ra2 studio - Fotolia

AWS cloud cost management in the spotlight for 2016

AWS users want more built-in cloud security and control tools in 2016, and vow to improve cloud cost management -- something Amazon will help with through a new free tool.

Many AWS users resolve to keep a closer eye on spending in 2016, and Amazon has released new cloud cost management tools that could help them reach those goals.

New AWS Cost and Usage Reports, launched this month, are part of the AWS Billing Console. It allows users to view Elastic Compute Cloud (EC2) costs and usage by category, such as instance type, operating system, processor, tag, and tenancy and pricing details.

The reports are delivered to a specified Amazon Simple Storage Service bucket, are customizable as far as how the data is visualized -- hourly or daily -- and can be fed into the Amazon Redshift data warehouse or QuickSight business intelligence tool.

The tool joins other new cloud cost management tools from AWS, including Cost Explorer and AWS Budgets and Forecasts. Cost Explorer offers a snapshot of ongoing cloud costs through the AWS Management Console, while AWS Budgets and Forecasts offer forward-looking information on cloud costs; Cost and Usage Reports offer historical cost analysis.

All of these new utilities dovetail with the direction AWS shops are headed in 2016.

"IT operations teams must build up their cost-management skills in the cloud era," said David Bartoletti, analyst with Forrester Research. "The business might be thrilled about an early return after moving an app or activity to the cloud, but they will depend on IT to show them the cost benefits continue."

Users are already looking around for tools to more consistently break down AWS cloud costs.

"We have about 50 or so EC2 instances," said Craig Loop, director of networking for Realty Data Company in Naperville, Ill., which sells property information to mortgage bankers. "As that grows and the data grows, I'd probably use some basic tools in the beginning for CPU and disk utilization just to show me this server is idling all the time."

AWS users also increasingly turn to native cloud cost management and analytics tools as a fear of cloud lock-in subsides, according to Anne Currie, co-founder of Force12.io, a startup in Barcelona working on a meta-scheduler for Docker. Currie is also the CEO and co-founder of WorkingProgram, a software company in London.

Her New Year's resolution for 2016, she said, is to look into the QuickSight tool.

"QuickSight may be something enterprises will fear at first, but I'd strongly argue that they are failing to take full advantage of cloud if they don't use the services," Currie said.

New cloud security tools top wish lists for 2016

As AWS shops work toward cloud nirvana, there are some other ways AWS can help them out in the new year, including crossing off items still on the wish list after re:Invent.

AWS users would like to see Amazon broaden its suite of native security tools to include an intrusion detection system (IDS), intrusion prevention system (IPS), and security information and event management (SIEM).

"AWS has come out with the [Web Application Firewall] and ... the Inspector service, but we'd love to see an IDS/IPS and SIEM offering," said Theodore Kim, senior director of software as a service operations for Jobvite, a talent acquisition software maker in San Mateo, Calif.

AWS partners offer such software on the AWS Marketplace, and users can cobble together an IPS/IDS system using a variety of AWS products, such as Identity and Access Management and Multi-Factor Authentication.  

But AWS can go further in cloud management tools by providing visibility down to every action taken within any instance for security purposes, said Edward Haletky, CEO of the Virtualization Practice in Austin, Texas.

Examples of such visibility would include showing when CloudHSM has been unlocked and cryptography keys exfiltrated, as well as showing when Amazon employee actions affect a user's instance.

"Amazon needs to develop a core architecture for how to best expose events from the platform for availability, confidentiality and integrity," Haletky said. "In other words, a true security architecture that tenants can use so that they know what they need to add instead of relying on 'trust me' from Amazon -- we need proof of security with something auditable."

Amazon declined to comment on this story.

Beth Pariseau is senior news writer for SearchAWS. Write to her at [email protected] or follow @PariseauTT on Twitter.  

Next Steps

Planning for cloud computing costs

Cloud costs are on the rise -- but why?

Gambling on cloud cost efficiency not a safe bet

Dig Deeper on AWS pricing, cost and ROI