The 30% rule
Industry research from Gartner and Flexera consistently shows that 30-40% of cloud spend is wasted. This is not a rounding error — for a company spending $10,000/month on AWS, that is $3,000-$4,000 going to resources that serve no purpose.
The surprising part: this waste rarely comes from over-engineered architecture or expensive services. It comes from resources that were provisioned for a specific purpose, served that purpose, and then were simply forgotten. A dev spins up an RDS instance to test a migration, the migration works, and the instance runs for six months before anyone notices.
The good news is that eliminating this waste does not require re-architecting anything. It requires visibility and a systematic process. Here is a step-by-step approach that works for teams of any size.
Step 1: Audit stopped EC2 instances
Stopped EC2 instances are the most common source of hidden charges. While the compute cost stops when you hit the stop button, AWS continues billing for attached EBS volumes (at full rate), any associated Elastic IPs ($3.60/month each), and EBS snapshots.
A typical stopped m5.large with a 100GB gp3 volume and one Elastic IP costs roughly $12/month sitting idle. Multiply that by 10-20 forgotten instances across a team, and you are looking at $120-$240/month for nothing.
How to find them
In the AWS Console, go to EC2 > Instances and filter by Instance State = stopped. Sort by Launch Time to find the oldest ones. Any instance stopped for more than 7 days is a candidate for termination.
What to do
- ✓Create an AMI if you might need the configuration later
- ✓Snapshot the EBS volumes if the data matters
- ✓Terminate the instance — this releases the EBS volumes and Elastic IPs
- ✓If you are unsure, tag it with a termination date 14 days out and revisit
Step 2: Find unattached EBS volumes
When you terminate an EC2 instance, the root volume is usually deleted automatically. But additional volumes (data disks, temp storage) often persist in an 'available' state — meaning they are not attached to any instance but are still being billed at full rate.
A 500GB gp3 volume costs $40/month whether it is attached to an instance or sitting idle. These volumes accumulate silently because they do not show up in any dashboard unless you specifically look for them.
How to find them
Go to EC2 > Volumes and filter by State = available. These are volumes not attached to any instance. Check the 'Created' date — volumes older than 30 days with no Name tag are almost always safe to delete.
What to do
- ✓Create a snapshot before deleting (costs pennies compared to the volume)
- ✓Delete the volume
- ✓Review old snapshots too — snapshots of deleted volumes still cost $0.05/GB/month
Step 3: Release unused Elastic IPs
AWS charges $0.005 per hour ($3.60/month) for every Elastic IP that is allocated but not associated with a running instance. This is a deliberate pricing signal — AWS wants you to release IPs you are not using because IPv4 addresses are a scarce resource.
Teams often allocate Elastic IPs 'just in case' or forget to release them after terminating the associated instance. Ten unused EIPs cost $36/month — not catastrophic, but it adds up and signals a lack of hygiene that usually means bigger waste elsewhere.
How to find them
Go to EC2 > Elastic IPs. Any IP without an 'Associated instance ID' is costing you money for nothing. Check across all regions — EIPs are regional resources.
Step 4: Check idle RDS instances
RDS instances are expensive. A db.r5.large costs about $175/month, and unlike EC2, you cannot stop an RDS instance indefinitely — AWS automatically restarts stopped RDS instances after 7 days and resumes billing.
Common sources of RDS waste include dev/staging databases that run 24/7 but are only used during business hours, read replicas created for a load test and never removed, and databases for deprecated features that nobody turned off.
How to identify idle RDS
- ✓Check DatabaseConnections metric in CloudWatch — zero connections for 7+ days means nobody is using it
- ✓Check CPUUtilization — sustained under 5% suggests the instance is oversized or idle
- ✓Look at FreeStorageSpace — if it has not changed in weeks, no data is being written
What to do
Take a final snapshot, then delete the instance. If you might need it again, the snapshot lets you restore in minutes. For dev databases that are only needed during business hours, consider using Aurora Serverless v2 which scales to zero.
Step 5: Review NAT Gateway costs
NAT Gateways are one of the most overlooked cost drivers on AWS. Each NAT Gateway costs $32/month in fixed charges plus $0.045 per GB of data processed. A single NAT Gateway processing 1TB/month costs $77 — and many teams run one per availability zone.
Check your NAT Gateway data processing charges in Cost Explorer. If a NAT Gateway is processing less than 1GB/month, the traffic it handles could likely be routed differently or the resources behind it may no longer need internet access.
Step 6: Automate the process
Manual audits work once, but waste accumulates continuously. The team that cleaned up $3,000 in waste this month will have $1,000 in new waste next month unless detection is automated.
This is exactly what Driftak does. It connects to your AWS accounts with read-only access, scans for idle resources on a schedule you define, and sends escalating alerts through Slack, email, and Telegram. The first alert is gentle; if nobody acts, it gets louder. Problems do not stay hidden.
The result: your team catches waste in hours instead of at month-end, and the 30% savings becomes permanent rather than a one-time cleanup.