Unleashing the Power of FinOps: Advanced AWS Cost Management with SupportSages

Introduction

Managing AWS costs is crucial for businesses that rely on cloud infrastructure. Unexpected spikes in costs can lead to budget overruns, making cost anomaly detection an essential practice. While AWS offers Cost Anomaly Detection, this blog presents a Python-based approach using AWS Cost Explorer and Boto3, providing more flexibility and control over anomaly detection logic.

At SupportSages, we seamlessly integrate FinOps, DevOps, and CloudOps expertise, delivering comprehensive cloud management solutions. Our 24/7 monitoring and proactive cost anomaly detection capabilities form the backbone of our FinOps-driven approach — ensuring you stay in control of your cloud budget.

How differs from AWS Cost Anomaly Detection

AWS Cost Anomaly Detection is an AWS-managed service that uses machine learning to identify unusual cost patterns and sends alerts automatically. However, the Python-based approach described here provides:

• Customizable thresholds: Users can define their own cost thresholds per service.
• Real-time execution: Unlike AWS’s predefined detection intervals, this script allows users to run anomaly checks on demand.
• Control over anomaly detection logic: Users can modify the script to include additional filtering criteria, external integrations, or historical comparisons.
• Multi-account and service-specific insights: This approach can be extended to work across multiple AWS accounts using AWS STS AssumeRole.

Why FinOps & Cost Anomaly Detection Matter

AWS offers a pay-as-you-go model, but sudden cost increases can occur due to:

• Unoptimized resources (e.g., over-provisioned EC2 instances)
• Unexpected usage spikes (e.g., traffic surges affecting Lambda, S3, or RDS usage)
• Misconfigured services (e.g., unintended data transfers or scheduled tasks running more frequently than expected)

Identifying these anomalies early helps businesses take corrective actions, optimize costs, and prevent billing surprises.

Prerequisites

Before running the script, ensure you have the following:

• An AWS account with Cost Explorer enabled.
• Python 3.x installed along with the boto3 library (pip install boto3).

The Python Script

Below is the Python script that fetches AWS cost data for the past week, compares daily costs for each service, and detects anomalies based on predefined thresholds.

import boto3
import datetime
from botocore.exceptions import ClientError

SERVICE_THRESHOLDS = {
    "Amazon EC2": 50.00,
    "Amazon S3": 30.00,
    "AWS Lambda": 20.00,
    "Amazon RDS": 40.00,
    "AWS CloudWatch": 10.00
}
DEFAULT_THRESHOLD = 10.00
def get_anomaly_data():
    """Fetch AWS cost data from Cost Explorer API."""
    client = boto3.client('ce')
    end_date = datetime.date.today().strftime('%Y-%m-%d')
    start_date = (datetime.date.today() - datetime.timedelta(days=7)).strftime('%Y-%m-%d')
    try:
        response = client.get_cost_and_usage(
            TimePeriod={'Start': start_date, 'End': end_date},
            Granularity='DAILY',
            Metrics=['BlendedCost'],
            GroupBy=[{'Type': 'DIMENSION', 'Key': 'SERVICE'}]
        )
        cost_data = {}
        for result in response['ResultsByTime']:
            date = result['TimePeriod']['Start']
            for group in result['Groups']:
                service = group['Keys'][0]
                cost = float(group['Metrics']['BlendedCost']['Amount'])
                if service not in cost_data:
                    cost_data[service] = []
                cost_data[service].append((date, cost))
        return cost_data
    except ClientError as e:
        print(f"Error fetching cost data: {e}")
        return None
def detect_anomalies(cost_data):
    anomalies = []
    for service, costs in cost_data.items():
        previous_cost = None
        threshold = SERVICE_THRESHOLDS.get(service, DEFAULT_THRESHOLD)
        for date, cost in costs:
            if previous_cost is not None:
                increase = cost - previous_cost
                if increase > threshold:
                    anomalies.append({
                        "service": service,
                        "date": date,
                        "cost": cost,
                        "increase": increase,
                        "threshold": threshold
                    })
            previous_cost = cost
    return anomalies
def main():
    print("Starting cost anomaly detection for this AWS account...")
    try:
        cost_data = get_anomaly_data()
        if cost_data is None:
            return
        anomalies = detect_anomalies(cost_data)
        if anomalies:
            print(f"⚠️ Cost anomalies detected!")
            for anomaly in anomalies:
                print(anomaly)
        else:
            print(f"No anomalies detected.")
    except ClientError as e:
        print(f"Error processing cost data: {e}")
    print("Cost anomaly detection completed!")
if __name__ == "__main__":
    main()

How It Works

Fetch AWS Cost Data:

• The script uses boto3.client('ce') to interact with AWS Cost Explorer.
• It retrieves cost data for the last 7 days, grouped by service.

Detect Anomalies:

• The script compares daily costs of AWS services.
• If a service’s cost increases beyond its predefined threshold, it flags the anomaly.

Output Anomalies:

• If anomalies are found, they are printed with date, cost, and increase amount.

Example Output

Starting cost anomaly detection for this AWS account...
⚠️ Cost anomalies detected!
{'service': 'Amazon EC2', 'date': '2024-03-09', 'cost': 120.5, 'increase': 70.5, 'threshold': 50.0}
Cost anomaly detection completed!

Benefits of a FinOps-driven Anomaly Detection Approach

• Customization: Users can modify cost thresholds for different services based on business requirements.
• Immediate Detection: Unlike AWS Cost Anomaly Detection, which may take time to detect anomalies, this script provides instant results.
• No Additional AWS Costs: AWS Cost Anomaly Detection may incur costs based on its machine learning model evaluations, whereas this script runs on on-demand infrastructure like AWS Lambda or EC2 at minimal cost.
• Integration Flexibility: This script can be extended to:
• Send notifications via SNS or Slack.
• Log results into Amazon Timestream or DynamoDB for historical tracking.
• Automate cost optimizations (e.g., stopping EC2 instances when an anomaly is detected).

✅ Multi-Account Governance: Use AWS STS AssumeRole to extend anomaly detection and cost optimization practices across accounts.

Conclusion

Detecting AWS cost anomalies can help businesses proactively manage cloud expenses and prevent unexpected charges. While AWS Cost Anomaly Detection provides a managed service, this Python script offers greater control, flexibility, and cost savings. By implementing this approach, businesses can track cost fluctuations and identify unusual spending patterns with ease.

Combine the best of DevOps, CloudOps, and FinOps with SupportSages to maximize your cloud ROI.
We don’t just manage your infrastructure — we optimize your costs, operations, and business outcomes.

Start detecting anomalies your way with this customizable Python script.

• Save money
• Detect issues instantly
• Stay ahead of surprises

Download the script or get in touch with our cloud experts to automate cost monitoring across your AWS accounts.