AWS Cost Anomaly Detection helps organizations analyze their spending patterns and detect anomalies such as cost spikes or unexpected overruns.

To help you avoid any cloud billing horror stories, we’ll explore how AWS Cost Anomaly Detection works and some best practices for leveraging it to monitor and reduce your cloud costs.

What is AWS Cost Anomaly Detection?

AWS Cost Anomaly Detection is an AWS Cost Management feature that leverages machine learning to identify unexpected increases in your AWS spending. By analyzing your historical usage, it automatically detects unexpected and abnormal spending (perhaps caused by a configuration error or other oversight) and sends you alerts via email, Slack, or other tools.

You can customize AWS Cost Anomaly detection and define your own threshold for what constitutes an anomaly. For example, if your spending patterns for Amazon EC2 are different from your AWS Lambda or Amazon S3 spending patterns you can segment spends by AWS services, environments or organizations to decrease false positive alerts.

You can create cost monitors that evaluate criteria like:

AWS services monitor:

Tailor alerts for specific AWS services to catch anomalies relevant to particular parts of your infrastructure, like unexpected spikes in Amazon S3 storage costs or unusual Amazon RDS usage. The AWS service monitor is best for simple use cases, for example if you don’t need to segment by environment or organization (unlike linked accounts below).

Cost category monitor:

Define cost categories that reflect your organizational structure and budget allocation. You can create custom categories and map your cost and usage information into these categories based on AWS account, tag, service, charge type, or other rules you set.

Linked accounts monitor:

Monitor spending across multiple linked AWS accounts, useful for organizations with multiple teams or departments using separate accounts but requiring centralized cost visibility and management.

Cost allocation tag monitor:

This is similar to linked accounts, but uses cost allocation tags to track spending on specific projects, departments, or environments. Cost allocation tags provide a more granular level of monitoring for organizations that need to track costs across different dimensions.

One advantage of AWS Cost Anomaly Detection is that integrates with other AWS Cost Management services, like AWS Budgets or AWS Cost Explorer to perform root cause analysis of spending increases.

Related Content

AWS Cloud Cost Allocation: The Complete Guide

How to tag and allocate every dollar of your AWS spend

Use Cases and Benefits of AWS Cost Anomaly Detection

The primary advantages of using the AWS Cost Anomaly tool to detect unusual spending include:

Avoid surprise bills

For high-growth innovative companies, compute costs can be a huge portion of your overall spending. There are many recent tales of startups that ran out of cash to pay multi-million dollar cloud bills.

Setting cost monitoring and anomaly detection can help prevent surprise billing overruns. With Amazon SNS topics, you can send alerts to your Slack or Amazon Chime chat room — making it easier to promptly address unexpected spend or detected anomalies, improve your AWS cost optimization, and stay on-budget.

Automated insights into your spending

AWS Cost Anomaly Detection uses machine learning models and data analytics to determine your normal usage baseline, filter through and assess your cost data, and identify unexpected changes to your spending and potential root causes. This allows you to automatically detect anomalies in your spending patterns, reducing your management burden of cost monitoring.

Streamlined and customized alerting

Once you have created your cost monitor, you set a custom threshold for alerts (for example, only alert on anomalies with impact greater than $1,000 in AWS costs). You can visit your Anomaly Detection dashboard to monitor the activities, including anomalies detected that are below your alert threshold. This helps you to minimize false positive alerts.

A diagram representing the working of AWS Cost Anomaly Detection
Image source: AWS

How to set up cost anomaly detection: practical steps

In this section, we’ll provide some steps and tutorials for setting up a cost monitor, setting up cost alerts, and automating Slack notifications.

How to set up a cost monitor and create alerts for detected cost anomalies

Here are the basic steps for creating a cost monitor in the AWS management console. (As a prerequisite, please note that to access AWS Cost Anomaly Detection, you first need to enable Cost Explorer. For instructions, see Enabling Cost Explorer in the AWS documentation).

In the navigation pane of the AWS Cost Management console, choose Cost Anomaly Detection, the Cost monitors tab, and select Create monitor.

Step 1 is to choose a monitor type and name your monitor. You can consult the AWS documentation for more information about each monitor type and best practices.

Image source: AWS

Step 2 is to configure your alert subscriptions. For Alert subscription, if you don’t have an existing subscription, choose Create a new subscription. If you have existing subscriptions, select Choose an existing subscription.

Enter an appropriate Subscription name and your desired Alerting frequency, whether immediately, daily summary, or weekly cadence.

Under Alert recipients, enter email addresses for this subscription.

For Threshold, enter a number to configure the anomalies that you want to generate alerts for. You can define thresholds based on either absolute (when a certain AWS cost threshold is exceeded) or percentage (when a percentage difference between expected spend and actual spend is exceeded).

You can Create monitor to finalize and create your AWS cost monitor. AWS will now monitor your spending with Machine Learning and send you cost anomaly detection alerts as specified.

How to set up Slack in AWS Chatbox

After you have added an SNS topic to one or more of your individual alert anomaly subscriptions, follow these steps to integrate AWS notifications with your Slack workspace using AWS Chatbot:

Step 1 is to give AWS Chatbot Access to Slack. Open the AWS Chatbot console, select Slack as the chat client, and grant permission to allow AWS Chatbot to access your Slack workspace.

Image source: AWS

Step 2 is to configure your Slack channel. Click on Configure a New Channel and provide a configuration name.

Find the Slack workspace where you want your alerts published. Right-click on the channel and copy the link. Paste the link in the Channel ID text box in the AWS Chatbot console. This will ensure that alerts are directed to the correct Slack channel.

Step 3 is to select role settings. AWS Chatbot requires an IAM role to perform actions (run CLI commands and respond to interactive messages). Role settings determine what permissions channel members have, and you can select either a Channel IAM role or a User role. You can either reuse an existing IAM role or create a new one from a template.

Select an appropriate policy to provide the necessary permissions for the actions you want AWS Chatbot to be able to perform in your Slack channel.

Finally, select the SNS topic created in your Cost Anomaly Detection Alert subscription. You can select multiple SNS topics from more than one region, granting them all the ability to notify the same Slack channel.

A screenshot of the notification settings section in AWS.
Image source: AWS

After these steps, cost anomaly alerts should appear in your Slack channel.

How to supercharge your cost anomaly detection with nOps

AWS Cost Explorer is a great AWS-native tool for starting to get a handle on your cloud costs. However, if you’re struggling to fully understand and give business context to the billions of your AWS data, you’re not alone.

nOps helps simplify all your AWS costs into a single view (including your EKS costs down to the container level).

nOps Business Contexts gives you complete cost visibility and intelligence across your entire AWS infrastructure. Analyze and allocate your cloud costs with 40+ filters specifically designed for engineering and finance leaders, such as product, feature, team, deployment, environment, provisioner, purchase option, compute type, and more.

Break down hourly spend by purchase option
Break down hourly spend by purchase option — see how optimized you are

You can also tailor reports or notifications to any member of the team — whether you’re a CFO who needs a monthly breakdown of all cost centers, an Engineering Manager who needs just a few cost centers at daily granularity, or a DevOps engineer who needs hourly visibility of all services.

More about nOps

Understanding and allocating 100% of your AWS bill is just one part of the AWS cost optimization journey. nOps also offers a suite of ML-powered cost optimization features that help cloud users reduce their costs by up to 50% on autopilot, including:

  • Compute Copilot: automatically selects the optimal compute resource at the most cost-effective price in real time for you — also makes it easy to save with Spot discounts
  • Commitment Management: automatic life-cycle management of your EC2/RDS/EKS commitments with risk-free guarantee
  • nOps Essentials: set of easy-apply cloud optimization features including EC2 and ASG rightsizing, resource scheduling, idle instance removal, storage optimization, and gp2 to gp3 migration

nOps processes over 1.5 billion dollars in cloud spend and was recently named #1 in G2’s cloud cost management category.

You can book a demo to find out how nOps can help you start saving today!