Best practices for AWS Budgets - AWS Cost Management

Best practices for AWS Budgets

Note the following best practices when you're working with budgets.

Best practices for controlling access to AWS Budgets

To allow users to create budgets in the AWS Billing and Cost Management console, you must also allow users to do the following:

  • View your billing information

  • Create Amazon CloudWatch alarms

  • Create Amazon Simple Notification Service (Amazon SNS) notifications

To learn more about giving users the ability to create budgets on the AWS Budgets console, see Allow users to create budgets.

You can also create budgets programmatically using the Budgets API. When configuring access to the Budgets API, we recommend creating a unique user role for making programmatic requests. This helps you define more precise access controls between who in your organization has access to the AWS Budgets console and the API. To give multiple users query access to the Budgets API, we recommend creating a role for each of them.

Best practices for budget actions

Using managed policies

There are two AWS managed policies to help get you started with budget actions. One for the user, and the other for budgets. These policies are related. The first policy ensures a user can pass a role to the budgets service, and the second allows budgets to execute the action.

If you don't have proper permissions configured and assigned for the user and for AWS Budgets, AWS Budgets can't execute your configured actions. To ensure proper configuration and execution, we've configured these managed policies so your AWS Budgets actions work as intended. We recommend you use these IAM policies to be sure you don't have to update your existing IAM policy for AWS Budgets when a new functionality is included. We will add new capabilities to the managed policy by default.

For details about managed policies, see Managed policies.

To learn more about AWS Budgets actions, see the Configuring AWS Budgets actions section.

Using Amazon EC2 Auto Scaling

If a budget action is used to stop an Amazon EC2 instance in an Auto Scaling Group (ASG), Amazon EC2 Auto Scaling restarts the instance, or launches new instances to replace the stopped instance. Therefore, "shutdown budget actions is not effective to Amazon EC2/Amazon RDS budget actions" aren't effective unless you combine a second budget action that removes permissions on the role used by the Launch Configuration managing the ASG.

Best practices for setting budgets

Use AWS Budgets to set custom budgets based on your costs, usage, reservation utilization, and reservation coverage.

With AWS Budgets, you can set budgets on a recurring basis or for a specific time frame. However, we recommend setting your budget on a recurring basis so that you don't unexpectedly stop receiving budget alerts.

Best practices for using the advanced options when setting cost budgets

Cost budgets can be aggregated by unblended costs, amortized costs, or blended costs. Cost budgets can also either include or exclude refunds, credits, upfront reservation fees, recurring reservation charges, non-reservation subscription costs, taxes, and support charges.

Understanding the AWS Budgets update frequency

AWS billing data, which Budgets uses to monitor resources, is updated at least once per day. Keep in mind that budget information and associated alerts are updated and sent according to this data refresh cadence.

Best practices for setting budget alerts

Budget alerts can be sent to up to 10 email addresses and one Amazon SNS topic per alert. You can set budgets to alert against either actual values or forecasted values.

Actual alerts are only sent out once per budget, per budget period, when a budget first reached the actual alert threshold.

Forecast-based budget alerts are sent out on a per-budget, per-budget period basis. They might alert more than once in a budgeted period if the forecasted values exceed, dip below, and then exceed the alert threshold again during the budgeted period.

AWS requires approximately 5 weeks of usage data to generate budget forecasts. If you set a budget to alert based on a forecasted amount, this budget alert isn't triggered until you have enough historical usage information.

The following video highlights the importance of setting up budget alerts, which give you control over your spending. It also touches on the use of multi-factor authentication (MFA) to increase the security of your account.

Best practices for setting budget alerts using Amazon SNS topics

When you create a budget that sends notifications to an Amazon SNS topic, you must either have a preexisting Amazon SNS topic or create an Amazon SNS topic. Amazon SNS topics enable you to send notifications over SMS in addition to email.

For budget notifications to be sent successfully, your budget must have permissions to send a notification to your topic, and you must accept the subscription to the Amazon SNS notification topic. For more information, see Creating an Amazon SNS topic for budget notifications.