Cost Optimization

Purpose

Cloud cost optimization transforms uncontrolled spending into strategic resource allocation through the FinOps lifecycle: Inform, Optimize, and Operate. This skill provides decision frameworks for commitment-based discounts (Reserved Instances, Savings Plans), right-sizing strategies, Kubernetes cost management, and automated cost governance across multi-cloud environments.

When to Use This Skill

Invoke cost-optimization when:

• Reducing cloud spend by 15-40% through systematic optimization
• Implementing cost visibility dashboards and allocation tracking
• Establishing budget alerts and anomaly detection
• Optimizing Kubernetes resource requests and cluster efficiency
• Managing Reserved Instances, Savings Plans, or Committed Use Discounts
• Automating idle resource cleanup and right-sizing recommendations
• Setting up showback/chargeback models for internal teams
• Preventing cost overruns through CI/CD cost estimation (Infracost)
• Responding to finance team requests for cloud cost reduction

FinOps Principles

The FinOps Lifecycle

┌─────────────────────────────────────────────────────┐
│  INFORM → OPTIMIZE → OPERATE (continuous loop)      │
│    ↓         ↓           ↓                          │
│ Visibility  Action   Automation                     │
└─────────────────────────────────────────────────────┘

Inform Phase: Establish cost visibility

• Enable cost allocation tags (Owner, Project, Environment)
• Deploy real-time cost dashboards for engineering teams
• Integrate cloud billing data (AWS CUR, Azure Consumption API, GCP BigQuery)
• Set up Kubernetes cost monitoring (Kubecost, OpenCost)

Optimize Phase: Take action on cost drivers

• Purchase commitment-based discounts (40-72% savings)
• Right-size over-provisioned resources (target 60-80% utilization)
• Implement spot/preemptible instances for fault-tolerant workloads
• Clean up idle resources (unattached volumes, old snapshots)

Operate Phase: Automate and govern

• Budget alerts with cascading notifications (50%, 75%, 90%, 100%)
• Automated cleanup scripts for idle resources
• CI/CD cost estimation to prevent surprise increases
• Continuous monitoring with anomaly detection

Core FinOps Principles

1. Collaboration: Cross-functional teams (finance, engineering, operations, product)
2. Accountability: Teams own the cost of their services
3. Transparency: All costs visible and understandable to stakeholders
4. Optimization: Continuous improvement of cost efficiency

For detailed FinOps maturity models and organizational structures, see references/finops-foundations.md.

Cost Optimization Strategies

1. Commitment-Based Discounts

Reserved Instances (RIs): 40-72% discount for 1-3 year commitments

• Standard RI: Instance type locked, highest discount (60% for 3-year)
• Convertible RI: Flexible instance types, moderate discount (54% for 3-year)
• Use for: Databases (RDS, ElastiCache), stable production EC2 workloads

Savings Plans: Flexible compute commitments

• Compute Savings Plans: Applies to EC2, Fargate, Lambda (54% discount for 3-year)
• EC2 Instance Savings Plans: Tied to instance family (66% discount for 3-year)
• Use for: Workloads that change instance types or regions

GCP Committed Use Discounts (CUDs): 25-70% discount

• Resource-based CUDs: Commit to vCPU, memory, GPUs
• Spend-based CUDs: Commit to dollar amount (flexible)
• Sustained Use Discounts: Automatic 20-30% discount for sustained usage (no commitment)

Decision Framework:

Reserve when:
├─ Workload is production-critical (24/7 uptime required)
├─ Usage is predictable (stable baseline over 6+ months)
├─ Architecture is stable (unlikely to change instance types)
└─ Financial commitment acceptable (1-3 year lock-in)

Use On-Demand when:
├─ Development/testing environments
├─ Unpredictable spiky workloads
├─ Short-term projects (<6 months)
└─ Evaluating new instance types

For detailed commitment strategies and RI coverage analysis, see references/commitment-strategies.md.

2. Spot and Preemptible Instances

Discount: 70-90% off on-demand pricing (interruptible with 2-minute warning)

Use Spot For: CI/CD workers, batch jobs, ML training (with checkpointing), Kubernetes workers, data analytics Avoid Spot For: Stateful databases, real-time services, long-running jobs without checkpointing

Best Practices:

• Diversify instance types and spread across Availability Zones
• Implement graceful shutdown handlers
• Auto-fallback to on-demand when capacity unavailable
• Kubernetes: Mix 70% spot + 30% on-demand nodes with taints/tolerations

3. Right-Sizing Strategies

Target Utilization: 60-80% average (leave headroom for spikes)

Compute Right-Sizing:

• Analyze actual CPU/memory utilization over 30+ days
• Downsize instances with <40% average utilization
• Consolidate underutilized workloads
• Switch instance families (compute-optimized vs. memory-optimized)

Database Right-Sizing:

• Analyze connection pool usage (max connections vs. allocated)
• Downgrade storage IOPS if utilization <50%
• Evaluate read replica necessity (can caching replace it?)
• Consider serverless options (Aurora Serverless, Azure SQL Serverless)

Kubernetes Right-Sizing:

• Set requests = average usage (not peak)
• Set limits = 2-3x requests (allow bursting)
• Use Vertical Pod Autoscaler (VPA) for automated recommendations
• Identify pods with 0% CPU usage (candidates for consolidation)

Storage Right-Sizing:

• Delete unattached volumes (EBS, Azure Disks, GCP Persistent Disks)
• Delete old snapshots (>90 days, retention policy not required)
• Implement lifecycle policies (S3 Intelligent-Tiering, Azure Blob Lifecycle)
• Compress/deduplicate data

Right-Sizing Tools:

• AWS Compute Optimizer: ML-based EC2, Lambda, EBS recommendations
• Azure Advisor: VM rightsizing, reserved instance advice
• GCP Recommender: VM, disk, commitment recommendations
• VPA (Vertical Pod Autoscaler): Automated container resource requests

4. Kubernetes Cost Management

Resource Requests and Limits:

# Set requests = average usage (enables efficient bin-packing)
resources:
  requests:
    cpu: 500m        # 0.5 CPU cores (average usage)
    memory: 1Gi      # 1 GiB memory (average usage)
  limits:
    cpu: 1500m       # 1.5 CPU cores (3x requests, allows bursting)
    memory: 3Gi      # 3 GiB memory (3x requests)

Namespace Quotas: Prevent runaway resource consumption

• ResourceQuota: Limit total CPU/memory per namespace
• LimitRange: Default/max requests per pod
• PriorityClass: Ensure critical pods get resources

Cluster Autoscaling:

• Scale down idle nodes to reduce costs
• Scale-to-zero for dev clusters during off-hours
• Use multiple node pools (spot + on-demand mix)
• Set max node limits to prevent overspend

Cost Visibility:

• Deploy Kubecost or OpenCost for namespace-level cost tracking
• Allocate costs by labels (team, project, environment)
• Track idle cost (cluster capacity not allocated to workloads)
• Generate showback/chargeback reports

For detailed Kubernetes cost optimization patterns, see references/kubernetes-cost-optimization.md.

Cost Visibility and Monitoring

Tagging for Cost Allocation

Required Tags:

• Owner or Team - Responsible team/department
• Project or Application - Business unit or application name
• Environment - prod, staging, dev, test
• CostCenter - Finance cost center code

Enable Cost Allocation Tags:

• AWS: Activate tags in Cost Allocation Tags console
• Azure: Apply tags via Azure Policy enforcement
• GCP: Use labels on all resources, export to BigQuery

For comprehensive tagging strategies, see references/tagging-for-cost-allocation.md.

Monitoring and Dashboards

Native Cloud Tools:

• AWS Cost Explorer: Analyze spending patterns, forecast costs
• Azure Cost Management + Billing: Budget tracking, cost analysis
• GCP Cloud Billing: BigQuery export for custom analysis

Third-Party Platforms:

• Kubecost: Kubernetes cost visibility and optimization
• CloudZero: Unit cost economics, anomaly detection
• CloudHealth: Multi-cloud cost management
• Infracost: Terraform cost estimation in CI/CD

Key Metrics to Track:

• Total monthly cloud spend (trend over time)
• Cost per service/team/project (allocation accuracy)
• Unit cost metrics (cost per customer, cost per transaction)
• Reserved Instance/Savings Plan utilization (target >95%)
• Idle resource waste (target <5% of total spend)
• Budget variance (forecasted vs. actual)

Budget Alerts and Anomaly Detection

Cascading Budget Alerts:

50% of budget  → Email to team lead (informational)
75% of budget  → Email + Slack to team (warning)
90% of budget  → Email + Slack + PagerDuty (urgent)
100% of budget → Automated shutdown (non-prod only) or escalation

Anomaly Detection: Alert on unexpected cost spikes

• 20% cost increase week-over-week

• $500 unexpected daily cost spike

• New resource types (unusual spend patterns)

Budget Granularity:

• Organization-level (total cloud spend)
• Department-level (engineering, data, marketing)
• Project-level (per application/service)
• Environment-level (prod vs. dev/staging)

Decision Frameworks

Framework 1: Commitment Discount Decision Tree

Should we purchase Reserved Instances / Savings Plans?

STEP 1: Analyze Historical Usage (6-12 months)
├─ Identify steady-state baseline (minimum usage)
├─ Exclude spiky/seasonal workloads
└─ Calculate: (baseline usage) / (total usage) = commitment %

STEP 2: Choose Commitment Type
├─ RESERVED INSTANCES
│   ├─ Pros: Highest discount (up to 72%)
│   ├─ Cons: Instance type locked (unless convertible)
│   └─ Use for: Databases, stable production workloads
│
├─ SAVINGS PLANS
│   ├─ Pros: Flexible (across instance types, regions)
│   ├─ Cons: Slightly lower discount than RI
│   └─ Use for: Compute workloads, Lambda, Fargate
│
└─ COMMITTED USE DISCOUNTS (GCP)
    ├─ Resource-based: vCPU/memory commitments
    └─ Spend-based: Dollar amount commitments

STEP 3: Determine Commitment Period
├─ 1-year commitment
│   ├─ Lower discount (40-50%)
│   └─ Less risk if architecture changes
│
└─ 3-year commitment
    ├─ Higher discount (60-72%)
    └─ Only for mature, stable workloads

STEP 4: Monitor and Optimize
├─ Target >95% RI/Savings Plan utilization
├─ Sell unused RIs on AWS Reserved Instance Marketplace
└─ Adjust commitments quarterly based on usage trends

Framework 2: Right-Sizing Priority Matrix

Cost Impact vs. Effort:

High Impact, Low Effort (DO FIRST):

• Idle resources (100% waste): Stopped instances, unattached volumes, old snapshots
• Unused NAT Gateways ($32/month each)
• Over-provisioned databases (<20% CPU for 30 days)
• Kubernetes pods with no resource requests set

High Impact, Medium Effort (DO SECOND):

• Over-provisioned compute (<40% CPU/memory for 30 days)
• Lambda functions with max memory >2x used memory
• Storage optimization (S3 Intelligent-Tiering, gp3 vs. gp2)

Low Impact, High Effort (DO LAST):

• Application code optimization (requires profiling, refactoring)
• Architecture redesign (serverless migration, multi-region optimization)

Weekly Optimization Routine:

1. Delete idle resources (automated script)
2. Review top 10 cost drivers (manual analysis)
3. Right-size 3-5 instances/week (incremental approach)
4. Monitor impact (cost trend over 4 weeks)

Framework 3: Spot vs. On-Demand Decision

Should this workload use Spot/Preemptible instances?

├─ Is the workload fault-tolerant?
│   ├─ NO → Use On-Demand
│   └─ YES → Continue
│
├─ Is the workload stateless (or has checkpointing)?
│   ├─ NO → Use On-Demand (data loss risk)
│   └─ YES → Continue
│
├─ Can the workload handle interruptions gracefully?
│   ├─ NO → Use On-Demand
│   └─ YES → Continue
│
└─ Workload Type Assessment:
    ├─ Batch Jobs / CI/CD → ✅ Use Spot (70-90% savings)
    ├─ ML Training → ✅ Use Spot (with checkpointing)
    ├─ Kubernetes Workers → ✅ Use Spot (mixed with on-demand)
    ├─ Production API Servers → ⚠️ Mixed fleet (70% spot, 30% on-demand)
    ├─ Databases → ❌ Use On-Demand (or Reserved)
    └─ Real-time Services → ❌ Use On-Demand (or Reserved)

Tool Selection Guide

By Platform

Platform	Cost Visibility	Right-Sizing	Automation
AWS	Cost Explorer, CUR	Compute Optimizer	AWS Budgets, Lambda cleanup
Azure	Cost Management	Azure Advisor	Azure Policy, Automation
GCP	Cloud Billing	Recommender	Budget Alerts, Cloud Functions
Kubernetes	Kubecost, OpenCost	VPA	Cluster Autoscaler
Multi-Cloud	CloudZero, CloudHealth	Densify	ParkMyCloud

By Use Case

Use Case	Recommended Tool	Key Feature
K8s cost visibility	Kubecost	Real-time namespace cost allocation
Terraform cost estimation	Infracost	PR comments with cost diffs
Multi-cloud aggregation	CloudHealth	Unified cost view across AWS/Azure/GCP
Automated optimization	nOps (AWS), CAST AI (K8s)	ML-based automation
Unit cost economics	CloudZero	Cost per customer/transaction tracking
Spot instance management	Spot.io	Automated spot orchestration

For detailed tool comparisons and selection criteria, see references/tools-comparison.md.

Cloud-Specific Tactics

AWS Optimization Tactics

1. Enable Cost & Usage Reports (CUR): Export detailed billing to S3
2. Use AWS Compute Optimizer: ML-based EC2 rightsizing recommendations
3. Implement Savings Plans: More flexible than Reserved Instances
4. S3 Intelligent-Tiering: Automatic storage class optimization
5. Lambda Right-Sizing: Adjust memory allocation (CPU scales proportionally)
6. EBS gp3 Migration: 20% cheaper than gp2 with same performance

Azure Optimization Tactics

1. Enable Azure Advisor: VM rightsizing and reserved instance recommendations
2. Azure Hybrid Benefit: Bring Windows Server licenses for discounts
3. Dev/Test Pricing: Reduced rates for non-production workloads
4. Azure Spot VMs: Up to 90% discount for interruptible workloads
5. Storage Lifecycle Management: Auto-tier blobs to cool/archive tiers

GCP Optimization Tactics

1. Export Billing to BigQuery: Custom cost analysis with SQL
2. Sustained Use Discounts: Automatic 20-30% discount (no commitment)
3. Committed Use Discounts: 52-70% savings for 3-year commitments
4. Preemptible VMs: Up to 91% discount for batch workloads
5. GCP Recommender: Idle VM detection and rightsizing advice

For cloud-specific deep dives, see references/cloud-specific-tactics.md.

Implementation Checklist

Phase 1: Establish Visibility (Week 1-2)

• Enable cost allocation tags (Owner, Project, Environment)
• Activate cost allocation tags in cloud billing console
• Deploy Kubecost for Kubernetes cost visibility (if using K8s)
• Create cost dashboards (Grafana, CloudWatch, Azure Monitor, GCP)
• Set up weekly cost reports (emailed to team leads)

Phase 2: Set Up Governance (Week 2-3)

• Create budget alerts (50%, 75%, 90%, 100% thresholds)
• Enable anomaly detection (>20% WoW increase)
• Implement tagging policy enforcement (Azure Policy, AWS Config, GCP Org Policy)
• Establish showback reports (cost by team/project)
• Document cost ownership (who owns which services)

Phase 3: Quick Wins (Week 3-4)

• Delete idle resources (unattached volumes, old snapshots)
• Stop/terminate unused development instances
• Right-size top 10 over-provisioned instances (<40% utilization)
• Implement S3 Intelligent-Tiering or lifecycle policies
• Evaluate Reserved Instance/Savings Plan coverage

Phase 4: Commitment Discounts (Month 2)

• Analyze 6-12 months usage history
• Calculate baseline usage for commitment sizing
• Purchase Reserved Instances for databases
• Purchase Savings Plans for compute workloads
• Monitor RI/SP utilization (target >95%)

Phase 5: Automation (Month 2-3)

• Deploy automated cleanup scripts (weekly schedule)
• Integrate Infracost into CI/CD pipelines
• Implement auto-shutdown for dev/test environments (off-hours)
• Enable Vertical Pod Autoscaler (VPA) for K8s rightsizing
• Set up Spot instance automation (Spot.io, CAST AI, or native)

Phase 6: Continuous Optimization (Ongoing)

• Weekly cost reviews with engineering teams
• Monthly optimization sprints (top cost drivers)
• Quarterly commitment adjustments (RI/SP coverage)
• Annual FinOps maturity assessment

Common Pitfalls

Pitfall 1: No Cost Visibility

❌ Problem: Finance team sees cloud bill at end of month, surprises everywhere ✅ Solution: Deploy real-time cost dashboards, daily Slack reports to engineering teams

Pitfall 2: Reserved Instance Underutilization

❌ Problem: Purchased 100 RIs, only using 60 (40% wasted commitment) ✅ Solution: Monitor RI utilization weekly (target >95%), sell unused RIs on marketplace

Pitfall 3: Missing Kubernetes Resource Requests

❌ Problem: Pods with no requests set → inefficient bin-packing → wasted nodes ✅ Solution: Use VPA to auto-generate recommendations, enforce via admission control

Pitfall 4: Idle Resources Not Cleaned Up

❌ Problem: 50 stopped EC2 instances (still paying for EBS), 200 unattached volumes ✅ Solution: Weekly automated cleanup of idle resources >7 days old

Pitfall 5: No Budget Alerts

❌ Problem: Accidentally left test cluster running, $10K bill surprise ✅ Solution: Budget alerts at 50%, 75%, 90%, 100% with Slack/PagerDuty notifications

Related Skills

• resource-tagging: Cost allocation tags enable showback/chargeback models
• kubernetes-operations: K8s rightsizing, VPA, cluster autoscaling for cost optimization
• infrastructure-as-code: Infracost for Terraform cost estimation and policy-as-code
• aws-patterns: AWS-specific cost optimization tactics (EC2, RDS, S3, Lambda)
• gcp-patterns: GCP-specific optimizations (Compute Engine, BigQuery, Cloud Storage)
• azure-patterns: Azure-specific optimizations (VMs, Storage, App Service, Functions)
• platform-engineering: Internal FinOps platforms and self-service cost dashboards
• disaster-recovery: Balance cost vs. RTO/RPO (warm standby vs. cold standby)

Examples

See examples/ directory for:

• terraform/: AWS, Azure, GCP cost optimization infrastructure (budgets, alerts)
• kubernetes/: Kubecost deployment, resource quotas, VPA configurations
• ci-cd/: Infracost GitHub Actions, cost approval workflows
• dashboards/: Grafana cost dashboards, CloudWatch alarms

Scripts

See scripts/ directory for:

• cleanup_idle_resources.py: Automated AWS/Azure/GCP idle resource cleanup
• ri_coverage_report.py: Reserved Instance coverage analysis
• cost_allocation_report.py: Generate showback/chargeback reports
• spot_savings_calculator.py: Estimate savings from spot instances
• k8s_rightsizing_audit.py: Find K8s pods with missing resource requests

Key Takeaways

1. FinOps is a Culture: Collaboration between finance, engineering, and operations
2. Visibility First: Can't optimize what can't measure (tags + dashboards mandatory)
3. Commitment = Savings: Reserved Instances/Savings Plans provide 40-72% discounts
4. Right-Size Continuously: Target 60-80% utilization (leave headroom for spikes)
5. Automate Cleanup: Idle resources are 100% waste (weekly automated deletion)
6. Kubernetes Costs Hidden: Use Kubecost/OpenCost for namespace-level visibility
7. Shift-Left Cost Awareness: Infracost in CI/CD prevents surprise cost increases
8. Budget Alerts Prevent Overspend: Cascading notifications at 50%, 75%, 90%, 100%
9. Spot for Fault-Tolerant Workloads: 70-90% discount (CI/CD, batch jobs, ML training)
10. Unit Cost Metrics Drive Value: Track cost per customer, cost per transaction