensitivity;

  • Scenarios with long project cycles, large scales, extremely high requirements for resource stability and security, and no tolerance for potential risks caused by resource sharing. ```