In today’s world, IT departments are under enormous pressure to deliver more for less. They’re responsible for keeping the lights on and ensuring applications run smoothly. But they also have to do it in the face of mounting costs.

So how can you keep your costs under control while still delivering high-quality services? The answer lies in cost optimization.

In this blog post, I’ll share some tips and best practices that will help you optimize your AWS spending while still delivering excellent service to your users. The key point about the following tips is they don’t need to re-architect your solution.

Table of contents

EC2, RDS, Fargate, Lambda right-sizing

We should use the right type for every EC2 and RDS, and always try to use the latest generation. The newest instance types - typically provide higher efficiency or better performance at a lower price.

The best way to do this on EC2 Instances is by using AWS Compute Optimizer. The AWS Compute Optimizer provides additional recommendations for EC2 instances. For example, it can suggest how to downsize instances across instance families or switch to more powerful instances to avoid performance bottlenecks. It can also provide recommendations for the efficient use of Auto Scaling groups.

The great news is that it also works for EBS, ECS on Fargate and Lambda (always based on your utilization data)

It’s easy to use. However, we need to enable it and wait about 24 hours to collect data.

For RDS, the recommendation is to use the latest instances, and to check Cloudwatch to check the CPU/Mem consumption.

Migrating GP2 volumes to GP3

Migrating GP2 volumes to GP3 will save 20% cost (RDS/EC2). Also, the top performance of gp3 is four times faster than the maximum throughput of gp2 volumes, and you can use gp3 volumes for all use cases in which gp2 volume are suitable.

Volume type	gp3	gp2
Volume size	1 GiB – 16 TiB	1 GiB – 16 TiB
Baseline IOPS	3000	3 IOPS/GiB (minimum 100 IOPS) to a maximum of 16,000 IOPSVolumes smaller than 1 TiB can also burst up to 3,000 IOPS.
Max IOPS/volume	16,000	16,000
Baseline throughput	125 MiB/s	Throughput limit is between 128 MiB/s and 250 MiB/s, depending on the volume size.
Max throughput/volume	1,000 MiB/s	250 MiB/s
Price	$0.08/GiB-month3,000 IOPS free and$0.005/provisioned IOPS-month over 3,000;125 MiB/s free and$0.04/provisioned MiB/s-month over 125MiB/s	$0.10/GiB-month

Migrate a GP2 volume mounted on a EC2 to GP3 using the AWS CLI

> aws ec2 modify-volume --volume-type gp3 -volume-id vol-11111111111111111

The good part is on a EC2 we don’t need to reboot the instance

Remove unused EBS volumes

Orphan EBS volumes can be a significant source of cost in AWS. For example, sometimes we terminate an EC2 and forget to delete the associated EBS.

We could check the unused EBS volumes using the CLI

> aws ec2 describe-volumes --region us-east-1 --filters Name=status,Values=available

After that, we should confirm and delete the unused EBS volumes

Configure S3/EFS/CloudWatchLogs Lifecycle policies

Usually, we use S3 Standard, EFS, and never remove the CloudWatch Logs. We should create a Lifecycle to, for example, move the objects from S3 Standard to Glacier after three months without using them.

The same concept applies to EFS. Amazon EFS lifecycle management automatically manages cost-effective file storage for your file systems. When enabled, lifecycle management migrates files that have not been accessed for a set period of time to the EFS Standard–Infrequent Access (Standard-IA) or One Zone–Infrequent Access (One Zone-IA) storage class, depending on your file system.

Lastly, CloudWatch Logs, by default, logs are kept indefinitely and never expire. You can adjust the retention policy for each log group, keeping the indefinite retention or choosing a retention period between 10 years and one day.

Use Saving plans for EC2/Lambdas/Fargate and RI for RDS

The Savings Plan is a flexible pricing model that lets users use EC2, Lambda, and Fargate at a lower cost, by committing to a continuous usage, measured in terms of USD per hour, for a period of 1 or 3 years. For example, a one-year Savings Plan with no upfront payment plan grants a discount of up to 54%.

Savings Plans apply to compute instances regardless of size, Auto Scaling Group, Availability Zone, or region,

AWS doesn’t have Savings plans for RDS, but we could get Reserved Instances instead.

The good news about both is that we could select No-Upfront payment, only we need to commit to using saving plans or RIs for 1 year or 3, and we could get the discount.

Archive dated and Deleting unnecessary Snapshots

Deleting unnecessary Snapshots

Snapshots generated costs, we should first, delete the unused/old snapshots, for example, listing the old ones,

> aws ec2 describe-snapshots --query "Snapshots[?(StartTime<=`2022-01-31`)].[SnapshotId]" --output text

And after that with the IDs, we could delete them

> aws ec2 delete-snapshot --snapshot-id snap-1234567890abcdef0

Note: You can’t delete a snapshot that is managed by the AWS Backup service using Amazon EC2. Instead, use AWS Backup to delete the corresponding recovery points in the backup vault.

Archive old Snapshots

Another option is to archive the old snapshots instead of delete them.

Amazon EBS Snapshots Archive is a new storage tier that you can use for low-cost, long-term storage of your rarely-accessed snapshots that do not need frequent or fast retrieval.

Amazon EBS Snapshots Archive offers up to 75 percent lower snapshot storage costs for snapshots that you plan to store for 90 days or longer and that you rarely need to access.

By default, when you create a snapshot, it is stored in the Amazon EBS Snapshot Standard tier (standard tier).

You can archive any snapshot that is in the completed state and that you own in your account.

Archived snapshots retain their snapshot ID, encryption status, AWS Identity and Access Management (IAM) permissions, owner information, and resource tags.

For example, using the same snapshot id

> aws ec2 modify-snapshot-tier --snapshot-id snap-1234567890abcdef0 --storage-tier archive

Scheduling shutdown/start instances

In the past, we did this using a Lambda function with a Cloudwatch Events, nowadays it’s pretty easy using Instance Scheduler

The Instance Scheduler on AWS solution automates the starting and stopping of Amazon Elastic Compute Cloud (Amazon EC2) and Amazon Relational Database Service (Amazon RDS) instances.

This solution helps reduce operational costs by stopping resources that are not in use and starting resources when their capacity is needed. For example, a company can use Instance Scheduler on AWS in a production environment to automatically stop instances outside of business hours every day. However, suppose you leave all of your instances running at full utilization. In that case, this solution can result in up to 70% cost savings for those instances that are only necessary during regular business hours (weekly utilization reduced from 168 hours to 50 hours).

Delete unused EIP

How much do Elastic IPs cost? Elastic IPs are free as long as an instance is using them. However, Amazon will charge you $0.005/hr for each EIP that you reserve and do not use.

We could detect the unattached EIPs available using the AWS CLI

> aws ec2 describe-addresses --region us-east-1 --query 'Addresses[?AssociationId==null]'

After that we could release the EIP to avoid keep wasting money

> aws ec2 release-address –-region us-east-1 --allocation-id eipalloc-123456789en

Deleting Idle LoadBalancers

Sometimes we have ELB which are not currently used, every of them generated costs. 1 month ago i discovered in one project about of 15 ELB without traffic or very low trafic (more than 500 usd a month).

You can use AWS Trusted Advisor to identify load balancers with a low number of requests (a good rule of thumb is less than 100 requests in the last 7 days). Reduce costs by removing idle load balancers—you can track overall data transfer costs with Cost Explorer.

If you have only the Free version of Trusted Advisor you could find the Idle ELB with the AWS CLI

1. Get the ELB names

aws elb describe-load-balancers
	--region us-east-1
	--output table
	--query 'LoadBalancerDescriptions[*].LoadBalancerName'

The output is something like that

-------------------------
| DescribeLoadBalancers |
+-----------------------+
|  MyWebStackELB        |
|  MyStressTestELB      |
|  MyLegacyAppELB       |
+-----------------------+

2. Get the metrics from a ELB, looking for a time period.

aws cloudwatch get-metric-statistics
	--region us-east-1
	--metric-name RequestCount
	--start-time 2016-10-04T13:16:00
	--end-time 2016-10-11T13:16:00
	--period 300
	--namespace AWS/EC2
	--statistics Sum
	--dimensions Name=LoadBalancerName,Value=MyWebStackELB

Output:

{
    "Datapoints": [
        {
            "Timestamp": "2016-10-04T13:16:00Z",
            "Sum": 0.0,
            "Unit": "Count"
				}
        ...
    ],
    "Label": "RequestCount"
}

If the sum of the requests made to the Elastic Load Balancer is less than 100, the selected AWS ELB qualifies as candidate for the idle load balancer.

3. Last step, delete it:

aws elb delete-load-balancer
	--region us-east-1
	--load-balancer-name MyWebStackELB

Reducing Transfer cost using CloudFront and VPC Endpoints

Cloudfront

Data Transfer from AWS resources (EC2/S3) to the users generated significant expenditure. Using a Content Delivery Network like CloudFront we could reduce the cost of data transfer out (DTO) to the public internet.

If you use Amazon CloudFront, you don’t pay for data transfer out from Amazon services such as S3, EC2 and ELB, you just pay for data transfer from CloudFront to your users and other costs related to it. This is typically more cost-effective than paying for data transfer from regional services.

VPC Endpoints

A VPC endpoint lets you connect your VPC to supported AWS services privately. As a result, you can optimize the network path by avoiding traffic to internet gateways and incurring the cost associated with NAT gateways, NAT instances, or maintaining firewalls. VPC endpoints also give you much finer control over how users and applications access AWS services. There is no additional charge for using endpoints.

Conclusion

It’s essential to consider what you need to accomplish and select the necessary services/features. You don’t need to replace your existing tools or processes to keep costs down and do more with less. Sometimes, all you need to do is optimize them.

In my experience with these easy tasks, I reduced AWS bills by up to %50 in a few weeks.

This is pretty much the whole first part, I’ll write more advanced topics about how to do Cloud Cost Optimization.

References

• https://aws.amazon.com/blogs/storage/migrate-your-amazon-ebs-volumes-from-gp2-to-gp3-and-save-up-to-20-on-costs/
• https://aws.amazon.com/solutions/implementations/instance-scheduler-on-aws/
• https://docs.aws.amazon.com/solutions/latest/instance-scheduler-on-aws/welcome.html
• https://aws.amazon.com/savingsplans/
• https://aws.amazon.com/premiumsupport/knowledge-center/trusted-advisor-cost-optimization/
• ⁠https://www.cloudforecast.io/blog/aws-rds-pricing-and-optimization/
• https://aws.amazon.com/compute-optimizer/
• https://aws.amazon.com/blogs/mt/controlling-your-aws-costs-by-deleting-unused-amazon-ebs-volumes/
• https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html
• https://docs.aws.amazon.com/efs/latest/ug/lifecycle-management-efs.html
• https://aws.amazon.com/rds/reserved-instances/
• https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-deleting-snapshot.html
• https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/working-with-snapshot-archiving.html
• https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-archive.html
• https://www.trendmicro.com/cloudoneconformity/knowledge-base/aws/ELB/idle-elastic-load-balancer.html