Most cloud cost audits either take weeks (enterprise FinOps engagements) or never happen at all. But a well-structured 10-minute audit can surface the most expensive waste in your environment — giving you a prioritized action list before your morning standup is done.
This guide gives you the exact audit checklist we use at Cloud Hero AI, adapted for manual execution. It works for AWS, GCP, and Azure — and if you want to skip the manual version entirely, Cloud Hero AI's Hero Savings automates the entire process.
Before You Start: The 3-Minute Setup
A good audit needs a reference point. Before diving into services, grab these two pieces of information:
- Your current monthly spend — go to Billing in your cloud console and note your last full month's total cost and your MTD (month-to-date) cost
- Your top 5 services by cost — in AWS Cost Explorer, sort by service for the last 30 days; in GCP, use the Billing dashboard; in Azure, use Cost Analysis grouped by Service Name
You'll now have a clear view of where money is going, which tells you where to look for waste.
Audit principle: Follow the money. If EC2 is 60% of your bill, that's where your biggest savings are. Don't optimize S3 for 20 hours if compute is the real problem. Spend time proportional to the cost category's share of your bill.
The 10-Minute Cloud Cost Audit Checklist
Minutes 1–2: Compute (EC2 / GCE / Azure VMs)
| Check | Where to Look | Red Flag |
|---|---|---|
| Idle instances (<5% CPU, 30 days) | AWS: Trusted Advisor → Cost Optimization; GCP: Recommender; Azure: Advisor | Any running instance with <5% avg CPU |
| Instances running 24/7 in dev/staging | Filter instances by Name tag containing "dev", "staging", "test" | Non-production environments with no stop schedule |
| Old generation instance types | EC2 → Instances → filter by type: t2.*, m4.*, c4.* | Older gen = 10–30% more expensive than equivalent new gen |
| Instances with no tags | EC2 → Instances → filter for missing "Owner" or "Team" tag | Untagged resources have no owner = nobody responsible for cost |
Minutes 3–4: Database (RDS / Cloud SQL / Azure SQL)
- Check CPU utilization for all database instances in the last 30 days. Flag any instance averaging <20% CPU — it's likely over-provisioned.
- Look for Multi-AZ RDS instances in non-production environments (Multi-AZ doubles the cost; it's unnecessary for dev/staging).
- Check for RDS instances with no connections in the last 7 days — these are orphaned databases that can likely be terminated.
Minutes 5–6: Storage (S3 / GCS / Azure Blob)
- Check your largest S3 buckets' storage classes — flag any bucket storing primarily old data in Standard storage
- List unattached EBS volumes: EC2 → Volumes → filter Status = "available" — every "available" volume is waste
- Check for old snapshots: EC2 → Snapshots → sort by Start time — anything older than 90 days without a clear retention policy is a candidate for deletion
Storage gotcha: Deleting snapshots is irreversible. Before deleting, confirm that no AMIs reference the snapshot (EC2 → AMIs → check if any AMIs use the snapshot ID). Deleting a snapshot referenced by an AMI will cause AMI launch failures.
Minutes 7–8: Commitments (RIs / Savings Plans / CUDs)
- In AWS: Go to Cost Management → Savings Plans → Coverage report. If your compute coverage is below 60%, you're over-paying on on-demand.
- Check Reserved Instance utilization — RIs with <80% utilization are wasted commitments you're paying for but not using.
- Note the estimated monthly savings in the RI/SP recommendations panel — this is money you could capture today with a purchase.
Minutes 9–10: Networking
- Check for unused Elastic IPs (AWS: EC2 → Elastic IPs — filter for unassociated IPs — each costs $3.60/month)
- Look for idle load balancers — ALBs/NLBs with 0 or near-0 request counts in the last 30 days are waste (~$18/month each, plus data processing)
- Check NAT Gateway data charges — if NAT Gateway data processing is a significant line item, investigate whether traffic can be rerouted through VPC endpoints (free for S3/DynamoDB)
Your Audit Output: The Priority Matrix
After running through the checklist, categorize your findings:
| Priority | Criteria | Action |
|---|---|---|
| P1 — Do This Week | High savings (>$500/month), low risk (orphaned resources, clearly idle) | Delete, terminate, or stop immediately |
| P2 — This Month | Medium savings ($100–$500/month), requires verification | Verify usage, then act. Rightsize or reschedule. |
| P3 — Next Quarter | Commitment purchases (RIs/CUDs/SPs), architectural changes | Plan, get approval, execute |
| P4 — Track | Low savings (<$100/month) or unclear ownership | Tag for ownership, revisit in 30 days |
Audit cadence: Run this manual audit quarterly as a minimum. Monthly is better. The best teams automate continuous monitoring so waste is caught within days of being created, not months. Cloud Hero AI's Hero Savings does this automatically — and only charges 15% of what it actually finds and fixes.
Automating the Audit with Cloud Hero AI
The 10-minute manual audit above is a great starting point, but it has limitations: it only covers what you know to look for, it takes human time, and it's a snapshot in time. New waste appears constantly as your team deploys new services.
Cloud Hero AI's Hero Savings automates the entire audit process — scanning continuously across hundreds of waste categories, prioritizing by dollar impact, and providing one-click remediation. Because it charges only 15% of verified savings, the ROI is almost always positive from day one.
See Exactly How Much You're Wasting
Cloud Hero AI scans your AWS, GCP, or Azure account and finds waste automatically. We only charge 15% of what we actually save you. Nothing upfront. Nothing if we find nothing.
Run your free audit →