Real scan — anonymized data

$520/mo from one Aurora setting
most teams don't know about

We scanned a production AWS account across 12 regions. The biggest single finding was an Aurora cluster bleeding $520/mo on per-I/O charges. The fix is one AWS CLI command. Plus 92 more findings totaling $1,299-$1,350/mo across the same account.

By Mohamed Shehabeldin, Founder of CostPatrol

$1,299 - $1,350/mo across 93 findings. Found in 90 seconds.

One Aurora cluster on the wrong storage type was bleeding $520/mo on its own. The rest was idle RDS instances, stopped EC2s still paying for EBS, previous-gen instances eligible for Graviton, oversized log retention, and the usual long tail. 76 of the 93 findings sat in us-east-2 alone, not the account's primary region.

Check your account
Total savings
$1,350/mo
$1,299 - $1,350
Findings
93
Rules matched
21
Regions scanned
12

Every finding, with exact fix commands

93 optimization opportunities across 21 rules and 12 regions. Real dollar amounts. Anonymized resource names.

Aurora I/O-Optimized Eligibility
RDS-O009 · 1 cluster · us-east-2
$520.77/mo
prd-saas-cluster (Aurora PostgreSQL 15.12)
$520.77/mo
us-east-2 · 1 instance · Standard storage · I/O at 79.45% of cluster cost
Switch storage type from standard (aurora) to I/O-Optimized (aurora-iopt1). Eliminates per-I/O charges in exchange for ~30% higher instance hour rate.
Compute cost (current)$146.00/mo
I/O charges (current)$564.57/mo
Current cluster cost$710.57/mo
Compute cost (after switch)$189.80/mo
I/O charges (after switch)$0.00/mo
Monthly savings$520.77/mo
# Switch storage type to I/O-Optimized — applies immediately, no downtime $ aws rds modify-db-cluster \ --db-cluster-identifier prd-saas-cluster \ --storage-type aurora-iopt1 \ --apply-immediately # Reversible. Run with --storage-type aurora to revert.
Why most teams miss this: Aurora I/O-Optimized launched in 2023 as a non-default storage option. AWS Cost Explorer doesn't flag clusters that would benefit. AWS Trusted Advisor doesn't detect this rule. The breakeven is when I/O charges exceed 25% of cluster cost. Production clusters with even moderate write workloads frequently cross that threshold without anyone noticing because nobody is computing the comparison.
Idle RDS Instances + Unused Read Replicas
RDS-O001 + RDS-O011 · 4 resources · us-east-2
$400/mo
prd-saas-cluster-instance-1
$146/mo
us-east-2 · Aurora PostgreSQL · Avg CPU < 5%, DatabaseConnections < 5, no I/O for 7+ days
Stop or delete idle Aurora instance. Cluster has more capacity than the workload needs.
# Snapshot first, then stop or delete $ aws rds stop-db-instance \ --db-instance-identifier prd-saas-cluster-instance-1
prd-saas-cluster-instance-2
$146/mo
us-east-2 · Aurora PostgreSQL · Same idle pattern
Stop or delete
$ aws rds stop-db-instance \ --db-instance-identifier prd-saas-cluster-instance-2
prd-saas-cluster-instance-1-us-east-2c (read replica)
$146/mo
us-east-2 · Read replica · No replica traffic detected for lookback window
Delete unused read replica. No application is reading from it.
$ aws rds delete-db-instance \ --db-instance-identifier prd-saas-cluster-instance-1-us-east-2c \ --skip-final-snapshot
and 1 more idle RDS instance — overlap with Aurora cluster optimization deducted
Previous-Generation EC2 Instance Types
EC2-O001 · 6 resources · us-east-2
$168/mo
backend-command-executor (m4.large)
$28/mo
us-east-2 · Previous-gen m4 · Current-gen m5 is cheaper and faster
Migrate to current-gen instance class (m5.large or m6i.large). Better price/performance, Nitro-based.
$ aws ec2 stop-instances --instance-ids i-xxxx $ aws ec2 modify-instance-attribute --instance-id i-xxxx \ --instance-type '{"Value":"m5.large"}' $ aws ec2 start-instances --instance-ids i-xxxx
and 5 more previous-gen instances across us-east-2 — $140/mo additional savings
Stopped EC2 with Attached Storage + Graviton Migrations
EC2-O007 + EC2-O003 · 12 resources · us-east-2
$182/mo
8x stopped EC2 instances still attached to EBS
$184/mo
us-east-2 · Stopped 30+ days · EBS volumes still billing at gp2/gp3 rates
Snapshot required volumes, terminate instances, delete EBS volumes that aren't needed for restore.
# For each stopped instance: snapshot, terminate, then clean up EBS $ aws ec2 create-snapshot --volume-id vol-xxxx --description "pre-terminate" $ aws ec2 terminate-instances --instance-ids i-xxxx $ aws ec2 delete-volume --volume-id vol-xxxx
2x EC2 boxes tagged GitLab and Jenkins (Graviton candidates)
$48/mo
us-east-2 · m5.large + m5.xlarge · ARM64 equivalent available, ~30% cheaper
Migrate to m6g.large/m6g.xlarge (Graviton2). Same instance class, 30% cheaper. Verify build runner ARM compatibility first.
# Test ARM compatibility, then migrate $ aws ec2 modify-instance-attribute --instance-id i-xxxx \ --instance-type '{"Value":"m6g.large"}'
and 2 more EC2 findings — $46/mo additional savings
Long Tail: Lambda, CloudWatch Logs, NAT, EIP, Route 53
LAM-O001/2/3/4 + CWL-O001/3 + IPV4-O001 + R53-O001 + others · 70 resources
~$80/mo
24x unused Lambda functions (LAM-O003)
delete candidates
0 invocations in 30 days · Last modified 6+ months ago · Storage and config retained
Delete unused Lambda functions. No invocations means no value, just config drift and audit noise.
$ aws lambda delete-function --function-name FUNCTION_NAME
12x CloudWatch log groups with bad retention (CWL-O003 + CWL-O001)
$30/mo
Retention "Never expire" or 90+ days · 7-30 days would suffice for these workloads
Set sensible retention. Old log data costs money to store and is rarely queried.
$ aws logs put-retention-policy \ --log-group-name "/aws/lambda/FUNCTION" \ --retention-in-days 30
3x unattached Elastic IPs + 1 Route 53 health check on dead endpoint
$15/mo
EIPs: $3.65/mo each when unattached · R53 health check polling a domain that no longer responds
Release unattached EIPs and delete the dead health check.
$ aws ec2 release-address --allocation-id eipalloc-xxxx $ aws route53 delete-health-check --health-check-id HC_ID
and 30+ more findings across NAT Gateways, VPC Endpoints, KMS, ECR — covered in the full report

What AWS Cost Explorer misses

AWS Cost Explorer + Trusted Advisor
Shows RDS spend climbing — without knowing the cluster is on the wrong storage type
No detection for Aurora I/O-Optimized eligibility
No surfacing that 76 of 93 findings sit outside the primary region
No fix commands. You're on your own to figure out the syntax.
CostPatrol
Aurora I/O-Optimized eligibility detected automatically with breakeven math
Per-resource current cost vs. recommended cost vs. monthly savings
Scans every region. Finds waste in regions you forgot you were using.
Exact AWS CLI command to apply each fix. Copy-paste ready.

AWS shows you a bigger bill. CostPatrol shows you that one Aurora cluster is bleeding $520/mo on the wrong storage type, and 92 other resources are quietly adding another $830 on top.

More real AWS scan reports

$6,496/mo
Aurora cluster sprawl, 17 clusters when 2 would do
56 findings · 4 rules · 4 regions
$1,168/mo
DynamoDB on-demand billing waste
26 findings · 6 rules · 4 regions
$1,112/mo
Full-stack waste across 12 rules
35 findings · 12 rules · 7 regions

You've been meaning to do this.

It takes 2 minutes. If there's nothing to find, you lost a coffee break.

Find out in 2 minutes