majorwiki/02-selfhosting/cloud/aws-s3-cost-management.md

title	domain	category	tags	status	created	updated
AWS S3 Cost Management	selfhosting	cloud	aws s3 cost billing mastodon glacier	published	2026-04-19	2026-04-19

AWS S3 Cost Management

The majorlinux AWS account is used exclusively for S3 object storage. This covers how to monitor costs, what's driving the bill, and how to reduce it.

Account Overview

• Account ID: 408469496267
• Account name: majorlinux
• Services in use: S3 (Standard + Glacier Deep Archive), AWS Config, Cost Explorer
• Monthly spend: ~$32/mo (March 2026); expected ~$16/mo post-media-prune

Buckets and Cost Drivers

Bucket	Size	Storage Class	Cost/mo	Purpose
majortoot	648 GB (mostly remote cache)	S3 Standard	~$15/mo	Mastodon media
majorhomebackup	16 TiB	Glacier Deep Archive	~$16/mo	MLS stream archives (sole copy)
config-bucket-*	~185 KB	S3 Standard	~$0.00	AWS Config snapshots

CLI Setup

AWS CLI installed on MajorMac via Homebrew. Credentials configured at ~/.aws/credentials.

brew install awscli
# Credentials pulled from Ansible vault:
# AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY in group_vars/all/vault.yml

Useful commands

# Check current month spend by service
aws ce get-cost-and-usage \
  --time-period Start=2026-04-01,End=2026-04-30 \
  --granularity MONTHLY \
  --metrics "UnblendedCost" \
  --group-by Type=DIMENSION,Key=SERVICE

# View anomaly alerts
aws ce get-anomalies \
  --date-interval StartDate=2026-04-01,EndDate=2026-04-30

# Check conformance pack compliance
aws configservice get-conformance-pack-compliance-details \
  --conformance-pack-name MajorConformance

# List budgets
aws budgets describe-budgets --account-id 408469496267

Budget Alert

MajorS3MonthlyAlert configured 2026-04-19:

• 80% threshold → email at $20 actual spend
• 100% threshold → email at $25 actual spend
• Recipient: maj.linux@gmail.com

Cost Reduction Options

majortoot — S3 Standard-IA

Switching S3_STORAGE_CLASS=STANDARD_IA in Mastodon's .env.production reduces storage cost from $0.023/GB to $0.0125/GB for new uploads. Expected saving: ~$4–5/mo after cache is pruned down to local-only content.

See mastodon-instance-tuning for full instructions.

majortoot — Weekly media prune

Weekly cron deployed (0 3 * * 0) via configure_mastodon_media_prune.yml. Removes remote federated cache older than 7 days. Expected to reduce bucket from 648 GB to ~7 GB over time.

majorhomebackup — Self-host consideration

Deep Archive at $0.00099/GB is the cheapest cloud tier — no cloud alternative is cheaper. If the MLS archives are no longer needed, deletion would save $16/mo. A 20TB HDD ($300–400) would break even in ~2 years vs. continued cloud storage. These are the sole copy — do not delete without a separate backup.

Conformance Pack

MajorConformance (created 2024-12-20) monitors S3 buckets for:

• Public read/write access (majortoot is intentionally public — Mastodon media)
• Account-level public access blocks (off by design, same reason)
• S3 default object lock (not enabled — expected)
• S3 event notifications (not enabled — expected)

Evaluations cost $0.001 each and run on a periodic schedule. Safe to ignore; at current scale costs pennies per month.

IAM Users

User	Scope	Credentials location
MajorToot	S3 only — no billing/Cost Explorer	~/.aws/credentials on majortoot
Root	Full access	~/.aws/credentials on MajorMac (configured 2026-04-19)

Related

• Services/AWS — infrastructure record
• mastodon-instance-tuning — media cache management
• majortoot — Mastodon host