Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

My EC2 and other service not using KMS. But i am still charging.

0

Hello everyone, I already read aws questions and answers. But not found any solution. I have 1 AWS managed keys. I know there is no option to delete AWS managed keys. But my EC2 and other service not using KMS. But i am still charging. But why ?

Topics
Security, Identity, & Compliance
Tags
AWS Key Management Service
Language
English
asked 3 years ago524 views
2 Answers
4
Accepted Answer

Note that, you will be charged not for storing KMS Keys, but for API calls to those keys. Refer KMS Key Pricing notes.

AWS Managed keys can't be deleted, customer managed keys only can be deleted.

Note 1: While you are not charged for creation and storage of AWS-managed keys, you will be charged on any API request made to AWS-managed keys. Note 2: When you use a KMS key in a different AWS account, the AWS account that makes the API request is charged for the key use.

I would suggest you to go to cloudtrail and see for KMS key API calls and identify, where those API calls are coming from.

To go further and see, where the charges are coming from:

  1. Go to Cost Explorer -> Choose Date Range in right pane
  2. Granularity -> Daily
  3. Dimension -> Usage Type
  4. Filter -> Service -> Key Management Service -> Apply

Repeat the same but change Dimension this time to Region and apply, see where it's coming from. This would show you, where the cost is coming from.

AWS
EXPERT
answered 3 years ago
AWS
EXPERT
reviewed 3 years ago
  • AD DATA
    3 years ago

    API request coming from "mgn.amazonaws.com"

0

Please reply.

answered 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content