AWS Cost Optimization: Real Strategies That Cut Our Bill
AWS Cost Optimization: Real Strategies That Cut Our Bill explains the architecture choices behind FinOps work and how to apply them with fewer costly mistakes.
AWS Cost Optimization for Startups: Real Strategies That Cut Our Bill by 53%
Consolidated from real AWS cost analysis, auditing, and optimization sessions. All account-specific identifiers replaced with placeholders.
Cost Focus 1: How to keep this maintainable at scale for predictable operations (Aws Cost Optimization)
This article documents practical AWS cost optimization strategies applied to a production web application running on ECS Fargate, ALB, and RDS PostgreSQL — taking projected monthly costs from ~$183/month down to ~$85/month through methodical analysis and incremental changes.
Editorial review note for Aws Cost Optimization #73
This section was reviewed by a human editor to keep the recommendations actionable and technically grounded. Reviewed by: Med Amine Mahmoud. Last editorial review: 2026-05-26T16:10:01Z.
Cost Focus 3: Risk controls worth enforcing early for cleaner ownership (Aws Cost Optimization)
Default retention: forever (costs grow indefinitely).
# Set 7-day retention on dev, 30-day on prod
aws logs put-retention-policy --log-group-name /ecs/my-app-dev --retention-in-days 3
aws logs put-retention-policy --log-group-name /ecs/my-app-prod --retention-in-days 30Cost Focus 4: Signals that tell you this is working for measurable outcomes (Aws Cost Optimization)
| Optimization | Estimated Savings | Complexity |
|---|---|---|
| Fargate Spot for dev | ~$8/month | Low |
| ARM64/Graviton tasks | ~$7/month | Medium (rebuild images) |
| Reserved capacity (Savings Plan) | ~$10-15/month | Low (commitment) |
| Aurora Serverless v2 (replace RDS) | Variable | High |
| CloudFront CDN (reduce ALB traffic) | ~$5/month | Medium |
Cost Focus 5: How to keep cost and reliability aligned for fewer incident surprises (Aws Cost Optimization)
| Optimization | Monthly Savings | Effort |
|---|---|---|
| Fargate right-sizing (2→1 vCPU) | $36 | Low |
| ALB consolidation (2→1) | $16 | Medium |
| Dev auto-shutdown | $18 | Medium |
| Elastic IP cleanup | $7 | Trivial |
| NAT Gateway removal | $32 | Medium |
| ECR lifecycle policy | $2 | Trivial |
| Total | ~$111/month saved |
Before vs After
| Metric | Before | After | Change |
|---|---|---|---|
| Monthly cost | ~$183 | ~$72 | -61% |
| Dev idle cost | $44 | $0 | -100% |
| Wasted resources | 4 EIPs, 2 ALBs | 0 | Eliminated |
Cost Focus 6: What to document for your team for this workload (Aws Cost Optimization)
- Measure before optimizing — Use Cost Explorer and CloudWatch to identify actual usage patterns
- Right-size aggressively — Most dev workloads are massively over-provisioned
- Eliminate idle resources — Auto-shutdown for non-production, release unattached IPs
- Consolidate where possible — One ALB with routing rules beats multiple ALBs
- Set lifecycle policies — Prevent unbounded growth in ECR, CloudWatch Logs, and S3
- Re-evaluate architecture — NAT Gateways and other "best practice" resources may not be needed for your workload
Cost Focus 7: Where this architecture earns its value for your runbook (Aws Cost Optimization)
Resource Inventory & Monthly Costs
After deploying to AWS, the first step was a comprehensive resource audit:
# Discover all billable resources
aws ecs list-services --cluster my-cluster
aws rds describe-db-instances
aws elbv2 describe-load-balancers
aws ec2 describe-addresses # Elastic IPs
aws ecr describe-repositoriesInitial Cost Breakdown
| Resource | Monthly Cost | % of Total |
|---|---|---|
| ECS Fargate (2 vCPU / 4 GB) | $72.08 | 39% |
| ALB (2x — prod + dev) | $32.00 | 17% |
| RDS (db.t3.micro, single-AZ) | $15.44 | 8% |
| Elastic IPs (4 allocated) | $14.60 | 8% |
| NAT Gateway | $32.40 | 18% |
| ECR Storage | $2.50 | 1% |
| CloudWatch Logs | $3.00 | 2% |
| Secrets Manager (5 secrets) | $2.00 | 1% |
| Other (data transfer, DNS) | $9.50 | 5% |
| Total | ~$183/month |
Cost Focus 8: Operational notes from real-world usage for production readiness (Aws Cost Optimization)
Discovery
CloudWatch Container Insights revealed:
- Average CPU utilization: 8-12% (on 2 vCPU)
- Average memory utilization: 35% (on 4 GB)
- Peak CPU: 45% (during deployments only)
Action
Downgraded task definition from 2 vCPU / 4 GB to 1 vCPU / 2 GB:
aws ecs register-task-definition `
--family my-app `
--cpu 1024 `
--memory 2048 `
--container-definitions file://task-def.jsonResult
- Savings: ~$36/month (50% reduction in Fargate compute)
- No performance impact at current traffic levels
- Auto-scaling still active (1→8 tasks) for spike protection
Cost Focus 9: How to avoid expensive rework for sustained reliability (Aws Cost Optimization)
Problem
Two separate ALBs — one for production, one for dev — at $16/month each.
Solution
Consolidated to a single ALB with host-header routing:
# Add dev rule to prod ALB HTTPS listener
aws elbv2 create-rule `
--listener-arn $HTTPS_LISTENER_ARN `
--priority 10 `
--conditions "Field=host-header,Values=[dev.example.com]" "Field=source-ip,Values=[YOUR_IP/32]" `
--actions "Type=forward,TargetGroupArn=$DEV_TG_ARN"Architecture After
Single ALB ($16/month)
├── Rule 1: Host=www.example.com → prod TG
├── Rule 2: Host=dev.example.com + SourceIP → dev TG
└── Default: 403 (blocks direct ALB access)Savings: $16/month (eliminated second ALB entirely)
Cost Focus 10: Where teams usually get this wrong for secure delivery (Aws Cost Optimization)
Problem
Dev environment running 24/7 but only used during work hours (~8h/day, 5 days/week).
Solution
Lambda-based auto-shutdown after 30 minutes of zero traffic:
# Lambda function (triggered by CloudWatch Alarm via SNS)
import boto3
def handler(event, context):
ecs = boto3.client('ecs')
ecs.update_service(
cluster='my-cluster',
service='my-dev-service',
desiredCount=0
)
return {'statusCode': 200, 'body': 'Dev service scaled to 0'}# CloudWatch Alarm
DevIdleAlarm:
Type: AWS::CloudWatch::Alarm
Properties:
MetricName: RequestCount
Namespace: AWS/ApplicationELB
Statistic: Sum
Period: 300
EvaluationPeriods: 6 # 30 minutes
Threshold: 0
ComparisonOperator: LessThanOrEqualToThreshold
TreatMissingData: notBreaching
AlarmActions:
- !Ref DevIdleShutdownTopicSavings: ~$18/month (dev only runs during active use)
Cost Focus 11: The practical decision path for predictable operations (Aws Cost Optimization)
Discovery
aws ec2 describe-addresses --query "Addresses[?AssociationId==null]"Found 2 unattached Elastic IPs from deleted resources. At $3.65/month each:
aws ec2 release-address --allocation-id eipalloc-EXAMPLE1
aws ec2 release-address --allocation-id eipalloc-EXAMPLE2Savings: $7.30/month
Cost Focus 12: How to execute without guesswork for exam and field confidence (Aws Cost Optimization)
Untagged images accumulating in ECR:
# Set lifecycle policy to keep only last 5 images
aws ecr put-lifecycle-policy `
--repository-name my-app-frontend `
--lifecycle-policy-text '{
"rules": [{
"rulePriority": 1,
"description": "Keep last 5 images",
"selection": {
"tagStatus": "any",
"countType": "imageCountMoreThan",
"countNumber": 5
},
"action": {"type": "expire"}
}]
}'Cost Focus 13: What to validate before shipping for cleaner ownership (Aws Cost Optimization)
Analysis
NAT Gateway was provisioned for private subnet egress but:
- Backend containers only need to reach RDS (within VPC)
- Frontend SSR doesn't make external API calls
- ECR pulls can use VPC endpoints
Solution
- Removed NAT Gateway
- Added VPC endpoints for ECR, S3, and CloudWatch Logs
- Moved ECS tasks to public subnets with
assignPublicIp: ENABLED
Savings: $32/month (single largest win)
Reference checks for Aws Cost Optimization #73
Primary references used for verification:
- https://docs.aws.amazon.com/
- https://docs.github.com/