AWS — Are we Playing with the fire?
September 15, 2022
I didn’t give the title “Playing with Fire” to scare anyone. I just used it as a metaphor to explain the risk if you don’t handle Amazon Web Services with proper understanding and standards.
A few examples shall validate my point.
In 2021, one of our customers saw their AWS bill skyrocket to almost USD 20K/month. They didn’t do anything wrong and their account wasn’t hacked; the billing was too high and impacted the business growth. This is a perfect example of why you shouldn’t fall in love with technology and start using all the services that look attractive to a technical person. Always do a cost/benefit analysis before making any decisions.
One of our other customers who rely heavily on live streaming recently received an AWS bill for around USD 40K. They were completely unaware of what kind of services they were using and how they had racked up such a huge bill. AWS suspended their account, resulting in the loss of valuable content stored on S3. This is a perfect example of why you should never rely too much on your technical team and always check (and try to understand) your AWS bills regularly.
Recently, a friend of ours had an AWS bill for nearly half a million dollars in a single month. The reason? Their account had been hacked, and hackers had used up a ton of services without their knowledge. Not only was this a total shock, but it also left our friend scrambling to figure out what exactly had happened and how to prevent it from happening again.
We found that these were some of the most significant cases, where customers were being billed in thousands of dollars, and they were only experiencing a few hundred dollars worth of relief. We’ve helped many customers in similar situations struggling to make ends meet.
Cloud computing services are compelling and advanced. They can take a business to new heights, but at the same time, they can be a real drain on your resources. That’s why I call them a “fire.”
When it comes to cloud computing, there is a lot of misunderstanding out there. Many non-technical people go along with the trend without understanding it. They feel confident that their solution provider or consultant is offering them cloud servers, but they never bother to find out if they are getting the best technology.
Though AWS is a great cloud service provider and we always recommend it to our customers, it can be a little complex to understand, especially when it comes to billing. They do provide an excellent pricing calculator (https://calculator.aws/) on their website, but you need to have a very good understanding of the services offered and how they work in order to use it correctly.
The mighty AWS Eros can turn into AWS Thanatos if you’re not careful. Here are some things to keep in mind to avoid trouble.
There are some services that customers often misunderstand in terms of cost and features. Here are some examples of these services:
Terminology
A few cloud terms are often confused with one another, which can lead to misinterpretation and higher-than-expected bills. It’s essential to understand pay-as-you-go models, free tiers, the difference between termination and stops, hourly billing, and data in and out.
EC2 Servers
Ec2 servers are the backbones of AWS and provide the required computing power. However, if you’re not advised by a professional on what kind of computing power you need, it can end up costing you a lot of money. We typically ask our customers if they need high memory or computing power. Do they need a server only on occasion or 24/7? Should they go for the ‘reserved’ instance?
Data Transfer
On a traditional dedicated server, you will receive a good amount of bandwidth. However, on AWS, your data transfer needs may be different. AWS can be complex and confusing when it comes to data transfer costs. (https://aws.amazon.com/blogs/architecture/overview-of-data-transfer-costs-for-common-architectures/)
For example, S3 is a fantastic service for storing large amounts of data, but if you’re not careful, you can end up paying more than you anticipated. For example, if you put videos or other large media files on S3 and start allowing your customers to consume them directly (without CDN etc.), you may get a big surprise when you receive your bill.
Security
One of the features of AWS that is often misunderstood is that security on the cloud is a shared responsibility. It would be best if you were very careful about your part when using AWS, as they provide lots of powerful features that can help keep your data safe.
IAM
Our customers often approach us with the root account they created during signup, but this is the biggest mistake! The root account gives you complete control over your account and allows you to manage who can use your budget and what kind of limitations or privileges they have. Using the root account will enable you to control your account and prevent unauthorized access.
AWS recommends that you should not be using a root account at all; they have excellent documentation on best practices
(https://docs.aws.amazon.com/accounts/latest/reference/best-practices-root-user.html) which clearly recommends using of root account only in the case where IAM users cannot be used.
You could get a hefty bill if you use your root account and share it by mistake. Be careful when sharing this information, and double-check who you’re sharing it with.
Billing
This is perhaps AWS’s most misleading or misunderstood feature, which is why many customers prefer to ignore it (big mistake) . Although Amazon provides all the necessary parts and guidelines for billing and estimates, it is often confusing to people working in AWS day and night.
AWS pricing is based on the pay-as-you-go model, meaning that customers are only charged for the resources and services they use. This pricing model is simple and straightforward; however, customers often are unaware of what they are using or may misunderstand the charges.
For example, ec2 servers are charged hourly rates; if you don’t use them and don’t shut them down yourself, you’ll still get charged. And if you forget to shut them down, you’ll be charged! So even if you’re not using the servers, you’re still paying for them.
Unused Resources
When it comes to billing, you’re not just charged for the resources you use. You’re also charged for unused resources, like ec2 servers, AMIs, RDS, etc. If you have a global team or are working with people in different regions, they might have created resources in the various areas without your knowledge. On AWS, you’re only charged for help in the selected region, so you might not see resources from the other areas until you choose them. We advise all our customers to check their billings every month and ask us to investigate if they find anything abnormal.
While AWS does provide a feature to set a billing alert, we recommend that all customers take advantage of this helpful tool. You can be notified if billing goes beyond that amount by setting a limit. This can help you stay on top of your spending and avoid surprises.
AWS Support
At first, AWS didn’t offer support for software like operating systems and apps. But now they have a team that can assist. However, the downside is that AWS Support can be expensive. If you’re not on a paid plan, you won’t be able to get any support except by posting on forums. They have free email support, but it’s only for billing issues. So if your account is suspended, you can reach out to them. But if your app is having problems, you’ll need to rely on your solution providers if you do not have paid support.
You may have experienced some unexpected charges on your AWS account. This article explains some of the main reasons for this and how you can avoid it. Part 2 will explain how to make your AWS account more secure and avoid high unexpected billing.
