Most of the bill is small, boring waste
of cloud spend is wasted, by organizations' own estimate.
The waste is rarely one dramatic line item. It is a forgotten test environment, a database three sizes too large, on-demand pricing on a workload that runs 24/7, an unattached volume nobody deleted, and AI usage that crept up quietly. The good news: that also means most of it is recoverable without touching your architecture. Here are the levers, in the order that pays off fastest.
The five levers, fastest payoff first
1. Kill idle and unattached resources
Stopped EC2 instances still paying for attached EBS, unattached volumes, idle load balancers, unused Elastic IPs, and old snapshots add up quietly. These are pure waste with no workload behind them, so deleting them carries almost no risk. This is the first place to look and usually the fastest money.
2. Right-size what is over-provisioned
EC2, RDS, and ECS tasks pinned at 10 percent CPU are paying for capacity they never use. AWS Compute Optimizer and CloudWatch metrics show which instances and databases can drop a size or two with no performance hit. Right-sizing is a config change, not a rewrite.
3. Commit to your steady-state usage
Anything you run every day at on-demand pricing is overpaying. Cover that baseline with Savings Plans or Reserved Instances. A one-year, no-upfront commitment is the low-risk default and often saves 30 to 40 percent on the committed usage. Commit to the floor of your usage, not the peak.
4. Tier your storage
Turn on S3 Intelligent-Tiering so cold objects move to cheaper tiers automatically, add lifecycle rules to Infrequent Access or Glacier for archives, and migrate gp2 EBS volumes to gp3 for the same performance at lower cost. Storage waste compounds because it is rarely revisited.
5. Catch spikes early, and watch AI spend
Set anomaly detection against a rolling baseline and alert in Slack, so a runaway cost is caught in days instead of at invoice time. Pay special attention to AI and Bedrock spend: token prices keep falling, but agents use 5 to 30 times more tokens, so the bill climbs anyway. Track cost per model and per workload to see what is driving it.
The fastest way to do all of this
Doing this by hand means living in Cost Explorer, Compute Optimizer, and a dozen browser tabs. nable does the finding for you, from inside Claude or Cursor. Ask "where is my AWS waste" and it returns the idle resources, the right-sizing moves, and the commitment opportunities, ranked by dollars, then drafts the Terraform fix as a pull request for you to approve. It is read-only, it proposes rather than executes, and it runs on your own machine, so your credentials never leave your laptop.
Common questions
Why did my AWS bill go up this month?
Usually one of four things: a new or scaled-up workload, a forgotten resource left running, a pricing change such as on-demand replacing an expired commitment, or fast-growing data transfer and AI usage. Compare this month to last by service and by usage type in Cost Explorer, and the one or two line items that moved will stand out.
How much of cloud spend is typically wasted?
Around 30 percent, by organizations' own estimate (Flexera, State of the Cloud). It is spread across many small items rather than one big one, which is why a systematic sweep beats hunting for a single culprit.
What is the fastest way to cut an AWS bill without re-architecting?
Delete idle and unattached resources, right-size what is over-provisioned, and buy Savings Plans for your baseline usage. These three need no code changes and typically recover 20 to 30 percent in a few days.
How do I track Amazon Bedrock or LLM costs?
Break AI spend down by model and usage, not just the Bedrock total. Attribute cost per model, per token, and per workload so you can see which feature is driving growth and route to a cheaper model where quality allows.
Is it safe to give a cost tool access to my AWS account?
Yes, when the access is read-only and scoped to cost and metadata. A well-built tool reads Cost Explorer, billing, and describe APIs only and cannot read your S3 objects, logs, or database rows. nable runs locally, so credentials stay in your own machine's keyring. See how nable handles access.