Cost of Running Access Analysis
    • 20 May 2024
    • 1 Minute to read
    • Dark
      Light

    Cost of Running Access Analysis

    • Dark
      Light

    Article summary

    Access analysis involves monitoring access logs for S3 buckets, RDS datastores and so on. The cost of running this service is completely variable depending on the actual access volumes for the particular datastore. We recommend enabling on access analysis on datastores incrementally in batches, monitor the costs of the access log collection, and then enabling the next batch of datastores.

    The primary costs are:
    Compute: the Acante Cloudtrail or Cloudwatch lambda service that picks up the logs, filters them, redacts any sensitive data and sends over the reduced logs to Acante log. AWS lambda pricing is document here.
    Cloudtrail (S3) Trail : AWS costs of turning on Cloudtrail for a bucket. AWS pricing is documented here
    Cloudwatch (RDS) : AWS costs of turning on Cloudwatch access logs for a RDS platform instance. AWS pricing is documented here

    All the above resources are tagged with the Acante default (managedBy = acante) or custom tags. The tags can be used for granular cost monitoring as documented here.