5 AWS Services That Secretly Drain Your Budget
These services quietly add hundreds to your monthly bill. Here's how to identify them before they become expensive problems.
When people think about AWS costs, they usually think about EC2 and RDS. Those are the obvious ones—easy to see, easy to understand.
But the real budget killers are often the services you don't think about. They accumulate quietly in the background, showing up as mysterious line items that add up to hundreds or thousands of dollars.
Here are the five most common culprits—and how to fix them.
NAT Gateway
Why it's sneaky: NAT Gateways charge $0.045 per GB of data processed, on top of the hourly charge ($0.045/hour = $32/month just to exist). If your private subnets are routing traffic through a NAT Gateway, you're paying for every byte.
Common scenarios that balloon costs:
- Docker image pulls from ECR
- Lambda functions in VPC accessing AWS services
- Internal services calling external APIs
- S3 transfers from private subnets
The Fix
Use VPC endpoints for AWS services. An S3 Gateway endpoint is free. Interface endpoints for ECR, Lambda, etc. cost $7.20/month but eliminate NAT Gateway data charges.
Elastic IPs (Unused)
Why it's sneaky: Elastic IPs are free when attached to a running instance. But the moment they're unattached—or attached to a stopped instance—AWS charges $3.60/month per IP.
They accumulate because:
- You terminate an instance but forget to release the IP
- You allocate IPs for future use and forget about them
- Auto-scaling leaves orphaned IPs behind
The Fix
Run this command monthly to find unattached IPs:
aws ec2 describe-addresses --query 'Addresses[?AssociationId==`null`]'
Release any that aren't needed. Takes 2 minutes.
EBS Volumes (Unattached)
Why it's sneaky: When you terminate an EC2 instance, the attached EBS volumes don't always get deleted. They sit there, costing $0.10/GB/month for gp3, doing absolutely nothing.
A 500GB volume that was attached to a terminated instance costs $50/month forever—until someone notices.
The Fix
Find unattached volumes:
aws ec2 describe-volumes --filters "Name=status,Values=available"
Review and delete or snapshot+delete volumes that aren't needed. Set up a monthly reminder to run this check.
Old EBS Snapshots
Why it's sneaky: Snapshots are incremental, so people assume they're cheap. And individually, they often are. But they accumulate over years, and nobody ever deletes them.
A company with 5TB of snapshots is paying $250/month ($0.05/GB) for data that might be years out of date.
The Fix
Use AWS Data Lifecycle Manager to automatically delete snapshots older than X days. Or run a quarterly audit:
aws ec2 describe-snapshots --owner-ids self --query "Snapshots[?StartTime<='2024-01-01']"
Delete anything older than your retention policy requires.
Data Transfer (Cross-Region & Internet)
Why it's sneaky: Data transfer into AWS is free. Data transfer out or between regions is not. And it adds up fast.
Common expensive patterns:
- Cross-region replication: $0.02/GB between regions
- CloudFront origin fetches: Every cache miss costs transfer
- API Gateway responses: $0.09/GB for data out
- Large S3 downloads: $0.09/GB to internet
The Fix
- Use CloudFront for frequently accessed content (reduced data transfer rates)
- Keep services in the same region when possible
- Compress API responses
- Review CloudWatch data transfer metrics monthly
How to Find These Issues in Your Account
AWS Cost Explorer can help identify these problems, but it requires knowing where to look. Here's a quick audit process:
- Open Cost Explorer and set the date range to the last 30 days
- Group by "Service" to see your top spenders
- Look for unusual services: EC2-Other, VPC, Data Transfer
- Drill into those categories by usage type to find specific charges
The "EC2-Other" category is particularly important—it includes NAT Gateway, EBS volumes, Elastic IPs, and other hidden charges that aren't obvious EC2 instance costs.
Pro Tip
Set up a weekly Cost Explorer report to be emailed to you. It takes 5 minutes to configure and keeps these costs visible without requiring you to remember to check.
Prevention Is Better Than Cleanup
Once you've cleaned up the current waste, prevent it from happening again:
- Use tagging: Tag resources with owner and purpose so you can identify orphans
- Set up billing alerts: Get notified when costs spike unexpectedly
- Enable Cost Anomaly Detection: AWS's ML-based alerting catches unusual patterns
- Review costs daily: Small problems caught early stay small
Catch These Issues From Your Phone
CloudOuch surfaces hidden AWS costs and anomalies, so you catch problems before they become expensive. Daily updates, right in your pocket.
Join the WaitlistThe Bottom Line
The five services that most commonly drain AWS budgets are:
- NAT Gateway: Data processing charges add up fast
- Elastic IPs: Unused IPs cost $3.60/month each
- EBS Volumes: Orphaned volumes from terminated instances
- EBS Snapshots: Years of accumulated incremental backups
- Data Transfer: Cross-region and internet egress costs
None of these are visible at a glance. They require intentional monitoring and regular cleanup. But the savings can be substantial—often 10-20% of your total AWS bill.
Start with the quick wins: release unused Elastic IPs and delete unattached EBS volumes. Then set up ongoing monitoring so these issues don't creep back.
Your AWS bill will thank you.