Blog AWS Financial Management

Stop the Surprises – How to Prevent Overspending in AWS, Azure, and Google Cloud

Austin Fuller

6 min read

Last updated on February 6th, 2023 at 1:23pm

Life is full of surprises. Some surprises are good, like surprise parties or gifts, while others are not so good, like a surprise spike in your cloud bill.

Recently, some AWS users received an unexpected email informing them they would exceed the free tier usage allowance; some were notified about exceeding allowances for services they weren't using. A similar incident occurred in 2018.

Fortunately, the error that triggered the erroneous emails didn't incur any real billing costs, and overall, the cloud service providers are usually very good at accurately reporting billing information and notifying users in a timely fashion. But this recent incident highlights an area that many organizations struggle to address: how do you prevent overspending on services you use or, worse, on services you shouldn't be using at all. In a multi-cloud world, where there can be thousands and even millions of entities across multiple cloud service providers, it can be difficult to configure each account to prevent overspend.

How to Prevent Overspend Using AWS Native Tools

AWS has several means to prevent overspending your budget by using AWS Budgets and Amazon CloudWatch, namely billing alerts and billing alarms.

AWS Billing Alerts

AWS Budgets allows you to configure billing alerts. Billing alerts allow you to set up an alert to be notified automatically via e-mail when estimated charges reach a threshold that you choose. You will also need to meet certain requirements regarding permissions and conditions, like being signed in using account root user credentials or as an IAM user that has been given permission to view billing information. You can read the full list of required conditions from AWS.

To enable billing alerts:

  1. Open the AWS Billing console at
  2. In the navigation pane, choose Billing Preferences.
  3. Choose Receive Billing Alerts.
  4. Choose Save preferences.

AWS Billing Alarms

Amazon CloudWatch enables you to be more proactive in the way that you monitor your cloud spend via billing alarms. While more complicated to configure, billing alarms can be much more granular in the conditions for triggering a notification. For example, billing alarms can be set to a static value as a threshold or you can set a band as a threshold to monitor for abnormal spikes in estimated AWS charges. Get a detailed walkthrough of using Amazon CloudWatch for billing alarms.

Cloud Watch Alarm Solution Overview; Credit: Amazon Web Services

A brief overview for a simple billing alarm is as follows:

  1. Open the CloudWatch console at
  2. If necessary, change the Region to US East (N. Virginia). Billing metric data is stored in this region and reflects worldwide charges.
  3. In the navigation pane, choose Alarms, Create Alarm.
  4. Choose Select metric, Billing, Total Estimated Charge.
    1. If you don't see Billing or the Total Estimated Charge metric, you might need to enable billing alerts.
  5. Select the checkbox next to Estimated Charges and choose Select metric
  6. in the 'Whenever my total AWS charges for the month exceed' field, specify the monetary amount (for example, 200) that must be exceeded to trigger the alarm and send an email notification. Then choose Next.
  7. For 'send a notification to', do one of the following:
    1. Choose Select an existing SNS topic and then select the topic to notify under Send a notification to.
    2. Choose Create a new topic and then type a name for the new SNS topic and enter the email addresses that are to receive the notifications. Separate the email names with commas.
  8. Choose Create Alarm.

AWS Free Tier Usage Alerts

AWS Free Tier Usage Alerts leverage AWS Budgets to send alerts. AWS Budgets automatically notifies you over email when you exceed 85 percent of your Free Tier limit for each service. For additional tracking, you can set up AWS Budgets to track your usage to 100 percent of the Free Tier limit for each service. Learn how to configure a usage budget in the AWS documentation. By default, AWS sends an email to the email address you used to create your account.

To change the email address for AWS Free Tier Usage Alerts:

  1. Sign in to the AWS Management Console and open the Billing console at
  2. Under Preferences in the navigation pane, choose Billing preferences.
  3. Under Cost Management Preferences, under Receive AWS Free Tier Usage Alerts in the Email Address dialog box, enter the email address where you want to receive the usage alerts.
  4. Scroll to the end of the page and choose Save preferences.

When properly configured, you will receive an email notification like the one pictured below:

Proactive Financial Enforcement Actions with Kion

The native services offered by the cloud service providers are excellent for monitoring cloud spend and alerting potential overages, but sometimes alerts aren't enough. Many organizations want to automatically enforce budget limits by preventing excess spending in the first place. This is exactly what Kion provides via financial enforcement actions. Financial enforcement actions are configurable actions you can set on a funding source, project, or OU when a spending threshold is surpassed. This spending threshold is determined by triggers and events you can customize at each level.

While you can set enforcement actions at the funding source level, we recommend setting enforcements at the project level for more granular control.

Financial enforcement actions are made up of the following customizable variables:

  • Enforcement Type allows you to select whether the enforcement applies at the project/OU level or the service level.
  • Triggers determine what combination of time and funds spent/remaining will set off the action. Triggers include the Timeframe for measurement, the Spend Option (to specify the trigger based on Spend, Remaining, or Spend Rate), a dollar or percentage value, and, if you selected Service Enforcement, the Service to which the enforcement applies.
  • Events are the actions you want to take place when a trigger's conditions are met.
  • Notifications allow you to select which users and groups will be notified when a financial enforcement action is triggered.

To add a financial enforcement action to a project:

  1. In the left navigation menu, click Projects > All Projects.
  2. Click the name of the project to which you would like to add a financial enforcement action.
  3. Click the Enforcements tab.
  4. Click Add.
  5. Select Project to apply an enforcement based on the project as a whole, or Service to apply an enforcement based on the value of a single cloud service.
  6. Select a timeframe to determine the length of time that is taken into account by the enforcement.
  7. If you selected Enforcement Type: Service, select the Service to monitor.
  8. If you selected Enforcement Type: Project, choose what to monitor:
  9. In the Amount dropdown, enter a specific amount to use as a threshold, or select Last month's spend to use the total spend for the previous month.
  10. Under Events, select a cloud rule to run when the enforcement is triggered.
  11. Set the Overburn toggle to ON to add a badge to the OU when the trigger's conditions are met.
  12. Select any users and user groups to notify when the enforcement is triggered.
  13. (Optional) Enter a description.
  14. Click Save.

Managing Multi-Cloud Financials

Proactively preventing going over budget or rogue spikes in spend isn't the only way Kion can help you to save money in the cloud. Kion's financial management features make it easy to understand and optimize your spending across AWS, Azure, and Google Cloud. Kion provides rightsizing, instance reservation, and other recommendations. Continuous monitoring can identify neglected resources and automatically terminate them to eliminate wasted spend. These features, combined with financial enforcements, help you to rest easy knowing that you won't break the bank when it comes to scaling your multi-cloud environment.

If you’d like to learn more about how Kion can help you to spend better in the cloud or if you'd like to see a demo of what Kion could do for you, please contact one of our experts.

Talk to an expert

About the Author

Austin Fuller

Austin has nearly a decade of experience in enterprise software and cybersecurity and is an AWS-certified cloud practitioner.

Start your cloud operations journey.

Request a demo today,