5 Tips for Reducing AWS Network Costs

30 Jun 2024

As many of you are aware, major public clouds charge quite a bit for network egress these days. On the major cloud computing platforms, you pay $0.09 per GB of traffic exiting AWS, and similar rates with Azure and GCP. This means that hosting videos, images, and more can get really costly when you scale to a lot of users. In a popular post by Cloudflare titled ‘AWS’s egregious egress’, Cloudflare says that the rates do not make sense anymore.

When using AWS Cloudfront, make sure to enable compression

It’s amazing how YouTube and Twitch offer their services for free. This comes at a huge bandwidth cost each month. As a startup or person seeking to host your own videos, images, or content, you must keep a close eye on the costs per user. One saving grace, is that Netflix surely uses CDNs, and they probably have checked this very important box ‘Compress objects automatically’ (2). This reduces the network bandwidth by 80% and will also improve user experience by getting their content to them faster. In general, architecting a solution on AWS for VPNs or video hosting can be very costly so beware.

Avoid inter-region data transfer

In AWS, if your EC2 instances are in us-west-2, and are uploaded to an instance that is in us-east-1, you could be incurring some cost ($.02 per GB). Depending on traffic, it is better to split up the compute resources into different regions (use CDK/cloudformation), but ensure that they don't talk cross-region to other resources. This also allows for failover DNS routing and avoids this data charge. Alternatively, a quick and good solution is to have a read-only replica database in each region, instead of requesting across regions.

Keep traffic within an availability zone

Each AWS Region consists of multiple zones for redundancy. Traffic that crosses an Availability Zone boundary typically incurs a data transfer charge. Use resources from the local Availability Zone whenever possible. Ensure that the database is deployed in each zone. If you are setting up an HPC cluster or ML Cluster, it could be in your best interest to deploy your ec2 instances in the same zone, if there is network traffic.

Don’t pay for bandwidth between AWS Services

For traffic between AWS compute services and other AWS services (s3, dynamo), with the right setup this traffic should be free. Since NAT Gateways incur bandwidth charges, make sure to use an Internet Gateway if the subnet is public (1). If you have compute instances in private subnets, ensure that traffic destined for internal AWS services goes through a Gateway Endpoint, since its free. This avoids a cost of ($.09 per GB). It may not seem like a lot, but depending on the amount of traffic you are receiving, this could add up to thousands of dollars.

To connect to other microservices within the same company, create an endpoint service (3). The consumer can then find your service when creating an interface endpoint, by inputting the id. This ensures that the routing will happen within the VPC and will not incur any data charge. This is better than VPC peering since there are fewer issues with conflicting private IP CIDRs and also you are able to share the load balancer if you associate a private DNS name to it.

Since these fees are still a widespread practice, it is best to understand how to navigate them.

If you enjoyed this article, please follow and share it with others!

And please follow my cloud security tools substack blog for more