We’ll be discussing common ways AWS costs can skyrocket, and a couple of AWS bill horror stories too. We’ll also go through what you can do to keep costs in check and how Divio can help you manage your AWS spend.
Here’s what we’ll be discussing:
What Causes Unexpected AWS Costs?
Common Examples of Spiraling AWS Costs
How to manage AWS costs
How Divio can help you
The main reason that AWS costs suddenly increase is a simple lack of visibility. It’s easy to lose track of what services are being used. And, as AWS bills are itemized individually, it’s easy to lose track of how much everything costs.
Here’s five of the most common causes of AWS costs skyrocketing, all due to a lack of visibility.
AWS offers a huge amount of functionality. As such, different teams will want to use it for different purposes. However, AWS can easily get out of hand if tasks aren’t kept in budget. However, teams need to recognise that keeping to a budget is important. If this isn’t communicated, it won’t be a priority.
All teams who have a stake in using cloud services should recognise the importance of keeping costs down. It should be a shared, business-wide objective.
Also known as shadow IT activity, new AWS services may be implemented without going through the correct sign off procedures. As such, the cost implications of the service may not be fully understood. This can cause it to skyrocket.
Experimenting with AWS services can have a similar impact as the above. Without understanding how much they cost, cloud services rack up a hefty bill.
It’s easy to have AWS services activated that no one in your organisation is actually using. These services cost money, and as we can see from the stories below, can land users with an eye-watering bill. Here are some examples of what can happen:
This horror story on Reddit details how an AWS user was unwittingly charged $60K. The reason? They were working on a AWS Relational Database Service (RDS) task and forgot to close it. This task was left open for three months—despite it not being used—and ended up racking up a hefty bill.
This Reddit horror story shows what can happen if you overprovision resources on AWS. They set a redis instance that was too big for the project in question. They landed a $1500 bill for something that wasn’t even fully used.
As these stories show, unused resources can really drive up AWS costs. Let’s get specific with what common resources are the main offenders for this.
Elastic Block Storage (EBS) is an AWS data storage solution. You can set these to have different storage volumes. However, you’ll still be charged for the designated volume of an EBD even if you aren’t using it.
EBS snapshots are recovery points—think of these as similar to video game saves. They can be useful if any data is lost or needs to be recovered. However, these snapshots can rack up costs if they’re not routinely monitored. You may have a bunch of snapshots that you don’t need but are still being charged for.
An elastic IP is a static IP address that is associated with your AWS account. These are normally free, but can start incurring charges when:
You assign more than one elastic IP to an AWS virtual server (an instance)
The elastic IP isn’t assigned to an EC2 instance
The instance isn’t running
The elastic IP has remapping limits. When an instance has failed, and the elastic IP gets mapped onto another instance to mask the failure. If this happens more than 100 times in one month, you’ll get charged.
The elastic IP becomes unattached from an instance and is not released from your account.
AWS offers free trials and free limits for some of its services. However, after these expire or are exceeded, you will be automatically billed for these.
AWS allows you to disable particular regions. Doing so can save money. However, if you have resources in a particular region you have disabled, you’ll still be charged for them.
With AWS, you have the option to stop (or pause) any EC2 instances you aren’t using. However, you’ll still be charged for its storage.
Both AWS OpsWatch and CloudWatch are AWS services. OpsWatch helps users create AWS resources, and CloudWatch allows them to monitor how they are using the services. However, both of these can incur costs.
If OpsWatch resources aren’t terminated after you have used them, they automatically restart. When this happens, you’ll continue to be charged for them.
CloudWatch has set limits for customising reports. This includes specific metrics, alarms and dashboards. If these are exceeded, you’ll be footed with a bigger bill.
Are you getting your money’s worth with any Saving Plans or Reserved Instances you are using? These can be great money saving plans, but only if you maximise everything you have access to. If you’re not using these to their fullest potential, you may want to reconsider.
Retrieving, transferring and requesting data can be a big cost. However, this can be frequently overlooked. Make sure anything with a large filesize will not be repeatedly retrieved and transferred by every single user.
Your AWS account being hacked can really get costs spiraling. Here’s some real-life examples of this happening to unsuspecting AWS users:
This horror story on Reddit shows what can happen if an AWS account gets hacked. The person set up a free trial, but then forgot about their account. This account got hacked, and the perpetrator ran up a $20,000 bill.
Another AWS horror story on Reddit details how someone accidentally published credentials on Github. These were used to access their AWS account, and landed them a $14,000 bill. The lesson here? Keep AWS security credentials and APIs under lock and key, especially if you’re using public repositories.
This Twitter horror story is pretty eye watering. The AWS user’s account got hacked. The perpetrator ended up footing them with a $45,000 bill, having used a bash Lambda script. This was used to mine Crypto. To add insult to injury, the phone support to resolve this would have cost $2,000–3,000. Ouch!
You want to ensure that you are only paying for what you are using, and nothing more. Here’s a breakdown of what you need to keep an eye on to keep costs in check.
Be familiar with where unexpected costs can come from
Get all teams and stakeholders on the same page regarding cost management
Implement sign off protocols for AWS experiments
Make sure there’s a clear understanding of various configuration settings involved and identity and access management (IAM)
Monitor all AWS services being used
Review all AWS services, ensuring you only pay for what you are using
Have security protocols in place to reduce the risk of hacking
Place budget caps for all services being used
Set report limits for CloudWatch customisations
Turn on AWS alert systems for different types of usage limits and trial expiry dates
Set a policy to detect and automatically delete unused EBS storage
Set a policy to retain a certain number of EBS snapshots or automatically delete snapshots after a set number of months
Close resources that are no longer being used
Terminate any unused EC2 instances
Terminate OpsWatch when finished using it
Ensure all locked regions have their resources removed
Divio has been developed to help you easily manage your AWS costs. Our cloud management platform ensures you only pay for the AWS services that you use and provides a straightforward interface for all your deployment and maintenance needs. Our easy-to-use product means you no longer have to worry about surprise AWS bills. Our cost optimisation services go a step further and even save our clients up to 60% on their cloud costs. Reach out to us to learn how we can help.