Dark server room with blinking warning lights representing hidden AWS cloud infrastructure costs
← All Articles
FinOps

7 Hidden AWS Resources Silently Draining Your Budget

Jamshed Ali · February 20, 2026

The AWS Charges Nobody Is Watching

Every AWS account leaks money. Not in one large, obvious place — but in dozens of small, forgotten resources that nobody owns and nobody monitors.

In auditing multiple production AWS accounts, the pattern is consistent: between $200 and $1000 per month in pure waste on accounts that otherwise look well-managed. On larger accounts, that number is much higher.

Hidden aws costs do not come from expensive architectural mistakes. They come from engineers doing their jobs — spinning up a database for testing, allocating an IP for a server, taking a snapshot for safety — and not cleaning up when the work is done.

This guide covers the 7 most common culprits, how to find them, and how to eliminate them in under an hour.

AWS billing dashboard showing unexpected high charges with red warning indicators Surprise charges on your AWS bill are almost always from forgotten resources

Why Hidden AWS Costs Are Hard to Spot

AWS bills show total spend by service — not by resource. An EC2 bill of $3,000 does not tell you which instances are useful and which are forgotten.

Without proper cost allocation tags and resource-level visibility, identifying waste requires manual investigation. Most teams never do this systematically — so costs accumulate month after month.

The resources below are consistently the top offenders across accounts of all sizes.

1. Unattached EBS Volumes

When an EC2 instance is terminated, the attached EBS root volume is deleted by default — but additional data volumes are not. Those volumes keep charging at $0.10/GB/month even with nothing attached to them.

A single unattached 500GB volume costs $50/month. Twelve of them — a common finding on medium-sized accounts — costs $600/month doing nothing.

How to find them:

aws ec2 describe-volumes \
  --filters Name=status,Values=available \
  --query 'Volumes[*].[VolumeId,Size,CreateTime,Tags]' \
  --output table

Any volume in available state is unattached and potentially unused.

How to fix it: Take a final snapshot if there is any chance the data is needed, then delete the volume. If the volume has been sitting unattached for 30+ days, it almost certainly contains nothing important.

Prevention: Set DeleteOnTermination=true on all EBS volumes in your launch templates. This eliminates the problem automatically going forward.

2. Idle Elastic IPs

AWS charges $0.005/hour ($3.60/month) for every Elastic IP not associated with a running instance. This sounds small, but unmanaged accounts routinely accumulate 20–30 idle EIPs.

How to find them:

aws ec2 describe-addresses \
  --query 'Addresses[?AssociationId==null].[PublicIp,AllocationId,Tags]'

How to fix it: Release any EIP that is not assigned to an active, production resource. Do not reassign them to avoid the charge — just release them. EIPs are allocated on demand in seconds when needed.

3. Outdated EBS Snapshots

EBS snapshots are incremental and cheap individually — but they accumulate. An account running daily snapshots for 3 years without a retention policy has over 1000 snapshots per volume. At $0.05/GB/month for snapshot storage, this adds up.

How to find the cost: Go to AWS Cost Explorer → filter by service → EBS → look for snapshot storage costs.

How to fix it: Set up AWS Data Lifecycle Manager (DLM) to automatically expire snapshots older than your retention policy. For most workloads, 30–90 days of snapshots is sufficient.

# Example DLM policy via console or CLI
# Retain last 30 daily snapshots, delete older ones automatically

Review and delete existing old snapshots manually. Check the snapshot creation date and the associated volume — if the volume was deleted months ago, the snapshot is almost certainly safe to remove.

4. Abandoned Load Balancers

Application Load Balancers cost $0.022/hour ($16/month) minimum regardless of traffic. Network Load Balancers cost similar amounts. An ALB with zero targets or zero traffic is pure waste.

This is a classic pattern for staging and development environments: the ALB gets created with the environment but never deleted when the environment is no longer used.

How to find them: AWS Trusted Advisor → Cost Optimization → Low Utilization Load Balancers

Or check CloudWatch metrics manually:

  • RequestCount near zero for 7+ days → candidate for deletion
  • ActiveConnectionCount at zero → no traffic flowing

How to fix it: Delete load balancers with no active targets or consistent zero traffic. If it has not served a request in 7 days, it is not needed.

Network diagram showing idle load balancers and unattached EBS volumes wasting money Idle load balancers, unattached volumes, and forgotten Elastic IPs add up fast

5. Forgotten NAT Gateways

NAT Gateways cost $0.045/hour (~$32/month) plus $0.045/GB of data processed. A forgotten NAT Gateway in a development VPC can cost $40–100/month with no traffic whatsoever.

Unlike other resources, NAT Gateways are easy to forget because they are infrastructure — not an application. They do not appear in instance dashboards. They just sit there and charge.

How to find them: Check CloudWatch for all NAT Gateways:

  • Metric: BytesOutToDestination
  • Time range: last 30 days
  • If consistently near zero → idle and unused

How to fix it: Delete the NAT Gateway, release its associated Elastic IP, and update route tables. For development environments that need internet access occasionally, consider using a NAT Instance (a small EC2 instance acting as a NAT) — it costs as little as $3/month.

6. Idle RDS Instances

Dev and staging databases that engineers forgot to stop. An RDS db.t3.medium on-demand costs ~$55/month. A db.r6g.large costs ~$160/month. Running these 24/7 when they are only used during business hours wastes 65% of their runtime.

How to find them: In the RDS console, sort by last connection time. Any database with no connections in the past 7 days is a candidate for review.

How to fix it: For non-production databases, use AWS Instance Scheduler to stop them every night and weekend. Stopping and starting RDS instances does not lose data — it just pauses the instance and billing.

# Stop an RDS instance manually
aws rds stop-db-instance \
  --db-instance-identifier your-dev-database

For development databases that are rarely used, consider stopping them by default and only starting them when actively needed.

7. Log Groups Without Retention Policies

CloudWatch Logs storage costs $0.03/GB/month with no automatic expiration. Without retention policies, application logs from years ago sit in CloudWatch indefinitely.

A busy application logging at 10GB/day generates 300GB/month. At $0.03/GB, that is $9/month — which sounds manageable. But after 3 years without retention policies, that account is storing 10TB+ of logs at $300+/month.

How to find log groups without retention:

aws logs describe-log-groups \
  --query 'logGroups[?retentionInDays==`null`].[logGroupName,storedBytes]' \
  --output table

How to fix it:

Set a retention policy on every log group. For most applications, 30–90 days is sufficient:

aws logs put-retention-policy \
  --log-group-name /aws/lambda/your-function \
  --retention-in-days 30

Run this across all log groups. For compliance-sensitive workloads that need longer retention, export logs to S3 Glacier instead of keeping them in CloudWatch.

Terminal window running AWS CLI audit commands to find unused resources A simple AWS CLI audit can find hundreds of dollars in waste in under an hour

The Monthly Audit Checklist

Run this checklist on the first of every month. It takes less than an hour and consistently finds waste:

  • Unattached EBS volumes — delete or snapshot and delete
  • Idle Elastic IPs — release
  • EBS snapshots older than retention policy — delete
  • Load balancers with no traffic in 7 days — delete
  • NAT Gateways with near-zero traffic — delete
  • RDS instances not connected in 7 days — stop or delete
  • Log groups without retention policies — set 30-day retention

Set a calendar reminder. The first audit typically finds the most — subsequent audits keep waste from accumulating.

Animation of deleting unused cloud resources and watching costs drop Deleting orphaned resources feels satisfying — and it pays immediately

Key Takeaways

  • AWS waste is predictable — the same resource types are responsible across almost every account
  • Most accounts lose $200–1000/month to the 7 resource types in this guide
  • An AWS CLI audit takes less than an hour and requires no special tools
  • Prevention matters: set DeleteOnTermination, use lifecycle policies, schedule non-prod shutdowns
  • Make the monthly audit a team habit — one person, 45 minutes, consistent savings

FAQ

How do I find all unused resources in my AWS account?

Use AWS Trusted Advisor for high-level flagging, Cost Explorer for spending patterns, and the AWS CLI commands in this guide for specific resource types. A combination of all three gives complete coverage. For automated scanning, consider tools like AWS Config or open-source tools like cloud-nuke.

What are the most common sources of AWS waste?

In order of frequency: unattached EBS volumes, idle Elastic IPs, old snapshots, abandoned load balancers, forgotten NAT Gateways, idle RDS instances, and log groups without retention. These seven categories account for the majority of waste found in real account audits.

How often should I run an AWS cost audit?

Monthly is the recommended cadence for the resource-level audit. Cost Explorer anomaly detection should be configured to alert in real-time. A deeper architectural review (Reserved Instances, rightsizing, data transfer) should happen quarterly.

Does AWS automatically delete unused resources?

No. AWS does not automatically delete any resource. Everything continues billing until explicitly deleted. The only automatic cost controls are AWS Budgets alerts (which notify but do not stop resources) and IAM policies that can prevent resource creation.

What tools can help me find hidden AWS costs?

AWS native tools: Trusted Advisor, Cost Explorer, Compute Optimizer, and AWS Config. Third-party tools: Infracost (IaC cost estimation), Kubecost (Kubernetes cost visibility), and Spot.io. Start with native tools — they are free and cover the majority of use cases.

Conclusion

Hidden AWS costs are not a sign of poor engineering — they are a natural result of how cloud infrastructure evolves over time. The important thing is to find them systematically and eliminate them before they compound.

Run the audit. Set up the automated cleanups. Check monthly. The savings are consistent and immediate.

Read next: How to Cut AWS Costs by 60%: A Complete Optimization Guide →

Want a full AWS cost audit done for your account? View our AWS Cost Optimization Audit service →

Written by
Jamshed Ali
Battle-tested DevOps & AWS engineering guides
Need DevOps help? →
Related Articles
DevOps Complete CI/CD Pipeline with GitHub Actions: Real Project
Apr 2026
AI + DevOps Fine-Tune an LLM on AWS Infrastructure Logs with SageMaker
Apr 2026
AI + DevOps Amazon Q vs Claude Code vs GitHub Copilot: 2026 Showdown
Apr 2026