Idle VPC Endpoints: How to Identify and Optimize AWS Costs

When managing AWS resources, it’s important to monitor and optimize usage to avoid unnecessary costs. One such resource is VPC endpoints, which allow secure connections between your VPC and AWS services without the need for an internet gateway, NAT device, or VPN connection. While VPC endpoints are highly valuable, it’s essential to identify and monitor idle endpoints that are incurring unnecessary costs without being actively used.

Here’s how you can identify idle VPC endpoints using AWS Cost and Usage Reports (CUR) and a custom query to track associated costs.

Understanding Idle VPC Endpoints

An idle VPC endpoint is a resource that is provisioned but not being actively used. This can happen due to several factors, such as:

• No traffic being routed through the endpoint: While the endpoint might be available, there is no actual data transfer through it.
• Low usage: The endpoint might be used intermittently, leading to minimal cost but still incurring charges for its existence.

Identifying these idle endpoints is important for cost management and optimization. Fortunately, you can use AWS Cost and Usage Reports (CUR) to analyze and find these idle VPC endpoints.

CUR Query to Identify Idle VPC Endpoints

To find idle VPC endpoints, you can use the following SQL-like query on your CUR dataset:

Example output: 

Breaking Down the Query

1. Line Item Filters:
   • This query focuses on usage records (line_item_line_item_type = 'Usage').
   • It specifically looks for VPC endpoint usage and traffic costs by filtering usage types like %Endpoint-Hour% and %Traffic-GB%.
2. Columns:
   • account: The account ID where the resource is located.
   • region: The AWS region where the VPC endpoint is created.
   • resource: The resource ID of the endpoint, extracted from line_item_resource_id.
   • hourly_cost: The total cost incurred from endpoint usage (on an hourly basis).
   • traffic_cost: The cost from traffic routed through the endpoint (measured in GB).
3. HAVING Clause:
   • This is where the query identifies idle endpoints. The HAVING clause filters out any VPC endpoints that have associated traffic costs (traffic_cost > 0). Only those endpoints with a traffic cost of 0 are considered, indicating that they are idle but still incurring costs for being provisioned.
4. ORDER BY:
   • The query sorts the results by hourly cost and traffic cost in descending order, making it easier to identify the most expensive unused VPC endpoints.

How to Use This Data

By running this query on your AWS CUR data, you can generate a report of idle VPC endpoints across your AWS accounts and regions. This will help you identify which endpoints are costing money without providing value, allowing you to take the following actions:

• Delete Idle Endpoints: If you find VPC endpoints that are not being used and do not have traffic, consider deleting them to reduce unnecessary costs.
• Review and Optimize Resource Usage: Analyze traffic patterns to determine if the idle endpoints can be repurposed or optimized for better cost efficiency.
• Budgeting and Forecasting: Use the data to forecast future costs and allocate budgets more effectively by removing unneeded resources.

Conclusion

Using AWS CUR and the custom query shared above, you can efficiently track and manage your VPC endpoints, identifying those that are idle and not generating value. This proactive approach to resource management helps you optimize costs and ensures you’re only paying for the resources you need.

If you need further assistance in querying your AWS CUR or optimizing your VPC endpoints, feel free to reach out to us for expert guidance and support.