You Are Paying for Third-Party Tools to Tell You Things AWS Already Tells You for Free
Here is something that genuinely frustrates us at LeanOps: we regularly audit companies paying $2,000-10,000/month for FinOps platforms, and when we ask what they use from AWS's built-in tools, the answer is usually "Cost Explorer, sometimes."
AWS provides five cost management tools that are completely free. Not "free tier with limits." Not "free for 30 days." Actually free, permanently, with no usage caps:
- Cost Explorer (12 months of cost data, filter by anything)
- AWS Budgets (alerts when spend approaches thresholds)
- Cost Anomaly Detection (ML-based spike detection)
- Compute Optimizer (rightsizing recommendations for EC2/Lambda/EBS/ECS)
- Trusted Advisor (broad optimization checks including cost)
Together, these tools catch 60-80% of the waste that paid tools find. The remaining 20-40% (Kubernetes pod-level allocation, automated implementation, multi-cloud visibility) is where paid tools earn their price. But if you are paying for tools before exhausting the free ones, you are wasting money on tools that find waste. The irony writes itself.
This post walks through each free AWS tool: what it does, how to configure it properly, what it catches, what it misses, and when you actually need to pay for something better.
Tool 1: AWS Cost Explorer
What it does: Visualizes and analyzes your AWS spending over time. 12 months of historical data, filterable by service, region, account, tag, instance type, and more.
Key Features (All Free)
| Feature | Details |
|---|---|
| Historical data | 12 months included |
| Granularity | Monthly, daily, hourly (hourly for last 14 days) |
| Filters | Service, account, region, tag, instance type, usage type |
| Forecasting | 12-month cost forecast based on trends |
| Rightsizing recommendations | EC2 instance suggestions (basic) |
| Savings Plans recommendations | Shows potential commitment savings |
| API access | $0.01 per paginated API request |
| Console access | Free, unlimited |
How to Get Maximum Value
Step 1: Enable hourly granularity. Go to Cost Explorer preferences and enable hourly data. This lets you pinpoint exactly when cost spikes occurred (not just which day).
Step 2: Create saved reports for your key views:
- Daily cost by service (catch growing services early)
- Monthly cost by linked account (if using Organizations)
- Cost by tag (if you tag by team/environment/product)
- EC2 cost by instance type (identify right-sizing opportunities)
Step 3: Use the forecasting feature. Cost Explorer's 12-month forecast uses your historical trend to project future spend. If the forecast exceeds your budget, act now rather than reacting to a surprise invoice.
Step 4: Check RI/SP recommendations monthly. Cost Explorer analyzes your On-Demand usage and recommends optimal Reserved Instance or Savings Plan purchases. These recommendations show expected savings percentage and breakeven point.
What Cost Explorer Catches
- Services growing faster than expected (runaway costs)
- Seasonal patterns (higher costs on weekdays, lower on weekends)
- Regional cost differences (that test cluster in ap-southeast-1 nobody shut down)
- Under-utilized Reserved Instances (RIs with low utilization %)
- Savings Plan opportunities (always-on workloads running On-Demand)
What Cost Explorer Misses
- Kubernetes pod-level costs (sees nodes, not workloads)
- Root cause of cost changes (shows the what, not the why)
- Cross-account cost anomalies (limited anomaly logic)
- Automated action (shows data, does not fix anything)
- Real-time data (hourly is the finest granularity, 24-48 hour delay on some services)
Tool 2: AWS Budgets
What it does: Sets spending thresholds and sends alerts when actual or forecasted costs approach or exceed those thresholds.
Pricing
| Feature | Cost |
|---|---|
| First 2 budgets | Free |
| Additional budgets | $0.02/budget/day (~$0.60/month per budget) |
| Budget actions (auto-response) | Free with budget |
| Alert notifications | Free (email, SNS, Chatbot) |
Budget Types
| Type | What It Tracks | Best For |
|---|---|---|
| Cost budget | Dollar spend | "Alert me if total spend exceeds $50K" |
| Usage budget | Service usage (hours, GB) | "Alert me if S3 exceeds 100TB" |
| RI utilization budget | Reserved Instance usage % | "Alert me if RI utilization drops below 80%" |
| SP utilization budget | Savings Plan usage % | "Alert me if SP coverage drops" |
Configuration Best Practices
Budget 1 (Free): Total monthly spend
- Set threshold at 80% and 100% of your expected monthly cost
- Add email alerts for engineering lead and finance
- Enable forecasted alert ("alert me if projected spend will exceed budget")
Budget 2 (Free): Top service cost
- Set a budget for your most expensive service (usually EC2 or RDS)
- Alert at 90% threshold
- This catches runaway compute before it tanks the whole bill
Paid budgets ($0.60/month each) worth adding:
- Per-environment budgets (dev, staging, prod)
- Per-team budgets (using cost allocation tags)
- RI/SP utilization budgets (catch commitment waste)
Budget Actions (Automated Response)
AWS Budgets can automatically take action when thresholds are exceeded:
| Action | What It Does | Risk Level |
|---|---|---|
| Apply IAM policy | Restrict new resource creation | Medium |
| Apply SCP (Organizations) | Block specific API calls | Medium |
| Stop EC2 instances | Shut down tagged instances | High |
Practical example: Create a budget for your development environment. When dev spend exceeds $5K/month, automatically apply an IAM policy that prevents launching new EC2 instances. Developers can still use existing resources but cannot spin up new ones until someone reviews and approves.
What Budgets Catches
- Spend exceeding plan (before the invoice arrives)
- Forecasted overruns (2-4 weeks ahead of actual overshoot)
- RI/SP under-utilization (commitment waste)
- Per-team/environment budget violations
What Budgets Misses
- Root cause (tells you "over budget" but not "because someone launched 50 m5.xlarge instances")
- Granular anomaly detection (binary threshold, not pattern-based)
- Cost optimization suggestions (just alerts, no recommendations)
Tool 3: AWS Cost Anomaly Detection
What it does: Uses machine learning to identify unusual spending patterns. Learns your normal spending baseline per service/account/tag, then alerts when actual spend deviates significantly.
Pricing: Completely Free
| Feature | Cost |
|---|---|
| Anomaly monitoring | Free |
| ML model training | Free |
| Alert notifications | Free |
| Root cause analysis | Free |
| Number of monitors | Unlimited |
| Historical anomaly view | Free (90 days) |
This is genuinely one of AWS's best-kept secrets. A machine-learning cost anomaly detection system that runs continuously, costs nothing, and catches spend spikes within hours. Most teams do not know it exists.
Monitor Types
| Monitor Type | What It Watches | Best For |
|---|---|---|
| AWS Services | Individual service costs | Catch runaway service costs |
| Linked Account | Per-account spend | Multi-account organizations |
| Cost Category | Custom-defined groups | Business-unit monitoring |
| Cost Allocation Tag | Tag-based groups | Team/product monitoring |
Setup (5 Minutes)
- Open AWS Cost Management console
- Click "Cost Anomaly Detection" in left sidebar
- Click "Create monitor"
- Select monitor type (start with "AWS Services" for broadest coverage)
- Set minimum impact threshold ($50-100 for small teams, $500+ for large)
- Add alert subscription (email address or SNS topic)
- Done. ML model starts learning immediately, operational in 7-14 days.
How the ML Model Works
The model establishes baselines using:
- Historical spending patterns (weekly, monthly cycles)
- Day-of-week patterns (weekday vs weekend)
- Growth trends (distinguishes organic growth from spikes)
- Service-specific patterns (batch jobs, scheduled tasks)
When actual spend exceeds the predicted range by your threshold amount, it triggers an alert with:
- Which service spiked
- How much above normal
- Root cause analysis (specific usage type, region, linked account)
- Duration of the anomaly
Real-World Example
A client's anomaly detection caught a $340/day spike in EC2 costs on a Tuesday. Root cause: an engineer launched 20 c5.4xlarge instances for a load test and forgot to terminate them. Without anomaly detection, this would have shown up on the monthly invoice 3 weeks later. Cost avoided: $7,140 (21 days x $340/day).
What Anomaly Detection Catches
- Unexpected service cost spikes (runaway instances, misconfigured autoscaling)
- Gradual cost creep that exceeds normal growth rate
- Data transfer spikes (cross-region, egress)
- New services with unexpected costs (first CloudFront bill, first NAT Gateway bill)
What Anomaly Detection Misses
- Costs that are "normal" but wasteful (idle instances that have always been idle)
- Slow growth within the expected range (20% monthly growth is "normal" if it has been trending that way)
- Kubernetes-internal costs (sees EC2 node costs, not pod-level waste)
- Rightsizing opportunities (detects spikes, not sustained over-provisioning)
Tool 4: AWS Compute Optimizer
What it does: Analyzes resource utilization for EC2, Lambda, EBS, and ECS, then recommends optimal configurations that cost less while meeting performance requirements.
Pricing
| Feature | Cost |
|---|---|
| Standard recommendations (14-day analysis) | Free |
| Enhanced metrics (93-day analysis) | $0.0003360164/resource/hour (~$0.25/resource/month) |
| External metrics (Datadog/CloudWatch integration) | Enhanced tier required |
What It Optimizes
| Resource | What It Recommends | Typical Savings |
|---|---|---|
| EC2 instances | Right instance type and size | 25-40% |
| EC2 Auto Scaling groups | Optimal instance mix | 15-30% |
| Lambda functions | Optimal memory configuration | 10-25% |
| EBS volumes | Right volume type (gp3 vs gp2, io2 vs io1) | 20-50% |
| ECS services on Fargate | Optimal CPU/memory | 20-35% |
How to Enable
Compute Optimizer requires opt-in:
- Go to AWS Compute Optimizer console
- Click "Opt in" (account-level or Organization-level)
- Wait 14 days for enough utilization data
- View recommendations per resource type
Reading Recommendations
Compute Optimizer categorizes resources into:
| Status | Meaning | Action |
|---|---|---|
| Under-provisioned | Performance risk, needs more resources | Upgrade (costs more but prevents issues) |
| Over-provisioned | Wasting money, needs fewer resources | Downsize (save money) |
| Optimized | Right-sized for current usage | No action needed |
| Not available | Insufficient data (<14 days) | Wait for more data |
Real Impact Example
A 50-instance EC2 fleet running m5.2xlarge (8 vCPU, 32GB) with average 15% CPU utilization:
- Compute Optimizer recommends m5.large (2 vCPU, 8GB) for 35 of the 50 instances
- Monthly savings: 35 instances x ($0.384 - $0.096)/hour x 730 hours = $7,358/month
- Annual savings: $88,296
That is from a free tool recommending instance changes. No third-party software needed.
What Compute Optimizer Catches
- Over-provisioned EC2 instances (the most common waste)
- Lambda functions with too much memory (paying for unused RAM)
- EBS volumes on expensive types (io1/io2 when gp3 suffices)
- Fargate tasks with excess CPU/memory allocation
What Compute Optimizer Misses
- Idle instances (it recommends smaller, not "shut this down")
- Schedule-based optimization ("run this only during business hours")
- Spot instance opportunities (does not recommend Spot)
- Kubernetes pod rightsizing (only sees nodes)
- Reserved Instance recommendations (separate tool in Cost Explorer)
Tool 5: AWS Trusted Advisor
What it does: Broad AWS best-practice checks across cost, performance, security, fault tolerance, and service limits.
Pricing
| Support Plan | Cost Checks Available |
|---|---|
| Basic/Developer | 6 cost checks (limited) |
| Business ($100+/month) | All 15+ cost checks |
| Enterprise | All checks + API access |
Free Cost Checks (Available to Everyone)
| Check | What It Finds |
|---|---|
| Low Utilization EC2 | Instances with <10% CPU for 14 days |
| Idle Load Balancers | ELBs with no active instances |
| Underutilized EBS Volumes | Volumes with minimal I/O |
| Unassociated Elastic IPs | EIPs not attached to instances ($3.60/month each) |
| Idle RDS Instances | RDS instances with no connections for 7 days |
| Route 53 Latency Record Sets | Unused Route 53 resources |
Business/Enterprise Plan Cost Checks
| Check | What It Finds | Typical Savings |
|---|---|---|
| Amazon EC2 Reserved Instance Optimization | Under-utilized RIs | $1K-50K/year |
| Amazon RDS Idle Instances | Idle databases | $100-2K/month |
| Amazon Redshift Cluster Configuration | Over-provisioned clusters | $500-5K/month |
| Savings Plan Coverage | Missing commitment discounts | 20-40% of compute |
| Lambda Functions with High Error Rates | Failing functions costing retries | Varies |
What Trusted Advisor Catches
- Obviously idle resources (zero traffic load balancers, unused EIPs)
- RI/SP optimization opportunities
- Security issues that indirectly cost money (open S3 buckets leading to data transfer charges)
What Trusted Advisor Misses
- Nuanced optimization (cannot tell you m5.large would work if you currently run m5.2xlarge)
- Anything Kubernetes-related
- Cross-service optimization (redundant services, architectural waste)
- Modern services (limited coverage of newer services like App Runner, Graviton recommendations)
Combining All 5 Tools: The Free AWS Cost Optimization Stack
Here is how to configure all five tools to work together:
Immediate Setup (Day 1, 30 minutes total)
| Tool | Action | Time |
|---|---|---|
| Cost Explorer | Enable hourly granularity, create 3 saved reports | 10 min |
| Budgets | Create 2 free budgets (total spend + top service) | 5 min |
| Anomaly Detection | Create "AWS Services" monitor with $100 threshold | 5 min |
| Compute Optimizer | Opt in (account or Organization) | 2 min |
| Trusted Advisor | Review all cost checks, bookmark the page | 5 min |
Ongoing Review Cadence
| Frequency | Tool | Action |
|---|---|---|
| Daily | Anomaly Detection alerts | React to spikes immediately |
| Weekly | Cost Explorer daily view | Spot trends, verify anomalies |
| Monthly | Compute Optimizer | Implement top 5 rightsizing recommendations |
| Monthly | Cost Explorer RI/SP recommendations | Evaluate commitment purchases |
| Quarterly | Trusted Advisor full review | Catch idle resources accumulating |
Expected Savings from Free Tools Alone
| Company Size (AWS spend) | Typical Annual Savings | Where Savings Come From |
|---|---|---|
| $5K-20K/month | $10K-30K/year | Rightsizing, idle resources, SP purchase |
| $20K-100K/month | $50K-200K/year | Rightsizing, anomaly prevention, commitments |
| $100K-500K/month | $200K-1M/year | Rightsizing, architecture, commitments |
These are conservative estimates based on what we see in LeanOps client engagements. The free tools identify the savings. Implementation requires engineering effort.
When to Upgrade to Paid Tools
Free AWS tools hit their limits in five scenarios:
1. Kubernetes Cost Allocation (Upgrade: Kubecost or OpenCost)
AWS tools see EC2 nodes. They cannot tell you that namespace "team-alpha" uses 40% of cluster resources while namespace "batch-jobs" uses 5%. For Kubernetes-native cost allocation, you need Kubecost or OpenCost.
2. Automated Implementation (Upgrade: CAST AI or Spot.io)
Compute Optimizer tells you to downsize. It does not actually downsize anything. If you have 200+ instances to rightsize and want automation, CAST AI or Spot.io implement changes automatically.
3. Multi-Cloud Visibility (Upgrade: CloudHealth or Vantage)
AWS tools see only AWS. If you run GCP and Azure alongside, you need a multi-cloud FinOps platform for unified visibility. See our multi-cloud FinOps guide.
4. Team-Level Accountability at Scale (Upgrade: Kubecost Enterprise or Finout)
AWS tags provide basic cost allocation, but at 20+ teams with complex shared infrastructure, you need virtual tagging, showback dashboards, and FinOps workflows that free tools cannot deliver.
5. Commitment Automation (Upgrade: nOps or Spot.io)
Cost Explorer recommends RI/SP purchases but does not execute them. If you want automated commitment purchasing that adapts to changing usage patterns, paid tools like nOps handle this continuously.
The Bottom Line
Before you spend $2,000/month on a FinOps platform, spend 30 minutes setting up AWS's free tools. Cost Anomaly Detection alone (completely free, takes 5 minutes to configure) catches cost spikes that most teams discover 18-26 days late on their invoice.
The free tool stack (Cost Explorer + Budgets + Anomaly Detection + Compute Optimizer + Trusted Advisor) identifies 60-80% of the waste that paid tools find. For most teams under $50K/month AWS spend, free tools plus disciplined monthly review are sufficient.
If your AWS spend exceeds $50K/month and you have already exhausted free tools, our team at LeanOps implements the automation, commitment strategy, and architectural changes that free tools cannot do alone. We typically cut AWS bills by 30-60% within 90 days. Get a free Cloud Waste Assessment to see exactly what the free tools have been missing.
Further reading:
