Cloud Cost Optimisation Playbook.

Track effective savings rate as your single commitment KPI, not coverage or utilization. ProsperOps documented an environment at 100 percent RI coverage and 100 percent utilization that still cost about 16 percent more than running everything on-demand, so the dashboard metrics most teams celebrate can hide outright losses.

Rightsize the fleet before buying any commitment. A three-year reservation against an oversized fleet locks the inefficiency in for the full term, because nobody downsizes an instance they have already paid for.

Analyze at least 60 days of usage history before any purchase. Commitments bought against a short or unrepresentative window inherit seasonal peaks as permanent fixed cost (OneUptime engineering guidance).

Commit to roughly 80 percent of the observed usage floor, never the average. OneUptime's worked guidance is to find the minimum hourly rate and commit to 80 percent of it, keeping the rest on-demand, because committing to the average converts elastic spend into a fixed liability that bills whether or not the workload exists.

Layer flexible compute savings plans over the stable base before any instance-family commitments. Instance-specific commitments bought first strand you when teams migrate families or regions, while the flexible layer follows the workload.

Buy on a rolling ladder of smaller tranches instead of one annual purchase. A single large tranche freezes your discount posture for one to three years and removes your ability to respond to rightsizing wins or workload churn.

Review the commitment portfolio against actual usage monthly. Datadog found only 29 percent of organizations buy enough discounts to cover even half of eligible spend, and drift in either direction (under-coverage or stranded reservations) burns money silently every hour.

Benchmark your ESR against the published distribution and set a target. The median sits at 15 percent and the 98th percentile at 47 percent (ProsperOps), and the median was 0 percent as recently as 2023, so a team with no target is most likely saving close to nothing.

Install memory telemetry on every instance before acting on any rightsizing recommendation. AWS Compute Optimizer sees no memory data without the CloudWatch agent, and CPU-only downsizing pushes memory-bound services into OOM kills that poison engineering trust in all future recommendations.

Require at least two weeks of full telemetry before any downsize action. Resizing on a partial window misses weekly batch jobs and month-end peaks, and one avoidable incident costs more goodwill than the instance saved.

Compare container resource requests against measured usage every sprint. Datadog found 29 percent of container spend is workload idle, meaning containers reserving CPU and memory they never touch.

Set Kubernetes requests from observed peak percentiles, not developer guesses. Cast AI measured average cluster CPU utilization at 10 percent, meaning the default guess reserves roughly ten times the compute the workload actually uses.

Attack cluster idle by tightening node autoscaling and bin packing. Cluster idle (nodes overprovisioned beyond what workloads request) is the single largest slice of container waste at 54 percent of container spend (Datadog).

Sweep for zombie resources monthly: unattached volumes, idle load balancers, orphaned IPs, stale snapshots. These bill at full rate forever, attached to nothing, and no utilization dashboard ever flags them.

Schedule non-production environments off outside working hours. A dev environment running 168 hours a week to serve 50 hours of work pays a roughly 3x premium for nothing.

Migrate stateless workloads to ARM instances where supported. AWS prices Graviton instances up to 20 percent below comparable x86 instances, and organizations already on ARM route 18 percent of their EC2 compute spend there (Datadog), a rare same-workload, cheaper-silicon win.

Treat your largest line items as engineering investigations, not procurement problems. Segment's deep dive into a runaway AWS bill yielded about $1M in annual savings, and a major culprit was a single hot DynamoDB partition key created by leftover test code, a bug no discount lever could fix (InformationWeek).

Use the price-capacity-optimized allocation strategy as your default. AWS names it the first preference and default for most spot workloads; in AWS's own comparison the lowest-price strategy hit a 20 percent interruption rate versus 3 percent for price-capacity-optimized.

Diversify each spot fleet across multiple instance types, sizes, and every availability zone. A fleet drawing from one or two pools turns a routine capacity reclaim into an outage instead of a transparent replacement.

Enable capacity rebalancing so replacements launch on rebalance recommendations. Waiting for the two-minute interruption notice means racing the clock, while rebalance signals usually arrive earlier and let replacements warm up first.

Engineer for the two-minute notice with checkpointing, lifecycle hooks, and fast drains. The warning window is two minutes and replacements are not guaranteed: in One2N's October 2024 production incident, replacement capacity that normally arrives within about three minutes failed to show up, turning a routine reclaim into extended downtime.

Keep single-replica and stateful critical services off spot entirely. AWS does not respect PodDisruptionBudgets when reclaiming spot capacity, so the Kubernetes safety rails you rely on simply do not apply (One2N).

Monitor your spot-to-on-demand ratio and alert when fallback drifts. Autoscalers quietly fall back to on-demand when spot pools dry up, and the savings you budgeted for evaporate without anyone noticing.

Check Spot Instance Advisor interruption bands before selecting instance types. AWS publishes per-type reclaim frequency in monthly bands from under 5 percent to over 20 percent, and picking blind means inheriting the worst pools.

Budget spot savings at 59 to 77 percent, not the 90 percent marketing ceiling. Cast AI's benchmark measured 59 percent average savings for mixed clusters and 77 percent for spot-only, and forecasting the ceiling sets your program up to look like a failure.

Use explicit lifecycle rules for predictable access patterns and Intelligent-Tiering only for unknown ones. Logs, temp files, and compliance archives have known lifetimes, so paying Intelligent-Tiering monitoring fees to rediscover what you already know is pure overhead.

Check object size distribution before enabling Intelligent-Tiering on any bucket. Objects under 128 KB are never auto-tiered and always bill at frequent-access rates (AWS), so a small-object bucket gets nothing from the storage class.

Price the per-object monitoring fee against projected savings for buckets with millions of objects. At $0.0025 per 1,000 objects monthly, a bucket of hundreds of millions of tiny objects can pay more in monitoring than tiering ever saves.

Verify objects will live past 90 days before archiving to Glacier tiers. Objects archived to Glacier Instant Retrieval and Glacier Flexible Retrieval are charged a 90-day minimum storage duration, so archiving short-lived data means paying for storage you already deleted (AWS S3 pricing).

Account for 40 KB of per-object metadata overhead in any archive migration plan. Each object archived to Glacier Flexible Retrieval or Deep Archive carries 8 KB charged at S3 Standard rates plus 32 KB at Glacier rates, which quietly erases the savings on small objects (AWS S3 pricing).

Set expiration rules for data nobody will ever read again. The cheapest storage class is deletion, and unexpired build artifacts, debug logs, and intermediate datasets compound monthly forever.

Delete unattached volumes and prune snapshot chains on a schedule. Block storage detached from any instance bills at full rate, and snapshot sprawl is the most common storage line item nobody owns.

Review the storage class mix quarterly against actual access logs. Access patterns drift as products age, and AWS prices untouched objects up to 68 percent lower one tier down, so data parked one tier too high is a standing overpayment (AWS Intelligent-Tiering pricing).

Add VPC gateway endpoints for S3 and DynamoDB in every VPC. Geocodio paid $907 in one day routing same-region S3 traffic through a NAT gateway at $0.045 per GB, when the gateway endpoint that fixes it costs nothing.

Break NAT gateway data processing out as its own monitored line item. It hides inside the EC2-other bucket on most bills, so a five-figure routing mistake can sit invisible inside an aggregate line nobody questions.

Map cross-AZ traffic between chatty services and enable topology-aware routing. Cross-AZ transfer hits 98 percent of organizations and is largely self-inflicted architecture, which means it is also largely fixable (Datadog).

Offload internet-facing traffic to a CDN before it leaves the cloud at retail rates. Raw internet egress is among the highest-margin items on the bill: Cloudflare estimates AWS marks up US and EU egress bandwidth by roughly 80x its cost, a competitor's estimate but a useful anchor on egress margins.

Enable cost anomaly detection on day one. It is free, and it caught Geocodio's NAT spike within days while teams without it learn about transfer surprises on the monthly invoice.

Price data gravity before committing to any multi-region or multi-cloud design. Replication and inter-region transfer fees can dominate the compute savings the design was supposed to deliver, and they recur forever.

Use the exit-fee waivers as negotiating leverage at renewal. AWS, Google, and Microsoft all waived switching egress in early 2024 (InfoQ), and the EU Data Act prohibits all switching charges including egress from January 12, 2027 (Kemp IT Law), so the lock-in premium baked into your current discount is negotiable.

Colocate chatty service pairs in the same zone where the availability budget allows. Paying per-gigabyte rates for internal microservice chatter is an architecture tax with no resilience benefit when both services share a failure domain anyway.

Make engineering teams own their cloud costs, with finance as partner rather than police. Only about a third of organizations report an exact understanding of where cloud spend goes, while 81 percent of those with engineering ownership say spend is about where it should be (CloudZero).

Allocate 100 percent of spend to owning teams through tags, accounts, or namespaces. Only one in four organizations achieve full cost allocation (CloudZero), and shared-bucket costs are where waste hides because cutting them is nobody's job.

Report unit economics (cost per transaction, per customer, per request) alongside totals. Absolute spend cannot answer the CFO's real question; rising spend with falling cost per unit is growth, and only the unit number proves it.

Set hard quota caps on serverless and autoscaling services, because budgets are alarms, not brakes. Milkie Way burned $72,000 in a few hours on a $7 budget when Cloud Run defaults fanned out a recursive job, and GCP billing data ran at least a day behind actual usage, so the alert could only arrive after the damage was done.

Run a weekly cost review with same-week anomaly response. A monthly cadence gives every leak up to 30 days of free runway; a weekly review caps the blast radius of any pricing change, misconfiguration, or runaway autoscaler at seven days.

Pull observability and SaaS spend into scope, not just IaaS. Monitoring scales with cardinality rather than value, and one Datadog customer, identified by The Pragmatic Engineer as Coinbase, paid roughly $65M for a single year of Datadog usage.

Adopt the FOCUS billing standard if you run more than one cloud. Normalized billing columns are the prerequisite plumbing for any allocation or unit-cost effort, and AWS, Azure, and Google Cloud all now ship native FOCUS exports (FinOps Foundation).

Size the practice to the bill: a disciplined quarterly cadence can beat a standing FinOps team at lower spend. The FinOps Foundation's own maturity model says the goal should never be to reach the highest maturity in every capability; mature only what returns business value, which for smaller or stable bills can be a lightweight recurring review.

Instrument cost per deploy decision: make engineers see the price of what they ship. 69 percent of IT leaders report cloud budget overruns, and the minority who stay on budget credit accurate forecasting (66 percent) and proactive spend monitoring (61 percent), not after-the-fact cleanup (Gartner Peer Community).