Cristian Magherusan · ex-AWS engineer · [email protected]

Nine Cost Leaks, $988,000 a Year

A US FinTech company. $3 million a year in AWS spend. Over seven months, I found and plugged $988,000 in annual cost leaks.

Big number. Vague story. "Contact us to learn more." You've probably heard claims like that before and stopped believing them a long time ago. Fair enough.

So forget the total. Look at the list.

Nine separate things, each a specific change with a specific dollar amount:

1. Databases still running for a client that had cancelled - $378,000 a year. RDS databases built for a customer who left. The relationship ended. The databases didn't. They kept running and the former client kept hammering them with traffic nobody was paying for. An attention problem, not a knowledge problem. Found and decommissioned in week one. (Checklist item #24)

2. RDS Reserved Instances covering the steady baseline - $161,000 a year. After rightsizing the RDS fleet and cleaning up zombie databases, I purchased RIs on what was left after the cleanup. Shrink first, then commit - the same principle as the ElastiCache work. (Checklist item #39)

3. IO1 volumes moved to GP3 after fixing a code performance issue - $156,000 a year. The high IOPS that justified IO1 in the first place were caused by a performance problem in the application code. The team fixed the bug. The IOPS dropped. The volumes migrated to GP3. The infrastructure cost was a symptom of a code problem. (Checklist item #11)

4. Aurora Serverless converted to Provisioned - $125,000 a year. Fifteen months of capacity data showed flat usage. No spikes, no bursts - just steady load paying the serverless premium for scaling it never used. Converted to provisioned R7g instances. Performance actually improved. (Checklist item #22)

5. ElastiCache rightsized and converted from Redis to Valkey - $86,000 a year. Over 200 Redis clusters. Rightsized first, then converted to Valkey, then RIs purchased on about 80% of what was left. Sequence matters. (Checklist items #27, #28)

6. Unattached EBS volumes and old snapshots deleted - $27,000 a year. Volumes with no servers attached, most of them never even formatted. Some over 1TB each. Plus old snapshots nobody needed. A tool that mounts and inspects each volume confirmed they were empty or contained only OS files. (Checklist item #13)

7. RDS audit log CloudWatch export config trimmed - $23,000 a year. Logging configuration that was generating more data than anyone was using. (Checklist item #29)

8. Cross-region RDS RI converted to match current deployments - $18,000 a year. Reserved Instances purchased for a region that no longer matched where the databases were actually running. (Checklist item #41)

9. CloudWatch Logs ingestion for WAF and VPC flow logs moved to S3 - $14,000 a year. A VPC flow log with 2TB of data, costing $8,000 a year by itself. Plus WAF logs using the most expensive ingestion class. Configuration changes on a handful of resources. (Checklist item #37)

Each item maps to a specific entry on my 49-item cost leak avoidance checklist. Each has a story behind it. Some are obvious in hindsight - databases running for a cancelled client, of course that's waste. But someone had to look.

Most of these aren't the kind of thing that shows up on a dashboard or gets flagged by an automated tool. They required someone who knows where cost leaks hide to go find them, one by one.

Seven months. Nine cost leaks. $988,000 a year in savings, on a $3 million annual spend. That's roughly a third of the entire AWS bill.

The individual items range from $14,000 to $378,000. The fixes range from deleting a forgotten database to migrating storage tiers to purchasing RIs on a rightsized fleet. Some took days. Some took hours. One - the zombie databases - took about as long as it takes to click "delete" and confirm.

The total is impressive. But the total isn't the point. The point is that each one is a specific, verifiable change. No hand-waving, no "estimated potential savings," no dashboards with green checkmarks. Just a list of things that were costing money and shouldn't have been.