--- title: "AWS S3 Cost Management" domain: selfhosting category: cloud tags: [aws, s3, cost, billing, mastodon, glacier] status: published created: 2026-04-19 updated: 2026-04-19 --- # AWS S3 Cost Management The majorlinux AWS account is used exclusively for S3 object storage. This covers how to monitor costs, what's driving the bill, and how to reduce it. ## Account Overview - **Account ID:** `408469496267` - **Account name:** majorlinux - **Services in use:** S3 (Standard + Glacier Deep Archive), AWS Config, Cost Explorer - **Monthly spend:** ~$32/mo (March 2026); expected ~$16/mo post-media-prune ## Buckets and Cost Drivers | Bucket | Size | Storage Class | Cost/mo | Purpose | |--------|------|---------------|---------|--------| | `majortoot` | 648 GB (mostly remote cache) | S3 Standard | ~$15/mo | Mastodon media | | `majorhomebackup` | 16 TiB | Glacier Deep Archive | ~$16/mo | MLS stream archives (sole copy) | | `config-bucket-*` | ~185 KB | S3 Standard | ~$0.00 | AWS Config snapshots | ## CLI Setup AWS CLI installed on MajorMac via Homebrew. Credentials configured at `~/.aws/credentials`. ```bash brew install awscli # Credentials pulled from Ansible vault: # AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY in group_vars/all/vault.yml ``` ### Useful commands ```bash # Check current month spend by service aws ce get-cost-and-usage \ --time-period Start=2026-04-01,End=2026-04-30 \ --granularity MONTHLY \ --metrics "UnblendedCost" \ --group-by Type=DIMENSION,Key=SERVICE # View anomaly alerts aws ce get-anomalies \ --date-interval StartDate=2026-04-01,EndDate=2026-04-30 # Check conformance pack compliance aws configservice get-conformance-pack-compliance-details \ --conformance-pack-name MajorConformance # List budgets aws budgets describe-budgets --account-id 408469496267 ``` ## Budget Alert `MajorS3MonthlyAlert` configured 2026-04-19: - 80% threshold → email at $20 actual spend - 100% threshold → email at $25 actual spend - Recipient: maj.linux@gmail.com ## Cost Reduction Options ### majortoot — S3 Standard-IA Switching `S3_STORAGE_CLASS=STANDARD_IA` in Mastodon's `.env.production` reduces storage cost from $0.023/GB to $0.0125/GB for new uploads. Expected saving: ~$4–5/mo after cache is pruned down to local-only content. See [[mastodon-instance-tuning]] for full instructions. ### majortoot — Weekly media prune Weekly cron deployed (`0 3 * * 0`) via `configure_mastodon_media_prune.yml`. Removes remote federated cache older than 7 days. Expected to reduce bucket from 648 GB to ~7 GB over time. ### majorhomebackup — Self-host consideration Deep Archive at $0.00099/GB is the cheapest cloud tier — no cloud alternative is cheaper. If the MLS archives are no longer needed, deletion would save ~$16/mo. A 20TB HDD (~$300–400) would break even in ~2 years vs. continued cloud storage. **These are the sole copy — do not delete without a separate backup.** ## Conformance Pack `MajorConformance` (created 2024-12-20) monitors S3 buckets for: - Public read/write access (majortoot is intentionally public — Mastodon media) - Account-level public access blocks (off by design, same reason) - S3 default object lock (not enabled — expected) - S3 event notifications (not enabled — expected) Evaluations cost $0.001 each and run on a periodic schedule. Safe to ignore; at current scale costs pennies per month. ## IAM Users | User | Scope | Credentials location | |------|-------|---------------------| | `MajorToot` | S3 only — no billing/Cost Explorer | `~/.aws/credentials` on majortoot | | Root | Full access | `~/.aws/credentials` on MajorMac (configured 2026-04-19) | ## Related - [[Services/AWS]] — infrastructure record - [[mastodon-instance-tuning]] — media cache management - [[majortoot]] — Mastodon host