By Thomas Smart, Sr. Consultant and AWS Ambassador – Sourced Group
By KangZheng Li, Associate Consultant – Sourced Group
By Prashant Advani, Sr. Partner Management Solution Architect – AWS

Sourced-Group-AWS-Partners
Sourced Group
Connect with Sourced-Group-1

To help enterprise clients increase their cloud initiatives, Sourced Group has developed a Serverless Adoption Programme for enterprises.

This programme includes a training track with close to 24 hours of serverless-focused courses. It was in this training track, specifically a course about serverless cloud cost estimation, that the need for an overview of data transfer charges arose for the team at Sourced Group.

Data transfer is an obvious part of any cloud cost estimation, but Sourced Group ran into three problems getting the information they needed:

  1. Data transfer costs are not always easy to access. Individual pricing pages have data transfer costs relevant to each particular service, but there are fringe cases and costs that may not be specific to a particular service that seem to fall through the cracks.
  2. Others have made efforts in the past to bring some transparency to this topic with blog articles and visuals. However, given the pace of change, all of the third-party information Sourced Group was able to find could be considered outdated. The most recent one dated back to December 2019.
  3. Lastly, all of the information the team could find was focused on server-based services, but Sourced Group’s cost estimation course is focused on estimating the cloud cost for serverless architectures. Many of the cloud services and connections covered in the course were missing from the existing information.

Because of this, Sourced Group decided to put effort into collecting the latest information, with support from the team at Amazon Web Services (AWS) to help them track down the prices of some of the harder to find fringe cases.

These combined efforts resulted in two AWS data transfer visuals.

In this post, we’ll provide an updated version of the server-focused data transfer costs that others have created and shared in the past. Sourced Group, an AWS Premier Tier Services Partner, also created an entirely new visual for its own training materials that is focused on the AWS data transfer costs relevant to serverless architectures.

We encourage you to use these artefacts, both in your commercial and non-commercial materials, with attribution to Sourced Group and without any changes made to the images or branding.

Calculating Data Transfer Charges

Calculating data transfer charges in the cloud can be a challenging task. The charges are not always transparent. There are situations where it’s free and situations where it’s not—sometimes inexplicitly.

First, you need to know if the data is coming into the cloud (ingress) or leaving the cloud (egress). Second, is the data traversing the internet, moving between AWS regions, or passing through different AWS Availability Zones (AZs)?

You must also consider the services the traffic is originating from and bound for, as different services may have different data transfer-related costs associated with them.

There are potentially four chargeable actions when data is sent from cloud service A to cloud service B. The traffic flow is as follows:

  1. Data exits A (egress of A charge)…
  2. …into B (ingress of B charge). If there is a response…
  3. …the response traffic exits B (egress of B charge)…
  4. …back into A (ingress of A charge).

A general rule of thumb is that all traffic originating from the internet into AWS enters for free, but traffic exiting AWS is chargeable outside of the free tier—typically in the $0.08–$0.12 range, though some response traffic egress can be free. The free tier provides 100GB of free data transfer out per month as of December 1, 2021.

Traffic between regions will typically have a $0.09 per GB charge for the egress of both the source and destination. Traffic between services in the same region is charged at $0.01 per GB for all four flows. All of the above applies to data transfer charges for both server-based and serverless architectures.

Note the pricing for Sourced Group’s visuals is based on the region we, the authors, are based in (Singapore) and it’s in AWS-standard U.S. dollars (USD).

The flows and billable traffic will be the same for your region, but there may be slight differences in the charged amounts. Prices may have changed since we published this article and visuals, so please make sure to fact-check before making any estimate guarantees.

AWS Server-Focused Data Transfer Charges

In Figure 1 below, the visual is focused on server-based architecture and aims to update previous data transfer visuals created by others in the past.

While our priority was data transfer charges, we have also included the data processing charge that services, such as load balancers, virtual private cloud (VPC) endpoints, and network address translation (NAT) gateways impose. Make sure to include those in any estimates.

Figure 1 – AWS data transfer charges for server-based architectures.

The complexity of this visual might be overwhelming, so to help you through it we will share an example scenario.

Suppose we have a standard two-tier architecture with an Application Load Balancer balancing traffic across two Amazon Elastic Compute Cloud (Amazon EC2) instances in the same region, but different AZs, as well as an Amazon Relational Database Service (Amazon RDS) instance.

If we follow the light green arrow from the internet into the Application Load Balancer, we see that ingress (I) from the internet is free.

The returning egress (E) traffic is chargeable between $0.08 to $0.12 per GB. This is a range because of tiered pricing. Also, note that different regions can have substantially different egress pricing.

Going through the Application Load Balancer incurs a data processing charge of $0.008 per Load Balancer Capacity Units (LCU). An LCU defines how many bytes the load balancer can process per hour.

Traffic is then directed to the Amazon EC2 instance in AZ-A or the instance in AZ-B. Following the arrow, we can see the egress (E) traffic from the ALB to either EC2 is free, as is the return traffic.

Our application’s Amazon RDS database could be in the same AZ as the EC2 instance, a different AZ, or another region.

  • If the Amazon EC2 connects to the database within the same AZ, all traffic between them is free. If you are using VPC peering within the same AZ, it will be free as well.
  • If the EC2 instance connects to a database that is in a different AZ, there will be a $0.01 charge per GB for all four flows—EC2 egress request, RDS ingress request, RDS egress response, and EC2 ingress response.
  • If the database is in another region, there will be a $0.09 per GB charge for EC2 egress request and RDS egress response, and no charge for RDS ingress request and EC2 ingress response.

AWS Serverless-Focused Data Transfer Charges

The next visual (Figure 2) is a bit more complicated because serverless and fully-managed services generally have more deployment options and integrations.

Serverless architecture typically expect a large number of cloud resources in a given solution, which can make calculating cost estimates considerably more challenging. However, given the low operational cost of serverless, having accurate data transfer costs is all the more critical as these can be a sizeable part of the total cost.

Looking at the AWS Lambda service, we can already see some of that complexity. When we deploy a new Lambda microservice, we can launch them within a VPC in the region we choose, or we can opt for an AWS-managed VPC which is the default.

While the AWS-managed VPC is easier in many ways, one complexity this adds is that we have no control over the AZ that microservices are launched into.

Lastly, for Lambda, there is no charge for the invoke API payload (ingress) and response (egress).

Figure 2 – AWS data transfer charges for serverless architectures.

As with the server-based visual, let’s walk through an example. A common setup for a serverless web application is Amazon API Gateway integrated with AWS Lambda microservices.

First, Amazon API Gateway invokes a Lambda function. Within the same AWS region, it is free both ways. In a different region, this invocation incurs a single $0.09 per GB regional transfer fee for the Amazon API Gateway egress traffic.

If your microservice application is using an RDS or Amazon DynamoDB Accelerator (DAX) database, the Lambda-to-database traffic will be free if it’s in the same region, including if VPC peering is used. Traffic to databases in a different region will incur a regional transfer fee of $0.09 per GB for both the Lambda and database egress traffic. Ingress traffic is free for both.

Next, let’s look at inter-Lambda traffic between two microservices. If the two microservices are in different regions, the egress from the source microservice will be billable at $0.09 per GB. Ingress and response traffic are free.

If the two microservices are in different AZs, the ingress and egress from the source microservice will be billable at $0.01 per GB. Ingress and egress traffic on the destination microservice is free. Of course, no fees are charged if both microservices are in the same AZ.

Slightly more challenging is when a source Lambda microservice in your VPC communicates with a microservice in an AWS-managed VPC. There are four scenarios to consider for this traffic:

  1. The most straightforward approach is to directly invoke the target Lambda microservice from the source microservice. For this, you are billed the egress to internet data transfer charge of between $0.08–$0.12 for the source egress. Of course, this will only work if there is an internet gateway providing internet access to the source microservice.
  2. For microservices in a private subnet, you’ll need to use VPC services such as a VPC endpoint and NAT gateway that have a data processing charge of $0.01 per GB or $0.059 per GB, respectively. Luckily, traffic between Lambdas and these services is free within the same AZ.
  3. If the VPC services are in another AZ, there will be an intra-AZ fee of $0.01 per GB on both the egress and ingress of the source microservice on top of the data processing charge.
  4. One final option to consider is to use a proxy service running on an EC2 instance. This is a common design pattern for enterprise cloud environments, so this may already be available to you. Assuming the proxy and destination microservice are in the same region and AZ, there is no chargeable traffic fee. For cross-AZ traffic, the usual fee of $0.01 per GB applies to the proxy egress. There is no charge on the destination Lambda side as invocations are free.

Lastly, for Lambda microservice integrations, traffic to most other AWS services in the same region is completely free. Note that microservices in a VPC will typically incur data processing charges for the VPC endpoint or NAT gateway needed to reach those services.

Conclusion

This was a great research project to work on and uncover some hidden truths essential to accurate cloud cost estimations. The serverless visual will be especially useful in the team’s efforts at Sourced Group to promote, train, and deliver serverless architecture.

Through this effort, Sourced Group will be able to give clients a more comprehensive view of their total cost of ownership (TCO) upon moving their application to the cloud.

Check out the myriad of services offered by Sourced Group in addition to the Serverless Adoption Programme.

.
Sourced-Group-APN-Blog-Connect-1
.


Sourced Group – AWS Partner Spotlight

Sourced Group is an AWS Premier Tier Services Partner and leading cloud consulting firm focused on large, security-conscious enterprises in regulated industries.

Contact Sourced Group | Partner Overview

*Already worked with Sourced Group? Rate the Partner

*To review an AWS Partner, you must be a customer that has worked with them directly on a project.