[AWS Cloud Fundamental Notes] Cost Control
Cost management methods under single account and multi-account configurations
Using the AWS Pricing Calculator , you can estimate the cost of cloud architecture through a data center perspective.
AWS Organizations
consolidates multiple AWS accounts into one organization for centralized management.
You can create accounts within the organization and invite existing accounts to join.
It includes account management and consolidated billing features, meeting budget, security, and compliance requirements.
Cost Management for Single Account
graph LR; id1[Single Account Cost Management]-->id2[Cost Calculation]; id1[Single Account Cost Management]-->id3[Cost Management]; id1[Single Account Cost Management]-->id4[Payment Plans]; id2[Cost Calculation]-->id5[AWS Pricing Calculator]; id3[Cost Management]-->id6[AWS cost allocation tags]; id4[Payment Plans]-->id7[On Demand]; id4[Payment Plans]-->Reserved; id4[Payment Plans]-->Spot; id4[Payment Plans]-->id8[Saving Plans];
Three Major Charging Directions
The impact of different resource usage on costs:
- Computation: Highest cost
- Storage: Intermediate
- External Data Transfer: Relatively cheap
Cost Tracking
Use AWS Cost Allocation Tags: AWS cost allocation tags
to easily categorize and track AWS costs.
Apply tags representing business categories (e.g., department, project) to organize costs across multiple services.
Payment Plans
Various payment plans are provided based on usage scenarios.
| On Demand | Reserved | Spot | Saving Plans | |
|---|---|---|---|---|
| Description | Classic usage: Turn on when needed and off when not needed | Apply discounts to account for on-demand instance usage | Set cost bidding: Risk of machine closure due to failed bidding | Hourly usage commitment for one or three years |
| Cost | High | Save 30-70% | Determined by current bidding price | Save 30-70% |
Saving Plans are the next generation of Reserved Instances, offering the same amount of savings but with greater flexibility. They provide better cost savings by offering flexible instance usage settings, instead of being tied to specific instance settings.
Issues with Single Account
Multiple Departments Sharing an Account
- Cloud resources are occupied: Physical entities with rental limits cannot allocate resources.
- Cost is difficult to split: Usage fees cannot be effectively recorded.
- Ghost resources: Machines are turned on but not used, causing resource waste and unclear responsibility.
Multiple Environments Sharing an Account
- Environment content leakage: Internal personnel have excessive permissions.
Multi-Account Solution
Department Independent Accounts
- Independent usage
- Independent costs
- Department is responsible for resources
Environment Segmentation Accounts
- Clearly distinguish access permissions
Issues with Multi-Accounts
Each Department Holds a Root Account
- Excessive permissions
- Different departments may not have corresponding professionals
- Unable to share usage discounts across departments
AWS Organizations
Allows you to merge multiple AWS accounts into one organization.
Enables you to create and centrally manage. AWS Organizations includes account management and consolidated billing features.
Including account management and merging billing functions, and meeting budget, security, and compliance requirements.
It’s like the relationship between a headquarters and its branches.
The headquarters has multiple branches, and each branch has many departments.
The departments operate independently from each other.
In AWS Organizations:
- Organization root: Headquarters
- Organization Unit(OU): Branch
- Member accounts: Departments (with IAM Users below)
In the Organization root’s Management Account, usage can be centralized.
Accumulated usage can enjoy price discounts.
Management Account issues “Service Control Policy”
Member Root Accounts within the Organization Unit must comply with this policy
This can limit the Root Account’s execution permissions.
