Waste Detection
Waste detection identifies AWS resources that are incurring charges without delivering value. These are resources that have been forgotten, orphaned by deleted workloads, or left behind after testing and development activities.
Cloud waste is one of the most common and preventable sources of overspending. Industry studies consistently show that 25-35% of cloud spend is wasted on idle or unused resources. Guardian Pro's waste detection surfaces these opportunities so you can reclaim that budget.
Types of Waste
Guardian Pro detects several categories of resource waste:
Idle Resources
Resources that exist and are running but show minimal or no utilisation:
| Resource Type | Idle Indicators |
|---|---|
| EC2 Instances | Very low CPU utilisation sustained over an extended period |
| RDS Instances | Very low CPU and minimal database connections |
| NAT Gateways | Deployed but processing negligible traffic |
| Load Balancers | No registered targets, or registered targets with zero traffic |
| ElastiCache Clusters | Minimal cache hits and very low CPU |
| Redshift Clusters | Minimal query activity |
Unattached Resources
Resources that were once connected to active infrastructure but are now orphaned:
| Resource Type | Description |
|---|---|
| EBS Volumes | Volumes not attached to any EC2 instance, typically left behind after instance termination |
| Elastic IP Addresses | EIPs not associated with a running instance (AWS charges for unattached EIPs) |
| EBS Snapshots | Old snapshots for volumes or instances that no longer exist |
| RDS Snapshots | Manual database snapshots that are no longer needed |
| AMIs | Custom machine images for instance configurations that are no longer in use |
AWS charges for Elastic IP addresses that are not associated with a running instance. This is a common surprise cost for teams that release instances but forget to release the associated EIPs.
Unused Resources
Resources that are provisioned but have never been meaningfully used:
| Resource Type | Description |
|---|---|
| Unused Security Groups | Security groups not associated with any resource |
| Empty S3 Buckets | Buckets with no objects or minimal storage |
| Unused Secrets | Secrets Manager secrets that have not been accessed |
| Unused KMS Keys | Customer-managed keys with no recent encrypt/decrypt activity |
Over-Provisioned Resources
Resources where provisioned capacity far exceeds actual usage:
| Resource Type | Description |
|---|---|
| Over-provisioned EBS | Volumes with significantly more storage allocated than used |
| Over-provisioned IOPS | io1/io2 volumes with provisioned IOPS far above actual usage |
| Over-sized instances | Covered in detail under Rightsizing |
Viewing Waste Detection Results
In Cost Intelligence
Navigate to Cost Analysis and open the Waste Detection or Recommendations section to see all identified waste with estimated savings.
Each waste finding includes:
| Field | Description |
|---|---|
| Resource | The specific resource identifier and name |
| Type | The category of waste (idle, unattached, unused, over-provisioned) |
| Service | The AWS service (EC2, EBS, RDS, etc.) |
| Region | Where the resource is deployed |
| Monthly Cost | Current monthly cost of the wasted resource |
| Recommendation | Specific action to eliminate the waste |
| Risk Level | Impact level of the recommended action |
In the Action Centre
Waste findings also appear in the Action Centre as cost optimisation findings, integrated alongside security and compliance findings. This unified view lets you see the complete picture for any resource -- including both its security posture and its cost efficiency.
Common Waste Scenarios
The Forgotten Test Environment
A development team spins up an EC2 instance, an RDS database, and an ElastiCache cluster for testing. Testing completes, but the resources are not terminated. Three months later, they are still running at a combined cost of hundreds of dollars per month.
Guardian Pro detects: Idle EC2 instance, low-utilisation RDS instance, minimal cache activity on ElastiCache.
The Orphaned Volume
An EC2 instance is terminated, but its EBS volume was not set to "Delete on Termination." The volume persists, unattached, accumulating storage charges indefinitely.
Guardian Pro detects: Unattached EBS volume with no instance association.
The Snapshot Hoarder
Automated backup scripts create daily EBS snapshots, but no lifecycle policy removes old snapshots. After a year, thousands of snapshots exist for volumes that may no longer be relevant.
Guardian Pro detects: Aged snapshots with no associated active volume.
The Overbuilt VPC
A VPC was set up with NAT Gateways in every Availability Zone, multiple load balancers, and VPN connections. The workload running in the VPC uses a fraction of this networking infrastructure.
Guardian Pro detects: NAT Gateways with minimal traffic, load balancers with no targets.
Taking Action
Review Before Deleting
Always verify that a resource flagged as waste is truly unnecessary before deleting it. Some resources may appear idle but serve a critical purpose during specific events (e.g., disaster recovery resources, seasonal batch processing infrastructure).
Before acting on a waste finding:
- Check who owns the resource (review tags, especially
OwnerorTeamtags). - Verify the resource is not part of a disaster recovery or failover configuration.
- Check if the resource is referenced by Infrastructure as Code templates (CloudFormation, Terraform).
- For unattached volumes and snapshots, confirm no one needs the data before deletion.
Automated Cleanup
For low-risk waste categories, Guardian Pro can help automate cleanup:
- Unattached EBS volumes -- Can be snapshotted (as a safety net) and then deleted.
- Unused Elastic IPs -- Can be released directly.
- gp2 to gp3 migration -- Can be applied with no downtime.
Higher-risk actions (like terminating instances or deleting databases) are presented as guided recommendations with manual steps.
Preview Before Execute
For waste findings that support automated remediation, Guardian Pro provides a preview showing exactly what will happen before you confirm the action. This preview includes:
- The specific API calls that will be made
- The expected outcome
- Whether the action is reversible
- For supported resources, a rollback option if the action needs to be undone
Preventing Future Waste
Beyond detecting existing waste, consider these preventive practices:
Tagging Standards
Implement mandatory tags for all resources:
OwnerorTeam-- Who is responsible for this resourceEnvironment-- Production, staging, development, testProject-- Which project or application this resource belongs toExpirationDate-- When this resource should be reviewed for deletion
Lifecycle Policies
Set up automated lifecycle management:
- S3 lifecycle rules to transition infrequently accessed data to cheaper storage classes
- EBS snapshot lifecycle policies to automatically delete snapshots older than a retention period
- Auto-termination schedules for non-production environments
Cost Awareness Culture
Use Guardian Pro's Budget and Anomaly Detection features to make cost visibility a regular part of your engineering workflow.
Savings Impact
Waste elimination typically delivers the fastest return on cost optimisation efforts because:
- Immediate savings -- Deleting an unused resource stops charges immediately
- Zero performance risk -- Removing truly idle resources has no impact on workload performance
- Low effort -- Most waste cleanup actions are simple delete or release operations
Track your waste elimination savings in the Savings Tracker.
Next Steps
- Rightsizing -- Optimise resources that are being used but are over-provisioned
- Savings Plans -- After eliminating waste, commit remaining usage for discounts
- Savings Tracker -- Measure the impact of your cleanup efforts