Introduction
AWS bills have a way of creeping up. What starts as a lean cloud deployment grows into a sprawling estate of oversized instances, forgotten resources, and default configurations that quietly bleed money. In our experience managing AWS infrastructure for dozens of clients, we see the same ten mistakes repeated over and over.
This guide covers the most common areas of AWS overspending and gives concrete steps to fix each one. Most of these changes can be implemented in a single afternoon.
1. Oversized EC2 Instances
The single biggest cost savings opportunity. Most workloads use a fraction of the CPU and memory allocated to them.
Action plan:
- Enable AWS Compute Optimizer across all accounts.
- Review CloudWatch metrics: if average CPU is below 20% over 30 days, the instance is oversized.
- Downsize one instance family step at a time (e.g., m6i.xlarge to m6i.large).
- Consider Graviton (arm64) instances for a 20% price reduction with comparable or better performance.
# Check average CPU utilization for all instances
aws cloudwatch get-metric-statistics \
--namespace AWS/EC2 \
--metric-name CPUUtilization \
--start-time 2026-02-15T00:00:00Z \
--end-time 2026-03-15T00:00:00Z \
--period 86400 \
--statistics Average \
--dimensions Name=InstanceId,Value=i-0abc123def456
2. On-Demand Instead of Reserved or Savings Plans
Running stable, predictable workloads on On-Demand pricing is like renting a hotel room by the night when we could sign a lease.
- Savings Plans offer up to 72% discount with a 1- or 3-year commitment to a dollar-per-hour spend level.
- Reserved Instances offer similar discounts but are tied to specific instance types and regions.
- Start with Compute Savings Plans for flexibility, then layer in EC2 Reserved Instances for well-known workloads.
3. S3 Without Lifecycle Policies
Data only grows. Without lifecycle policies, we pay S3 Standard prices for data that has not been accessed in months or years.
{
"Rules": [
{
"ID": "Transition to IA after 30 days",
"Status": "Enabled",
"Filter": {},
"Transitions": [
{ "Days": 30, "StorageClass": "STANDARD_IA" },
{ "Days": 90, "StorageClass": "GLACIER_IR" },
{ "Days": 365, "StorageClass": "DEEP_ARCHIVE" }
],
"Expiration": { "Days": 730 }
}
]
}
Enable S3 Storage Lens for visibility into access patterns before setting transition rules.
4. Unused Elastic IPs
An Elastic IP that is not associated with a running instance costs approximately $3.60/month. Across dozens of accounts, these add up.
# Find unattached Elastic IPs
aws ec2 describe-addresses \
--query 'Addresses[?AssociationId==null].[PublicIp,AllocationId]' \
--output table
Release any that are not needed.
5. NAT Gateway Data Processing Fees
NAT Gateways charge $0.045 per GB of data processed on top of the hourly fee. For workloads pulling large amounts of data from the internet (container image pulls, package downloads), this adds up fast.
Alternatives:
- Use VPC endpoints for AWS services (S3, DynamoDB, ECR) to bypass the NAT Gateway entirely.
- Pull container images from ECR via a VPC endpoint instead of through the NAT.
- Consider a NAT instance for lower-throughput workloads.
6. Oversized RDS Instances
The same oversizing problem applies to databases. Multi-AZ deployments double the cost, and many staging or development databases do not need them.
- Right-size based on actual CPU, memory, and IOPS metrics.
- Use Aurora Serverless v2 for variable workloads that scale to zero.
- Stop non-production RDS instances outside business hours.
# Stop a development database at 7 PM, start at 7 AM
aws rds stop-db-instance --db-instance-identifier dev-db
7. EBS Volumes with No Attachments
When an EC2 instance is terminated, its EBS volumes may persist. These orphaned volumes cost money for storage we are not using.
# Find unattached EBS volumes
aws ec2 describe-volumes \
--filters Name=status,Values=available \
--query 'Volumes[].[VolumeId,Size,CreateTime]' \
--output table
Snapshot anything valuable, then delete the orphaned volumes.
8. CloudWatch Logs Without Retention
By default, CloudWatch Logs never expire. Over months, log storage costs grow substantially.
# Set retention to 30 days for all log groups
for lg in $(aws logs describe-log-groups --query 'logGroups[].logGroupName' --output text); do
aws logs put-retention-policy --log-group-name "$lg" --retention-in-days 30
done
For long-term log archival, export to S3 with lifecycle policies instead.
9. Idle Load Balancers
Application Load Balancers charge a base fee of about $16/month plus LCU charges. An ALB with no traffic behind it is pure waste.
# Find ALBs with zero healthy targets
aws elbv2 describe-target-health \
--target-group-arn arn:aws:elasticloadbalancing:... \
--query 'TargetHealthDescriptions[?TargetHealth.State!=`healthy`]'
10. Not Using Spot Instances for Batch and CI/CD
Spot Instances offer up to 90% discount for interruptible workloads. CI/CD pipelines, batch processing, data analysis, and dev/test environments are all excellent candidates.
# Launch a spot instance for CI
aws ec2 run-instances \
--instance-type m6i.large \
--instance-market-options '{"MarketType":"spot","SpotOptions":{"MaxPrice":"0.05"}}' \
--image-id ami-0abcdef1234567890
Conclusion
AWS cost optimization is not about cutting corners. It is about eliminating waste so that every dollar spent delivers value. We recommend scheduling a monthly cost review where the team walks through the AWS Cost Explorer, checks for the ten items above, and takes action. Even small teams can save thousands of dollars per year by being intentional about resource usage.