Saving a Few Shekels on your AWS bill

I have a jumpbox that I use to access resources in the cloud – and I use it at work, only during work hours and only on workdays.

There are usually 720 work hours in the month or 744 in months that have 31 days. Assuming that I want to run the instance for 12 hours a day and for 5 days a week. In order to calculate how many hours exactly – we will need an example.

The month of August, 2018


The work week in Israel is Sunday-Thursday (yeah – I know – we are special…).

August would have 22 work days. Total number of hours in August (31*24 = 744). 220 working hours in the month (22 working days multiplied by 10 hours per day).

The math is simple 220/744 – I only need the instance for 30% of the month – so why would I pay for all of it?

744 hours * $0.0464 (for a t2.medium instance in us-east-2) = $34.5216 and if I was to only pay for the hours that I was actually using the instance that would be 220 * $0.0464 = $10.208. A third of the cost. Simple math.

So there are multiple ways to do this – as a Lambda script, Cloud custodian – each of these work – very well and will work brilliantly at scale. For me it was a single machine and honestly I  could not be bothered to set up all the requirements to get everything working.

Simple solution – use cron. I don’t pay for resource usage by hour in my corporate network (If someone does – then you have my sympathies..) so I set up a simple cron job to do this.

To start up the instance:

0 8 * * 0,1,2,3,4 start-jumpbox

And to stop the instance at night

0 18 * * 0,1,2,3,4 stop-jumpbox

And what is the start/stop-jumpbox comand you might ask – really simple aws cli command

aws ec2 start-instances –region <__REGION__>  --instance-ids <__INSTANCE_ID__>

aws ec2 stop-instances –region <__REGION__>  --instance-ids <__INSTANCE_ID__>

Of course in the background the correct credentials and access keys are set up on my linux box – not going to go into how to that here – AWS has enough documentation on that.

The last thing that I needed to solve was the jumpbox has a public IP (obviously) and If I really wanted to save the money – I do not want to have pay for a static Elastic IP provisioned and sitting there idle for 70% of the month (because the instance is powered down

After doing the calculation – it was chump change for my use case (524hrs * $0.005=$2.62) so maybe I should have not worried about it – but the resulted script is still useful.

I wanted to use the allocated IP address that AWS provides to the instance at no cost. The problem with this is – every time you stop the instance the IP address is reclaimed by AWS and when you power it on – you will get a new one.

Me being the lazy bum I am – I did not want to have to lookup up the IP each and every time so I went down the path of updating a DNS record on each reboot.

Take the Public IP allocated to the instance and update a known FQDN that I would use on a regular basis.

The script can be found here (pretty self explanatory)

Now of course this is only a single instance – but if you are interested in saving money this is one of the considerations you think about looking to save. (of course this should be managed properly at scale a single cron job will not suffice…)

For example – if you have a 1000 development machines that are not being used after working hours (and I know that not everything can be shut down after hours there are background jobs that run 24/7),  and they are not a measly t2.medium but rather an m4.large 

1000 (instances) * 220 (work hours) * $0.1 (cost per hour) = $22,200

1000 (instances) * 744 (hours in the month) * $0.1 (cost per hour) =  $74,400

See how you just saved $50k a month on your AWS bill?

You are welcome :)

(If you want spend a some your well saved cash on my new book – The Cloud Walkabout – feel free).

If you have any questions about the script / solution or just want to leave a comment – please feel free to do so below


aws-vault on a Chromebook

I have moved almost exclusively to a Chromebook for my day-to-day work
(a whole other set of blog posts - on the journey and outcome are planned), and I was missing one of the tools in belt and that was aws-vault.

If you look at the releases you will see that there is no binary available for arm.

I opened up an issue on the repository - and the answer that I got was - that it is not likely to have any binary released for ARM in the near future, I should go and compile it for myself.

I did, here are the steps.

Hope it is useful for someone in the future.