By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

My EC2 and other service not using KMS. But i am still charging.

0

Hello everyone, I already read aws questions and answers. But not found any solution. I have 1 AWS managed keys. I know there is no option to delete AWS managed keys. But my EC2 and other service not using KMS. But i am still charging. But why ?

Topics
Security, Identity, & Compliance
Tags
AWS Key Management Service
Language
English
AD DATA
asked 10 months ago268 views
2 Answers
4
Accepted Answer

Note that, you will be charged not for storing KMS Keys, but for API calls to those keys. Refer KMS Key Pricing notes.

AWS Managed keys can't be deleted, customer managed keys only can be deleted.

Note 1: While you are not charged for creation and storage of AWS-managed keys, you will be charged on any API request made to AWS-managed keys. Note 2: When you use a KMS key in a different AWS account, the AWS account that makes the API request is charged for the key use.

I would suggest you to go to cloudtrail and see for KMS key API calls and identify, where those API calls are coming from.

To go further and see, where the charges are coming from:

  1. Go to Cost Explorer -> Choose Date Range in right pane
  2. Granularity -> Daily
  3. Dimension -> Usage Type
  4. Filter -> Service -> Key Management Service -> Apply

Repeat the same but change Dimension this time to Region and apply, see where it's coming from. This would show you, where the cost is coming from.

profile pictureAWS
EXPERT
secondabhi_aws
answered 10 months ago
profile pictureAWS
EXPERT
iBehr
reviewed 10 months ago
  • AD DATA
    10 months ago

    API request coming from "mgn.amazonaws.com"

0

Please reply.

AD DATA
answered 9 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content