Application Load Balancers that no longer serve active workloads may persist after application migrations, architecture changes, or testing activities. When no incoming requests are processed through the ALB, it continues to generate baseline hourly and LCU charges. Identifying and decommissioning unused ALBs helps reduce networking expenses without impacting operational environments.

Gateway Load Balancers that no longer have active traffic flows can continue to exist indefinitely unless proactively decommissioned. This often happens after network topology changes, security architecture updates, or environment deprecations. Without active packet forwarding, the GLB provides no functional benefit but still incurs hourly and data transfer costs.

This inefficiency occurs when compression is either disabled or not functioning effectively on a CloudFront distribution. Static assets such as text, JSON, JavaScript, and CSS files are compressible and benefit significantly from compression. Without compression, CloudFront transfers larger objects, leading to increased data transfer charges and slower delivery performance—without improving user experience.

Some architectures unintentionally route large volumes of traffic between resources that reside in different Availability Zones—such as database queries, service calls, replication, or logging. While these patterns may be functionally correct, they can lead to unnecessary data transfer charges when the traffic could be contained within a single AZ. Over time, this can become a silent cost driver, especially for chatty microservices, replicated storage layers, or high-throughput pipelines. Re-architecting for AZ-locality—when possible—can reduce these charges without affecting availability in environments where high resilience isn’t required.

VPC Interface Endpoints are commonly deployed to meet network security or compliance requirements by enabling private access to AWS services. However, these endpoints often remain provisioned even after the original use case is deprecated. In some cases, the applications have been decommissioned; in others, traffic routing has changed and the endpoint is no longer used. Since interface endpoints generate hourly charges whether or not they are used, identifying and removing inactive ones can eliminate unnecessary costs.

NAT Gateways are convenient for enabling outbound access from private subnets, but in data-intensive environments, they can quietly become a major cost driver. When large volumes of traffic flow through the gateway—particularly during batch processing, frequent software updates, or hybrid cloud integrations—the per-GB charges accumulate rapidly. In some cases, replacing a managed NAT Gateway with a self-managed NAT instance can substantially reduce costs, provided that the organization is prepared to operate and maintain the alternative solution.

NAT Gateways are frequently left running after environments are re-architected, workloads are shut down, or connectivity patterns change. In many cases, they continue to incur hourly charges despite no active traffic flowing through them. Because hourly fees are not tied to whether the gateway is needed—just whether it exists—these resources can quietly drive recurring costs without delivering ongoing value. Identifying and removing unused gateways is a simple way to reduce waste.