Lab: Implementing AWS Cost Optimization and Governance
Determine a cost optimization strategy to meet solution goals and objectives
Lab: Implementing AWS Cost Optimization and Governance
This lab guides you through the practical application of cost optimization strategies as defined in the AWS Certified Solutions Architect - Professional (SAP-C02) curriculum. You will focus on visibility, governance, and rightsizing tools.
Prerequisites
- AWS Account: An active AWS account is required.
- IAM Permissions: You must have
AdministratorAccessor equivalent permissions to manage Budgets, Compute Optimizer, and Tagging. - AWS CLI: Installed and configured on your local machine with
<YOUR_REGION>(e.g.,us-east-1). - Basic Knowledge: Familiarity with EC2, S3, and the AWS Management Console.
Learning Objectives
By the end of this lab, you will be able to:
- Create and manage AWS Budgets to track spending against targets.
- Enable and interpret AWS Compute Optimizer findings for rightsizing.
- Implement a tagging strategy using the AWS CLI for cost allocation.
- Utilize S3 Storage Lens to identify cost-saving opportunities in storage.
Architecture Overview
In this lab, you will interact with various AWS management services that monitor and govern your resource consumption without necessarily deploying heavy infrastructure.
Step-by-Step Instructions
Step 1: Create a Monthly Cost Budget
Setting up a budget is the first step in the FinOps "Visibility" phase. We will create a budget that alerts you when 80% of a $10 monthly limit is reached.
CLI Instructions:
- Create a file named
budget.jsonlocally:
{
"BudgetName": "Monthly_Lab_Budget",
"BudgetLimit": { "Amount": "10.0", "Unit": "USD" },
"TimeUnit": "MONTHLY",
"BudgetType": "COST"
}- Execute the following command:
aws budgets create-budget --account-id <YOUR_ACCOUNT_ID> --budget file://budget.json --notifications-with-subscribers '[]'▶Console alternative
- Navigate to the AWS Billing and Cost Management console.
- In the left navigation pane, choose Budgets.
- Click Create budget.
- Choose Cost budget (Recommended) and click Next.
- Set Budget name to
Monthly_Lab_Budgetand Amount to$10. - Click Next to configure alerts and finish.
[!TIP] In a production environment, always link your budget to an SNS topic for automated incident response (e.g., triggering a Lambda to stop dev instances).
Step 2: Enable AWS Compute Optimizer
Compute Optimizer uses machine learning to recommend rightsizing. It requires at least 30 hours of resource metrics to provide deep insights, but we will ensure it is enabled.
CLI Instructions:
aws compute-optimizer update-enrollment-status --status Active▶Console alternative
- Search for Compute Optimizer in the AWS Console.
- If not already enabled, click Get started.
- Select Opt-in for the current account.
Step 3: Implement Tagging for Cost Allocation
Tagging allows you to attribute costs to specific departments or projects. We will tag an existing resource (or a placeholder) with a CostCenter tag.
CLI Instructions:
- Identify a resource ARN (e.g., an S3 bucket or EC2 instance).
- Run the following:
aws resourcegroupstaggingapi tag-resources --resource-arn-list <YOUR_RESOURCE_ARN> --tags CostCenter=Research-101Step 4: Configure S3 Storage Lens
S3 Storage Lens provides organization-wide visibility into object-storage usage and activity trends.
Console Instructions:
- Navigate to S3 > Storage Lens > Dashboards.
- Observe the
default-account-dashboard(created by AWS automatically). - Click on the dashboard and look for the Cost optimization tab to find incomplete multi-part uploads or expired object versions.
Checkpoints
| Verification Task | Command / Action | Expected Result |
|---|---|---|
| Verify Budget | aws budgets describe-budgets --account-id <YOUR_ACCOUNT_ID> | JSON output containing Monthly_Lab_Budget |
| Check Tagging | aws resourcegroupstaggingapi get-resources --tag-filters Key=CostCenter,Values=Research-101 | The ARN of your tagged resource appears |
| Check Opt-in | aws compute-optimizer get-enrollment-status | Status should be Active |
Concept Review
Understanding the trade-off between cost and performance is central to the SAP-C02 exam. The following diagram illustrates the "Optimization Zone."
\begin{tikzpicture}[scale=0.8] % Axes \draw[->, thick] (0,0) -- (6,0) node[right] {Performance}; \draw[->, thick] (0,0) -- (0,6) node[above] {Cost};
% Curves
\draw[blue, thick] (0.5,5.5) to [out=-80, in=170] (5.5,0.5);
\node[blue] at (4,3) {Underutilized};
\node[red] at (1,1) {Optimized Zone};
% Highlight point
\filldraw[red] (1.5,1.5) circle (2pt);
\draw[dashed] (1.5,0) -- (1.5,1.5) -- (0,1.5);
% Annotations
\draw [decorate,decoration={brace,amplitude=5pt,mirror,raise=4pt},yshift=0pt] (0.5,5.5) -- (2.5,2.5) node [black,midway,xshift=1.2cm, yshift=0.5cm] {Waste};\end{tikzpicture}
Comparison of Purchasing Models
| Model | Commitment | Discount | Best Use Case |
|---|---|---|---|
| On-Demand | None | 0% | Spiky, unpredictable workloads |
| Spot Instances | None (Interruptible) | Up to 90% | Batch processing, stateless apps |
| Savings Plans | 1 or 3 years | Up to 72% | Consistent compute usage (EC2, Fargate, Lambda) |
Troubleshooting
| Problem | Potential Cause | Solution |
|---|---|---|
AccessDenied when creating budget | Missing IAM budgets:ModifyBudget | Update IAM policy to include Budget permissions. |
| No data in Compute Optimizer | New account or no active resources | Ensure resources (EC2/EBS) have been running for at least 30 hours. |
| CLI command not found | AWS CLI not installed | Install the v2 AWS CLI and run aws configure. |
Challenge
Goal: Create an AWS Budget Action.
- Modify your budget to include an "Action" that attaches an IAM policy to a specific user to restrict resource creation if the budget is exceeded by 100%.
- Hint: Use the
aws budgets create-budget-actioncommand.
Cost Estimate
- AWS Budgets: First 2 action-enabled budgets are free; otherwise, $0.02/day per budget.
- Compute Optimizer: Free for standard EC2/EBS/Lambda metrics.
- S3 Storage Lens: Free tier includes 28 metrics; Advanced metrics cost $0.20 per million objects monitored.
- Total Estimated Lab Cost: $0.00 (within Free Tier).
Clean-Up / Teardown
[!WARNING] Failure to delete budgets and remove tags can lead to minor ongoing costs if you exceed free limits.
- Delete the Budget:
aws budgets delete-budget --account-id <YOUR_ACCOUNT_ID> --budget-name Monthly_Lab_Budget- Remove the Tag:
aws resourcegroupstaggingapi untag-resources --resource-arn-list <YOUR_RESOURCE_ARN> --tag-keys CostCenter- Opt-out of Compute Optimizer (Optional):
aws compute-optimizer update-enrollment-status --status Inactive