Cargando...
Cargando...
Master every AWS cost lever — from purchasing models to architecture patterns — and ace every cost question on any AWS certification.
AWS cost optimization is the practice of reducing unnecessary cloud spend while maintaining or improving performance, reliability, and scalability. It is a core pillar of the AWS Well-Architected Framework and appears prominently across all AWS certification exams — from Cloud Practitioner through Advanced Specialty exams. Understanding when to apply each strategy, and why, is what separates passing candidates from failing ones.
Exam questions test your ability to recommend the most cost-effective solution for a given scenario — often by choosing between purchasing options (On-Demand vs. Reserved vs. Spot), right-sizing strategies, architectural patterns (serverless vs. managed vs. self-managed), and monitoring/governance tools. You must know not just what each option is, but exactly when and why to choose it.
Right-Sizing
Right-sizing means selecting the most cost-effective resource type and size that still meets workload performance requirements. AWS Compute Optimizer analyzes CloudWatch metrics and recommends optimal EC2 instance types, EBS volumes, Lambda memory settings, and ECS task sizes. The goal is to eliminate over-provisioned resources — the single largest source of wasted cloud spend.
Use right-sizing continuously, especially before committing to Reserved Instances or Savings Plans. Never commit to a large instance if a smaller one meets the workload requirement. Also apply to EBS volumes (gp2 → gp3 migration is a common exam scenario for cost savings).
Requires CloudWatch metrics history (at least 14 days recommended). Downsizing carries risk if workload spikes are not captured in historical data. Compute Optimizer requires opting in and may not cover all resource types.
Purchasing Option Optimization (On-Demand → Reserved → Spot → Savings Plans)
AWS offers multiple EC2 purchasing models: On-Demand (pay per second/hour, no commitment), Reserved Instances (1 or 3-year commitment, up to ~72% discount), Spot Instances (spare capacity, up to ~90% discount, interruptible), and Savings Plans (flexible commitment on compute spend, up to ~66% discount). Each model targets a different workload profile. Savings Plans come in two types: Compute Savings Plans (most flexible — covers EC2, Fargate, Lambda) and EC2 Instance Savings Plans (highest discount, locked to instance family and region).
On-Demand: unpredictable, short-term, or spiky workloads. Reserved Instances (Standard): steady-state, predictable workloads running 24/7 — databases, always-on application tiers. Reserved Instances (Convertible): steady-state but need flexibility to change instance type/OS/tenancy. Spot: fault-tolerant, stateless, batch, big data, CI/CD — any workload that can be interrupted and restarted. Savings Plans: modern workloads using mixed instance families or containers — prefer over RIs when flexibility is needed.
Reserved Instances require upfront commitment and are harder to resell (Standard RIs can be sold on the Reserved Instance Marketplace; Convertible RIs cannot). Spot Instances can be reclaimed with a 2-minute warning — not suitable for stateful or latency-sensitive production workloads without interruption handling. Savings Plans do not apply to RDS, Redshift, or ElastiCache — those still use RIs.
Serverless and Managed Service Adoption
Shifting from self-managed EC2 workloads to serverless (Lambda, Fargate, API Gateway) or fully managed services (RDS, DynamoDB, Aurora Serverless, S3) eliminates idle capacity costs because you pay only for actual usage. Lambda pricing is based on number of requests and duration (GB-seconds). DynamoDB on-demand mode charges per read/write request unit. Aurora Serverless v2 scales in fine-grained increments (ACUs) and pauses when idle.
Use serverless when workloads are event-driven, intermittent, or highly variable. Use managed services when the operational overhead of self-management (patching, backups, HA configuration) exceeds the cost premium of the managed service. Aurora Serverless v2 is ideal for dev/test environments or workloads with unpredictable traffic patterns.
Serverless can become expensive at very high, sustained throughput — at scale, EC2 + Reserved Instances may be cheaper. Lambda has execution duration and memory limits. Cold starts can introduce latency. Managed services reduce control and customization options.
Storage Tiering and Lifecycle Policies
AWS storage services offer multiple tiers at different price points. S3 tiers from most to least expensive for retrieval: S3 Standard → S3 Intelligent-Tiering → S3 Standard-IA → S3 One Zone-IA → S3 Glacier Instant Retrieval → S3 Glacier Flexible Retrieval → S3 Glacier Deep Archive. S3 Lifecycle policies automatically transition objects between tiers or expire them after defined periods. EBS: gp3 is cheaper than gp2 for the same baseline performance and allows independent IOPS/throughput configuration without increasing volume size.
Use S3 Intelligent-Tiering for data with unknown or changing access patterns — it automatically moves objects between frequent and infrequent access tiers with no retrieval fees for objects moved by the service. Use Glacier Deep Archive for compliance data that must be retained for 7–10 years but rarely accessed. Use Lifecycle policies for log archives, backups, and media assets with predictable aging patterns. Migrate gp2 EBS volumes to gp3 for immediate cost savings with no performance degradation.
S3 Intelligent-Tiering has a per-object monitoring fee for objects ≥128 KB — not cost-effective for very small objects or very frequently accessed data. Glacier retrieval incurs latency (minutes to hours for Flexible Retrieval, up to 12 hours for Deep Archive). One Zone-IA sacrifices AZ redundancy for ~20% lower cost — not suitable for primary production data.
Data Transfer and Network Cost Optimization
Data transfer costs are one of the most overlooked sources of AWS spend. Inbound data transfer to AWS is free. Outbound data transfer to the internet incurs per-GB charges that vary by region. Data transfer between AZs within the same region incurs charges in both directions. Data transfer between AWS services in the same AZ using private IPs is free. CloudFront reduces origin data transfer costs (CloudFront → origin is cheaper than direct internet egress) and caches content at edge locations. VPC endpoints (Gateway and Interface) eliminate NAT Gateway data processing charges for supported services (S3, DynamoDB via Gateway endpoints are free).
Use CloudFront to cache and serve static/dynamic content globally — reduces both latency and egress costs. Use S3 Gateway VPC Endpoints (free) instead of routing S3 traffic through NAT Gateway (which charges per GB processed). Use AWS Direct Connect for high-volume, predictable data transfer from on-premises — per-GB rates are lower than internet egress at scale. Architect services in the same AZ when low-latency inter-service communication is required and cross-AZ transfer costs are significant.
CloudFront has its own pricing (per-request and per-GB) but is typically cheaper than direct egress at scale. Direct Connect requires dedicated connectivity infrastructure and lead time. Placing all services in one AZ for cost savings sacrifices high availability — balance cost vs. resilience requirements.
Cost Visibility, Governance, and Tagging
You cannot optimize what you cannot measure. AWS Cost Management tools include: AWS Cost Explorer (visualize and analyze spend and usage trends, RI/SP recommendations), AWS Budgets (set spend/usage/RI coverage thresholds and trigger alerts or actions), AWS Cost and Usage Report (CUR — most granular billing data, exported to S3, queryable via Athena), AWS Compute Optimizer (resource right-sizing recommendations), and AWS Trusted Advisor (cost optimization checks including idle resources, underutilized RIs). Resource tagging is the foundation of cost allocation — tags applied to resources appear in Cost Explorer and CUR, enabling showback and chargeback to teams or projects.
Use Cost Explorer for trend analysis and RI/SP purchase decisions. Use AWS Budgets to enforce spend controls and alert teams before overruns occur. Use CUR + Athena for custom, granular cost analysis at scale. Use Trusted Advisor for quick identification of idle/underutilized resources. Implement a mandatory tagging policy using AWS Organizations Service Control Policies (SCPs) or AWS Config rules to enforce tag compliance across all accounts.
Cost Explorer data has up to 24-hour latency. CUR files can be very large and require Athena or a BI tool to analyze effectively. Budgets actions can automatically apply IAM policies or stop EC2/RDS instances — use with caution in production. Tag enforcement is retroactive only when Config rules are applied; existing untagged resources require remediation.
Multi-Account Cost Governance with AWS Organizations
AWS Organizations enables consolidated billing, which aggregates usage across all member accounts to unlock volume discount tiers for services like S3, Data Transfer, and EC2. RI and Savings Plans benefits are shared across the organization by default (can be disabled per account). Service Control Policies (SCPs) can restrict which services, regions, or instance types member accounts can use — preventing costly sprawl. AWS Control Tower provides guardrails for governance at scale.
Use consolidated billing whenever you have multiple AWS accounts — the volume discount aggregation alone justifies it. Use SCPs to prevent teams from launching expensive instance types or deploying to high-cost regions unnecessarily. Use AWS Budgets at the organization level to track aggregate spend. Share Reserved Instances and Savings Plans across accounts to maximize utilization.
RI sharing across accounts can cause unintended attribution — an RI purchased in one account may apply to another account's usage, complicating chargeback. SCPs that are too restrictive can block legitimate workloads — test thoroughly before applying. Management account cannot be restricted by SCPs.
Elasticity and Auto Scaling
Elasticity — the ability to scale resources up/down with demand — is a core AWS cost optimization principle. EC2 Auto Scaling groups with dynamic or predictive scaling ensure you run only the capacity you need. Scheduled scaling handles predictable traffic patterns (e.g., scale down overnight, scale up before business hours). AWS Lambda and DynamoDB on-demand mode provide automatic elasticity with zero manual intervention. Combining Spot Instances with Auto Scaling groups (using mixed instance policies) maximizes both cost savings and availability.
Use Auto Scaling for any workload with variable traffic — web applications, API backends, batch processing. Use Scheduled Scaling for workloads with known daily/weekly patterns. Use Predictive Scaling (ML-based) for workloads with recurring patterns that are harder to schedule manually. Use mixed instance policies in Auto Scaling groups to blend On-Demand (for baseline) with Spot (for burst capacity).
Auto Scaling has cooldown periods that can cause over-provisioning during rapid traffic spikes. Predictive Scaling requires at least 24 hours of CloudWatch metric history to generate predictions. Mixing Spot with On-Demand requires application-level fault tolerance for Spot interruptions.
STEP 1 — IDENTIFY WORKLOAD TYPE:
• Always-on, predictable, steady-state → Reserved Instances (Standard) or EC2 Instance Savings Plans
• Flexible steady-state (mixed families/regions, containers, Lambda) → Compute Savings Plans
• Variable, spiky, event-driven → On-Demand + Auto Scaling; or Serverless (Lambda/Fargate)
• Fault-tolerant batch, stateless, interruptible → Spot Instances
• Unknown pattern → On-Demand first, then analyze with Cost Explorer after 30 days
STEP 2 — RIGHT-SIZE BEFORE COMMITTING:
• Run Compute Optimizer and review recommendations
• Never purchase RIs or Savings Plans on over-provisioned resources
• For EBS: migrate gp2 → gp3 for immediate savings
• For S3: enable Intelligent-Tiering or apply Lifecycle policies
STEP 3 — EVALUATE MANAGED vs. SELF-MANAGED:
• If operational overhead > managed service premium → use managed service
• If workload is truly stateless and event-driven → go serverless
• If sustained high throughput at scale → EC2 + RI may beat Lambda cost
STEP 4 — OPTIMIZE DATA TRANSFER:
• Same AZ, private IP → free
• Cross-AZ → charged; minimize cross-AZ traffic for chatty services
• S3/DynamoDB access from VPC → use Gateway VPC Endpoint (free)
• High internet egress → use CloudFront to cache and reduce origin requests
• High on-premises transfer volume → evaluate Direct Connect
STEP 5 — IMPLEMENT VISIBILITY AND GOVERNANCE:
• Enable Cost Explorer and set up AWS Budgets alerts immediately
• Enforce resource tagging via SCPs or AWS Config rules
• Use CUR + Athena for deep-dive analysis
• Review Trusted Advisor cost optimization checks weekly
• Use AWS Organizations consolidated billing for volume discounts and RI/SP sharing
Spot Instances are the answer whenever the question describes fault-tolerant, stateless, batch, big data, CI/CD, or 'can tolerate interruption' workloads AND cost minimization is the goal. The 2-minute interruption notice is the key constraint — if the workload cannot handle interruption, Spot is wrong.
Savings Plans vs. Reserved Instances: If the scenario involves Lambda, Fargate, or mixed EC2 instance families/regions, Compute Savings Plans is the correct answer — not Reserved Instances. RIs are locked to a specific instance family, region, OS, and tenancy. Savings Plans provide the same or better discount with far more flexibility.
S3 Gateway VPC Endpoints are free and eliminate NAT Gateway data processing charges for S3 and DynamoDB traffic originating from within a VPC. On the exam, if a scenario mentions high NAT Gateway costs for S3 or DynamoDB access, the answer is almost always a Gateway VPC Endpoint.
Standard Reserved Instances can be sold on the AWS Reserved Instance Marketplace if you no longer need them. Convertible Reserved Instances CANNOT be sold on the Marketplace — they can only be exchanged for other Convertible RIs of equal or greater value. This distinction is a frequent exam trap.
Spot = fault-tolerant/interruptible workloads (up to ~90% savings). Reserved Standard = steady-state committed workloads (up to ~72%). Compute Savings Plans = flexible multi-family/Lambda/Fargate workloads (up to ~66%). Memorize these three mappings and you will answer the majority of cost purchasing questions correctly.
S3 Gateway VPC Endpoints are FREE and eliminate NAT Gateway data processing charges for S3 and DynamoDB. If a scenario mentions high NAT Gateway costs for S3 or DynamoDB access from a VPC, the answer is a Gateway VPC Endpoint — not a more expensive NAT solution.
Standard RIs CAN be sold on the Reserved Instance Marketplace. Convertible RIs CANNOT. This single fact appears repeatedly across Associate and Professional exams as a distractor.
AWS Cost and Usage Report (CUR) is the most detailed billing dataset available — it includes resource-level line items and is the source of truth for custom cost analysis. Cost Explorer is for visualization and trend analysis. If the exam asks for the most granular billing data or custom BI integration, the answer is CUR, not Cost Explorer.
S3 Intelligent-Tiering is NOT always the cheapest option. It charges a per-object monitoring fee for objects ≥128 KB. For data that is always frequently accessed, S3 Standard is cheaper. For data with a known, predictable access pattern, explicit Lifecycle policies to Standard-IA or Glacier are cheaper. Intelligent-Tiering wins only when the access pattern is genuinely unknown or variable.
Compute Optimizer must be explicitly opted into — it is not enabled by default. It requires CloudWatch metrics (at minimum 14 days of data, 30 days recommended) to generate recommendations. On the exam, if a scenario asks how to get right-sizing recommendations for EC2, Lambda memory, or EBS, the answer is AWS Compute Optimizer.
Consolidated billing in AWS Organizations aggregates usage across all member accounts for volume pricing tiers AND shares Reserved Instance and Savings Plans benefits across accounts by default. If a question asks how to maximize RI utilization across multiple accounts, the answer is AWS Organizations consolidated billing with RI sharing enabled.
The Well-Architected Framework Cost Optimization Pillar has five design principles: implement cloud financial management, adopt a consumption model, measure overall efficiency, stop spending money on undifferentiated heavy lifting, and analyze and attribute expenditure. Exam questions may ask which principle applies to a given scenario.
gp3 EBS volumes provide the same baseline performance as gp2 (3,000 IOPS) at a lower cost per GB, and allow you to independently provision IOPS and throughput without increasing volume size. Migrating from gp2 to gp3 is a pure cost optimization with no downside for most workloads — a common exam recommendation.
Common Mistake
Reserved Instances must be used in the account that purchased them.
Correct
In AWS Organizations with consolidated billing, Reserved Instance benefits are automatically shared across all member accounts unless RI sharing is explicitly disabled for a specific account. The RI does not need to be in the same account as the workload consuming it.
This is a critical misconception that causes candidates to recommend purchasing duplicate RIs per account. Understanding RI sharing is essential for multi-account architecture questions and directly impacts cost optimization recommendations.
Common Mistake
Spot Instances are unreliable and should only be used for non-critical workloads with no SLA.
Correct
Spot Instances are highly suitable for production workloads when the application is architected for fault tolerance — such as stateless web tiers behind a load balancer, batch processing with checkpointing, or big data processing with task-level retries. AWS provides a 2-minute interruption notice, which is sufficient for graceful shutdown in well-designed systems. Spot capacity pools are large and interruptions are infrequent for most instance types.
Candidates avoid recommending Spot for production scenarios and miss the opportunity for up to 90% cost savings. The exam frequently presents scenarios where Spot + fault-tolerant architecture is the correct and expected answer.
Common Mistake
Serverless (Lambda) is always cheaper than EC2 for any workload.
Correct
Lambda is cost-effective for event-driven, intermittent, or low-to-medium throughput workloads. At very high, sustained throughput (e.g., millions of requests per minute continuously), EC2 with Reserved Instances can be significantly cheaper than Lambda because Lambda charges per invocation and per GB-second of execution. The break-even point depends on workload characteristics.
Exam questions may describe high-volume, sustained workloads and expect candidates to recognize that EC2 + RI is more cost-effective than Lambda. Always evaluate the workload pattern — intermittent favors Lambda, sustained high-volume may favor EC2.
Common Mistake
Data transfer between AWS services in the same region is always free.
Correct
Data transfer between services in different Availability Zones within the same region incurs charges in both directions (per GB). Only data transfer between services within the SAME Availability Zone using private IP addresses is free. Data transfer between regions always incurs charges.
This misconception leads architects to overlook significant cross-AZ data transfer costs in highly available multi-AZ architectures. The exam tests whether candidates know to minimize cross-AZ traffic for cost optimization while maintaining availability.
Common Mistake
AWS Budgets only sends alerts — it cannot take automated actions.
Correct
AWS Budgets supports Budget Actions, which can automatically apply IAM policies, attach Service Control Policies, or stop EC2 and RDS instances when a budget threshold is breached. This enables automated spend enforcement, not just alerting.
Candidates who think Budgets is alert-only will miss questions asking for automated cost enforcement mechanisms. Budget Actions are a key governance feature that differentiates AWS from competitors.
Common Mistake
Convertible Reserved Instances are always better than Standard RIs because they offer more flexibility.
Correct
Standard Reserved Instances offer a higher discount (up to ~72%) compared to Convertible RIs (up to ~66%). Convertible RIs provide flexibility to exchange for a different instance type, OS, or tenancy, but cannot be sold on the Reserved Instance Marketplace. Standard RIs are better when you are confident in the instance type and want maximum savings. Convertible RIs are better when you anticipate needing to change instance attributes during the commitment period.
Candidates assume 'more flexible = always better' and always recommend Convertible RIs. The exam tests whether candidates understand the discount differential and the inability to sell Convertible RIs on the Marketplace.
Common Mistake
Tagging resources is optional and only useful for organization — it does not affect billing.
Correct
Resource tags that are activated as cost allocation tags in the AWS Billing console appear in Cost Explorer and the Cost and Usage Report, enabling cost attribution by team, project, environment, or application. Without proper tagging, it is impossible to perform accurate showback or chargeback, and cost optimization efforts lack the granularity needed to identify waste.
Cost allocation tags are foundational to any cost optimization program. The exam tests whether candidates know that tags must be activated in the Billing console to appear in cost reports, and that tagging is a prerequisite for meaningful cost governance.
PRICE framework for cost optimization: Purchasing options → Right-sizing → Intelligent storage tiering → Cost visibility (tagging + tools) → Elasticity (Auto Scaling + serverless). Cover all five and you cover every exam cost scenario.
For EC2 purchasing: 'SORS' — Steady-state = On-demand first, then Reserved; On-again-off-again = Spot; Rapid scaling = Savings Plans. 'SORS' helps you pick the right model instantly.
For data transfer costs: 'Same AZ = Free, Cross-AZ = Fee, Cross-Region = Big Fee, Internet = Biggest Fee.' Remember the cost increases as data travels farther from its origin.
Savings Plans vs. RIs: 'Flexible Families → Savings Plans; Fixed Family → Reserved Instances.' If the workload crosses instance families or uses Lambda/Fargate, Savings Plans wins.
The #1 exam trap is recommending Reserved Instances when Savings Plans is the correct answer (or vice versa). Candidates see 'cost savings + commitment' and default to RIs, missing that Compute Savings Plans cover Lambda and Fargate (which RIs do not), apply across instance families and regions, and are the correct modern recommendation for flexible or containerized workloads. Always check: does the workload use Lambda, Fargate, or mixed EC2 families? If yes → Savings Plans.
CertAI Tutor · · 2026-02-22
Key Services
Guides & Patterns