Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

GuardDuty pricing investigation

0

A customer is using S3 and Glue Job to combine all the files in their s3.
As it stands their s3 cost is almost half of guard duty and glue job.

Is there a way to find out what made the guard duty cost to go up? I mean it tells me the usage ie. this bucket but thats pretty much it, what was scan etc there is no informaiton on that, and why almost double the cost of the data that is there.

I can tell the customer not to use s3 data events for guard duty by turning it off, not something I want to do, but just trying to understand if there is a way to tell or visualize why the cost almost double of the data there.

Themen
SpeicherSicherheit, Identität & KonformitätAnalysen
Tags
Amazon Simple Storage ServiceAmazon GuardDutyAWS Glue
Sprache
English
Taswar_B
gefragt vor 3 Jahren927 Aufrufe
1 Antwort
0
Akzeptierte Antwort

When enabling GuardDuty for S3, GD starts looking for S3 Data Events, e.g. GetObject, ListObjects, DeleteObject, and PutObject API operations. They are often high-volume activities, especially if used in the context of ETL processes.

You can find more details by creating a Cost Usage Report (CUR) and filter by product/group = Security Services - Amazon GuardDuty Paid S3 Data Events Processed. If you are using tags, you can get a more granular view of which buckets are contributing the most (this is also available from the Events section in the GD console)

AWS
EXPERTE
Luca_I
beantwortet vor 3 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt