$13,400 Saved Per Year in a Serverless AWS Environment

An ag-tech company operating a mobile application for approximately 3,000 users in the agricultural telematics space brought us in to take over their cloud operations. Their infrastructure was 100% serverless on AWS — 39 Lambda functions in production (Java, Node.js, and Python runtimes), API Gateway, 18 separate RDS MySQL instances following a database-per-service pattern, and Cognito for authentication. Their monthly AWS bill sat at roughly $3,500.

The infrastructure had been handed over from a previous managed service provider, and it showed. The AWS Organization contained 6 accounts — 3 active and 3 that should have been suspended long ago but were still accruing charges. Monitoring was effectively non-functional: 44 out of 46 CloudWatch alarms were stuck in INSUFFICIENT_DATA state. There was no cost governance, no tagging strategy, and no visibility into where the money was going.

During the first 3 weeks of onboarding, we ran a comprehensive cost and security audit before touching anything operational. What we found was years of accumulated technical debt — orphaned resources, abandoned accounts still billing, security configurations that had never been hardened, and infrastructure that no one had reviewed since initial deployment.

• AWS Organization cleanup: Identified and suspended 3 dormant accounts that were still incurring charges across services like CloudTrail, Config, and GuardDuty. This single action saved $684/month.
• Support plan right-sizing: Downgraded from AWS Business Support ($71/month) to Developer tier. The previous provider had enrolled in Business Support but never used the 1-hour response SLA or Trusted Advisor checks.
• Orphaned resource identification: Found S3 buckets accumulating CloudTrail logs from decommissioned accounts ($13/month), a redundant NAT Gateway paired with an unused Network Load Balancer ($54/month), and a full pre-production environment in us-east-1 that hadn't been used in over a year ($70/month).
• Reserved Instance analysis: Mapped the 18 RDS MySQL instances against usage patterns and identified candidates for 1-year Reserved Instance purchases, projecting $65/month in savings.
• Public IPv4 optimization: Catalogued all public IPv4 addresses across the Organization. With AWS charging $0.005/hr per public IP since February 2024, unnecessary public IPs were costing $63/month.
• Security audit (parallel track): Discovered root access keys actively in use, all 18 RDS instances publicly accessible with security groups open to 0.0.0.0/0, a backlog of 3,375 Security Hub findings, IAM users without MFA, and Lambda functions running deprecated runtimes (java8, nodejs12.x, python3.7).
• Execution and roadmap: Quick wins ($755/month) were executed in week 1. A prioritized 90-day remediation plan was delivered covering the remaining cost optimizations and the full security remediation backlog.