5

I manage an actually not very big website, but Lambda is used extensively, invoked many times per site visit, resulting in hundreds of thousands of calls per month.

I noticed a spike in CloudTrail costs. Digging further I found that the biggest offender is calls to CreateLogStream made by the Lambda infrastructure, i.e. it is AWS's code doing this, not mine. My CloudTrail costs due to CreateLogStream are 100x the Lambda costs (Lambda's Free Tier distorts this ratio somewhat).

Short of completely deactivating CloudTrail, is there any way to stop incurring these charges?

Alex R
  • 972
  • 3
  • 12
  • 26
  • CloudTrail pricing "The first copy of management events within each region is delivered free of charge. Additional copies of management events are charged $2.00 per 100,000 events. Data events are charged at $0.10 per 100,000 events.". How many request are being made, and what is it costing you? Data events are disabled by default. – Tim Nov 15 '20 at 08:53
  • We're facing the same issue and it's costing us a lot of money. Seems crazy that there's no way to turn off this useless logging. – pir Jan 21 '22 at 10:20
  • @Tim's question is a good one - the first copy of a management event should be free, so unless you've got multiple trails set up this shouldn't be occurring? – shearn89 Jan 24 '22 at 17:15
  • https://aws.amazon.com/premiumsupport/knowledge-center/cloudtrail-data-management-events/ - has more info on what type of event things are. – shearn89 Jan 24 '22 at 17:16

1 Answers1

2

It looks like you can use Advanced Event Selectors on the trail config to exclude/include specific sources, lambdas, etc. for data events.

Update: I've tested this myself. I can create a trail to monitor all Lambda (data) events, with a filter for a specific one. I can then invert the filter to exclude that one. But I'm not sure if it's going to exclude the actual createLogStream calls, as that might be on a different object.

shearn89
  • 3,143
  • 2
  • 14
  • 39