Best practices for AWS Budgets - AWS Billing and Cost Management

Best practices for AWS Budgets

Note the following best practices when you're working with budgets.

Best practices for controlling access to AWS Budgets

To allow IAM users to create budgets in the AWS Billing and Cost Management console, you must also allow IAM users to do the following:

  • View your billing information

  • Create Amazon CloudWatch alarms

  • Create Amazon Simple Notification Service (Amazon SNS) notifications

To learn more about giving users the ability to create budgets on the AWS Budgets console, see Allow IAM users to create budgets.

You can also create budgets programmatically using the Budgets API. When configuring access to the Budgets API, we recommend creating a unique IAM user for allowing programmatic access. This helps you define more precise access controls between who in your organization has access to the AWS Budgets console and the API. To give multiple IAM users query access to the Budgets API, we recommend creating a programmatic access IAM role for each of them.

Best practices for budget actions

You can configure AWS Budgets to take actions on your behalf when your budget exceeds a certain cost or usage threshold. To learn more about budget actions, see Configuring AWS Budgets actions.

Granting access to budget actions

To get started with budget actions, you must configure the correct permissions for both your IAM users and for the AWS Budgets service.

For IAM users, you can assign permissions to manage budget actions or to retrieve information about budget actions. For the list of permissions available, see the budgets: permissions in Billing and Cost Management actions policies.


To view an account's budget actions in the console, IAM users must have permission to budgets:DescribeBudgetActionsForAccount. Without this permission, the Actions column doesn't load and the console returns an error message.

For AWS Budgets to perform budget actions on your behalf, the service must have permissions to run those operations on your resources. To learn more about how to grant permissions to AWS Budgets, see Setting up a role for AWS Budgets to run budget actions.

Using managed policies

There are two AWS managed policies to help get you started with budget actions. One for the user, and the other for budgets. These policies are related. The first policy ensures a user can pass a role to the budgets service, and the second allows budgets to execute the action.

If you don't have proper permissions configured and assigned for the user and for AWS Budgets, AWS Budgets can't execute your configured actions. To ensure proper configuration and execution, we've configured these managed policies so your AWS Budgets actions work as intended. We recommend you use these IAM policies to be sure you don't have to update your existing IAM policy for AWS Budgets when a new functionality is included. We will add new capabilities to the managed policy by default.

For details about managed policies, see Managed policies.

Using Amazon EC2 Auto Scaling

If a budget action is used to stop an Amazon EC2 instance in an Auto Scaling group, Amazon EC2 Auto Scaling restarts the instance, or launches new instances to replace the stopped instance. Therefore, budget actions is not effective to control cost in this use case.

Best practices for setting budgets

Use AWS Budgets to set custom budgets based on your costs, usage, reservation utilization, and reservation coverage.

With AWS Budgets, you can set budgets on a recurring basis or for a specific time frame. However, we recommend setting your budget on a recurring basis so that you don't unexpectedly stop receiving budget alerts.

Best practices for using the advanced options when setting cost budgets

Cost budgets can be aggregated by unblended costs, amortized costs, or blended costs. Cost budgets can also either include or exclude refunds, credits, upfront reservation fees, recurring reservation charges, non-reservation subscription costs, taxes, and support charges.

Understanding the AWS Budgets update frequency

AWS billing data, which Budgets uses to monitor resources, is updated at least once per day. Keep in mind that budget information and associated alerts are updated and sent according to this data refresh cadence.

Best practices for setting budget alerts

Budget alerts can be sent to up to 10 email addresses and one Amazon SNS topic per alert. You can set budgets to alert against either actual values or forecasted values.

Actual alerts are only sent out once per budget, per budget period, when a budget first reached the actual alert threshold.

Forecast-based budget alerts are sent out on a per-budget, per-budget period basis. They might alert more than once in a budgeted period if the forecasted values exceed, dip below, and then exceed the alert threshold again during the budgeted period.

AWS requires approximately 5 weeks of usage data to generate budget forecasts. If you set a budget to alert based on a forecasted amount, this budget alert isn't triggered until you have enough historical usage information.

Best practices for setting budget alerts using Amazon SNS topics

When you create a budget that sends notifications to an Amazon SNS topic, you must either have a preexisting Amazon SNS topic or create an Amazon SNS topic. Amazon SNS topics enable you to send notifications over SMS in addition to email.

For budget notifications to be sent successfully, your budget must have permissions to send a notification to your topic, and you must accept the subscription to the Amazon SNS notification topic. For more information, see Creating an Amazon SNS topic for budget notifications.