Cost management in the cloud is a never-ending exercise for operation managers. Fortunately, there are some tools which can help companies get started in the right direction. Let’s take a closer look at them.
In part 1 of our three-part series, we introduced some of the AWS billing and reporting tools. We saw how those tools can be used to understand infrastructure spending at a more granular level. Some of the reports can be loaded into third-party analytical tools for further analysis.
As companies start to analyze their spending patterns from billing reports, they start thinking about optimization. The big questions they try to answer include the following broad categories:
- How can we keep our spending within a reasonable limit?
- How can we start optimizing costs? Where do we start?
- How can we forecast future spending?
In this part of the series, we will introduce some of the cost management tools already available from AWS that can help answer some of these important questions.
Creating Billing Alerts
One of the first things companies need to do after transitioning to AWS is enabling billing alerts. AWS billing alerts enable us to set a threshold for monthly spending and receive notifications when spending exceeds that threshold.
This is proactive cost monitoring. If there is a consistent pattern of billing alerts every month, it means either the threshold (and perhaps the infrastructure budget) is too low for the normal, expected workload, or there is a good argument for scaling back current resource consumption.
An early response to billing alerts means there are no nasty surprises at the end of the month when the company credit card is charged.
Billing alerts can be enabled from the AWS Billing and Cost Management console’s Preferences tab. Once enabled, it can’t be deactivated. In the image below, we have enabled this feature:
Once enabled, you can create an alert from the AWS CloudWatch console. Billing alerts can be created only from the US-East (North Virginia) region; however its monitoring would include costs from resources running in every region. If you try to create a billing alert from CloudWatch in any other region, you will receive a message like this:
In the image below, we are creating a billing alarm from the CloudWatch console in US-East region. As you can see, billing alarms can be based on:
- Estimated total charge for the current account.
- Estimated total charge for one or more linked accounts.
- Estimated charges for one or more AWS service consumed by the current account.
- Estimated charges for one or more AWS service consumed by one or more linked accounts.
Here, we are interested in the total estimated charge in USD for the current account. In the alert definition, we are setting up a threshold of US $1,000 and want CloudWatch to send us an alert when the current month’s spending goes above that limit.
We had to create an SNS topic called AWS_Billing_Notification first and confirm its subscription before creating the alarm. In this case, the SNS topic would send notifications to an e-mail subscription, which could be our accounts payable department.
Also, note how CloudWatch lets us perform an auto-scaling operation in response to the alarm. This can be useful for specific use cases. For example, if we are running a busy site during a particular campaign or promotion season, we could be using multiple servers in a farm to keep up with higher-than-normal traffic.
Not surprisingly, this would also mean extra spending. However, we would want to keep the spending within our limit as well. With billing alerts, we can use auto scaling actions where the number of servers in the farm would be reduced once the spending hits the US$ 1,000 mark.
Once set up, the monitoring is automatic. Every time the spending threshold is reached, an e-mail like the following would be sent to the address specified:
You are receiving this email because your estimated charges are greater than the limit you set for the alarm "AWS-EstimatedCharges-Alarm" in AWS Account XXXXXXXXXXXX. The alarm limit you set was $ 1000.00 USD. Your total estimated charges accrued for this billing period are currently $ 1020.26 USD as of Thursday 16 June, 2016 17:37:52 UTC. The actual charges you will be billed in this statement period may differ from the charges shown on this notification. For more information, view your estimated bill at: https://console.aws.amazon.com/billing/home#/bill?year=2016&month=6 More details about this alarm are provided below: --- Amazon CloudWatch Alarm "AWS-EstimatedCharges-Alarm" in the US East - N. Virginia region has entered the ALARM state, because "Threshold Crossed: 1 datapoint (1020.26) was greater than or equal to the threshold (1000.0)." at "Thursday 16 June, 2016 17:37:52 UTC". View this alarm in the AWS Management Console: https://console.aws.amazon.com/cloudwatch/home?region=us-east-1#s=Alarms&alarm=AWS-EstimatedCharges-Alarm Alarm Details: - Name: AWS-EstimatedCharges-Alarm - Description: CloudWatch Alarm for Estimated Charges - State Change: OK -> ALARM - Reason for State Change: Threshold Crossed: 1 datapoint (1020.26) was greater than or equal to the threshold (1000.0). - Timestamp: Thursday 16 June, 2016 17:37:52 UTC - AWS Account: XXXXXXXXXXXX Threshold: - The alarm is in the ALARM state when the metric is GreaterThanOrEqualToThreshold 1000.00 for 21600 seconds. Monitored Metric: - MetricNamespace: AWS/Billing - MetricName: EstimatedCharges - Dimensions: [Currency = USD] - Period: 21600 seconds - Statistic: Maximum - Unit: not specified State Change Actions: - OK: - ALARM: [arn:aws:sns:us-east-1:XXXXXXXXXXXX:AWS_Billing_Notification] - INSUFFICIENT_DATA:
Closely related to billing alerts are budgets. This is a comparatively new feature and also available from the Billing and Cost Management console. Budgets in AWS serve the same purpose as they do in our daily lives.
They’re a way to pre-allocate funding for your AWS spending and allow for monitoring the actual usage against the allocated value.
Like billing alerts, the budgeting feature needs to be enabled first (see below) and once enabled, you cannot turn it off.
In the image below, we are creating a budget for an AWS account. The wizard is fairly simple:
- We are budgeting for two specific services: namely, EC2 instances and EBS volumes.
- We are budgeting for the next six months (June to December).
- We have a budget of $1,500 per month to spend for these services.
- We would like to be notified when our actual spending has gone 2% over our budgeted amount.
- We would like to be notified when our forecasted spending goes 2% over our budgeted amount.
- The alarm notification should be sent to our accounts payable department’s e-mail address (behind the scene, AWS creates a CloudWatch alarm for this).
Once the budget is created, it’s visible from the Budget console. Notice how the status bar gives a visual representation of current spending against the budgeted value.
Individual AWS services apart, you can create budgets for the following categories:
- Specific API operation(s) against an AWS service: for example, you can budget for S3 PutObject requests.
- Availability Zone: For example, your primary data center in ap-southeast-2a should have more costs allocated than ap-southeast-2b and ap-southeast-2c. You can budget for low spending in those two AZs.
- Linked accounts: If each department or business unit in your company has a separate AWS account, you can link them all to a master account which pays the consolidated bill at the end of the month. Using this feature, you can set budgets for each linked account.
- Purchase option: With this type of budget you can decide how much you want to spend on on-demand instances and reserved instances.
- Tag: You can budget for resources with a specific tag. For example, if each resource used in your development environment has a type tag of “DEV”, you can use that tag in the budget. That way you can budget for your development infrastructure. Another example could be a tag which identifies the business owner of a resource, say the marketing department. Using that tag, you may want to budget for the marketing department’s resource usage during a campaign season.
A few more things to be mindful about budgets:
- By default, only two budgets are allowed per account. In our opinion, this is fairly restrictive.
- Once a budget is created, it can’t be modified, it can only be deleted. This is restrictive as well.
- With notification options (actual or forecasted spending against budgeted value), AWS creates necessary CloudWatch alarms and associated SNS topics behind the scene. However, these alarms are subject to AWS account limits. By default, an AWS account can have ten alarms per month for free. If you already have a large number of alarms configured, the budget alarms may actually cost you extra charges.
Cost Allocation Tags
While budgets and alerts can help keep costs down, cost allocation tags enable IT departments to apportion the total AWS bill to various internal and external customers. The traditional IT shop usually hosts a number of resources for different costs centers (sales, marketing, finance, corporate apps, HR etc.), projects or teams (application developers, business analysts, service desk or training). Specific tags can be added to each of these resources to identify or associate them with specific business owner or purpose.
For example, an EC2 instance can have two tags: “Owner” and “Environment” with values of say, “HR” and “Production” respectively. When cost allocation tags are enabled, AWS will generate a cost allocation report with the total monthly bill broken down by the enabled tags. This is a CSV file created in an S3 bucket. In this particular example, if both the “Owner” and “Environment” tags are enabled, the report can show what IT should be charging back HR for hosting their production server.
In the image below, we can see three tags are enabled for cost allocation report.
We have now seen how to create a threshold and a budget for limiting our spending in the AWS cloud and how to proactively recoup infrastructure costs from customers consuming IT services. As we will see in the next and final part of this series, there are more sophisticated tools available for identifying optimization opportunities and take advantage of price reductions from AWS.
Read part 3 now!
Aviatrix Integration of a NextGen Firewall in AWS Transit Gateway
Learn how Aviatrix’s intelligent orchestration and control eliminates unwanted tradeoffs encountered when deploying Palo Alto Networks VM-Series Firewalls with AWS Transit Gateway.Deploying any next generation firewall in a public cloud environment is challenging, not because of the f...
AWS Config Best Practices for Compliance
Use AWS Config the Right Way for Successful ComplianceIt’s well-known that AWS Config is a powerful service for monitoring all changes across your resources. As AWS Config has constantly evolved and improved over the years, it has transformed into a true powerhouse for monitoring your...
Cloud Academy is Coming to the AWS Summits in Atlanta, London, and Chicago
Cloud Academy is a proud sponsor of the 2019 AWS Summits in Atlanta, London, and Chicago. We hope you plan to attend these free events that bring the cloud computing community together to connect, collaborate, and learn about AWS. These events are all about learning. You can learn how t...
AWS EC2 Instance Types Explained
Amazon Web Services’ resource offerings are constantly changing, and staying on top of their evolution can be a challenge. Elastic Cloud Compute (EC2) instances are one of their core resource offerings, and they form the backbone of most cloud deployments. EC2 instances provide you with...
WaitCondition Controls the Pace of AWS CloudFormation Templates
AWS's WaitCondition can be used with CloudFormation templates to ensure required resources are running.As you may already be aware, AWS CloudFormation is used for infrastructure automation by allowing you to write JSON templates to automatically install, configure, and bootstrap your ...
The 9 AWS Certifications: Which is Right for You and Your Team?
As companies increasingly shift workloads to the public cloud, cloud computing has moved from a nice-to-have to a core competency in the enterprise. This shift requires a new set of skills to design, deploy, and manage applications in cloud computing.As the market leader and most ma...
Two New EC2 Instance Types Announced at AWS re:Invent 2018 – Monday Night Live
The announcements at re:Invent just keep on coming! Let’s look at what benefits these two new EC2 instance types offer and how these two new instances could be of benefit to you. If you're not too familiar with Amazon EC2, you might want to familiarize yourself by creating your first Am...
Google Cloud Certification: Preparation and Prerequisites
Google Cloud Platform (GCP) has evolved from being a niche player to a serious competitor to Amazon Web Services and Microsoft Azure. In 2018, research firm Gartner placed Google in the Leaders quadrant in its Magic Quadrant for Cloud Infrastructure as a Service for the first time. In t...
Understanding AWS VPC Egress Filtering Methods
In order to understand AWS VPC egress filtering methods, you first need to understand that security on AWS is governed by a shared responsibility model where both vendor and subscriber have various operational responsibilities. AWS assumes responsibility for the underlying infrastructur...
S3 FTP: Build a Reliable and Inexpensive FTP Server Using Amazon’s S3
Is it possible to create an S3 FTP file backup/transfer solution, minimizing associated file storage and capacity planning administration headache?FTP (File Transfer Protocol) is a fast and convenient way to transfer large files over the Internet. You might, at some point, have conf...
Microservices Architecture: Advantages and Drawbacks
Microservices are a way of breaking large software projects into loosely coupled modules, which communicate with each other through simple Application Programming Interfaces (APIs).Microservices have become increasingly popular over the past few years. The modular architectural style,...
What Are Best Practices for Tagging AWS Resources?
There are many use cases for tags, but what are the best practices for tagging AWS resources? In order for your organization to effectively manage resources (and your monthly AWS bill), you need to implement and adopt a thoughtful tagging strategy that makes sense for your business. The...