cloudcostdown.euAWS Billing · Hidden Charges Guide
7 Hidden AWS Costs That Blindside Startups Every Month
Your AWS bill has line items that don't show up in obvious dashboards. NAT Gateway data processing, cross-AZ transfer, orphaned snapshots - each one accumulates silently until someone digs into Cost Explorer with the right filters. Here's what to look for and what each one typically costs.
Why These Are Different from "Normal" AWS Costs
Over-provisioned EC2 instances and unoptimised RDS are well-known problems. The charges below are different - they don't appear in the obvious service summaries and require specific Cost Explorer filters to surface.
Hard to attribute
Appear as 'data transfer' or 'requests' with no obvious source service
Grow with usage
Scale with traffic, making them look like legitimate costs rather than waste
Not in standard dashboards
AWS Cost Explorer summary view aggregates them away from obvious view
Architecture-driven
Often require an architectural change, not just a config tweak
NAT Gateway data processing
Typical impact: $800–3,000/monthAWS charges $0.045/GB processed through NAT Gateway - on top of the hourly fee. Every EC2 instance communicating with S3, DynamoDB, or any external endpoint routes through NAT by default.
Real example
One startup discovered $1,800/month in NAT data processing fees - 3.5× their actual Lambda compute cost. The charges were buried under 'data transfer' in Cost Explorer with no obvious attribution.
The fix
Create Gateway VPC Endpoints for S3 and DynamoDB. Traffic routes through AWS's private network, bypassing NAT entirely. Free to create; takes 15 minutes in Terraform.
Cross-AZ data transfer charges
Typical impact: $200–1,500/monthAWS charges $0.01/GB for data transferred between Availability Zones within the same region. In a microservices architecture, every service-to-service call across AZs incurs this charge. It appears as a generic 'data transfer' line in the bill.
Real example
A startup running 12 microservices across 3 AZs was paying $900/month in cross-AZ charges. The charge grew with traffic, making it look like a legitimate scaling cost when it was actually an architecture problem.
The fix
Co-locate services in the same AZ where latency allows. Use AWS PrivateLink for cross-AZ communication. Enable AZ awareness in load balancers to minimise cross-AZ routing.
Orphaned EBS volumes and growing snapshot libraries
Typical impact: $100–500/monthWhen an EC2 instance is terminated, EBS volumes are often left behind unless `DeleteOnTermination` is set. Snapshots accumulate from automated backups with no retention policy. Neither shows up obviously in the console.
Real example
A manufacturing-sector client had dozens of abandoned EBS volumes from 18 months of EC2 churn - $2,100/month in storage for deleted infrastructure. Snapshots from 3 years of automated backups added another $400/month.
The fix
Run `aws ec2 describe-volumes --filters Name=status,Values=available` to list unattached volumes. Set lifecycle policies for snapshots. Migrate gp2 volumes to gp3 for 20% savings on active volumes.
Idle load balancers and Elastic IPs
Typical impact: $50–400/monthALBs charge $16–30/month in baseline fees regardless of traffic. Elastic IPs cost $0.005/hour when not attached to a running instance. Both accumulate from forgotten staging environments and decommissioned services.
Real example
Seven ALBs from decommissioned staging environments were routing traffic to nothing, costing $175/month each - $1,225/month total for infrastructure that served zero requests. Three unattached Elastic IPs added another $110/month.
The fix
Audit all load balancers: check RequestCount in CloudWatch for 30 days. Delete any with fewer than 100 requests/day not attached to active services. Release all unattached Elastic IPs.
CloudWatch log storage and ingestion fees
Typical impact: $100–800/monthCloudWatch charges $0.50/GB for log ingestion and $0.03/GB for storage per month. Applications logging at DEBUG verbosity, Lambda functions logging every invocation, and VPC Flow Logs with no retention policy all accumulate silently.
Real example
An application running in debug mode was ingesting 40GB of logs per day - $600/month in CloudWatch ingestion alone, before storage costs. VPC Flow Logs retained indefinitely added another $180/month.
The fix
Switch production applications to INFO or WARN level logging. Set log group retention to 30–90 days. Use metric filters to count events instead of storing full log lines where possible.
S3 request and retrieval charges
Typical impact: $50–500/monthBeyond storage costs, S3 charges per API request: $0.0004 per PUT/POST/LIST and $0.00004 per GET. Applications making millions of small S3 requests - especially microservices fetching config files or Lambda functions reading secrets - accumulate meaningful charges.
Real example
A startup's S3 bill was $800/month on a bucket with only $40 of actual storage. The rest was GET requests from a Lambda function fetching a configuration file on every invocation rather than caching it.
The fix
Cache frequently-accessed S3 objects in memory or ElastiCache. Use S3 Intelligent-Tiering for objects with variable access patterns. Batch small writes to reduce PUT request counts.
Cross-region data transfer
Typical impact: $200–2,000/monthTransferring data between AWS regions costs $0.02/GB. Architectures with multi-region replication, disaster recovery setups, or services accidentally calling endpoints in the wrong region generate substantial transfer charges that appear as undifferentiated 'data transfer out'.
Real example
A startup's disaster recovery setup was replicating 5TB of data per day between eu-west-1 and us-east-1 - $3,000/month in cross-region transfer for a DR scenario that had never been tested and had no recovery time objective defined.
The fix
Audit all cross-region traffic in Cost Explorer using the 'Usage Type Group: Data Transfer' filter. Confirm each cross-region data flow has a documented business justification. Consider S3 Cross-Region Replication policies with explicit cost caps.
Common questions
How do I find these charges in Cost Explorer?
Filter by service first, then apply a 'Usage Type' group filter within that service. For NAT Gateway, filter for 'NatGateway-Bytes'. For data transfer, filter for 'DataTransfer-Regional-Bytes'. The summary service view aggregates all usage types together and hides the detail.
Can AWS Trusted Advisor find these?
Trusted Advisor surfaces some idle resource recommendations (EIPs, load balancers) but misses data processing charges, request costs, and cross-AZ transfer entirely. It also requires Business or Enterprise support for the cost-related checks.
Are these charges avoidable or just part of using AWS?
Most are avoidable. NAT Gateway data processing is eliminated with VPC endpoints (free). Cross-AZ transfer is reduced with AZ-aware routing. EBS orphans and snapshot accumulation are purely operational - they exist only because nobody cleaned up. S3 request charges are reduced with caching.