--- id: devops-finops-cost title: FinOps — Cloud cost / Tagging / 최적화 category: Coding status: draft source_trust_level: B verification_status: conceptual created_at: 2026-05-09 updated_at: 2026-05-09 tags: [devops, finops, cost, vibe-coding] tech_stack: { language: "Terraform / AWS", applicable_to: ["DevOps"] } applied_in: [] aliases: [FinOps, cloud cost, tagging, RI, savings plan, spot, rightsizing] --- # FinOps > Cloud bill 가 OOC (out of control). **Tag → cost allocation, RI / Savings Plan, spot, rightsizing, idle 제거** 5종. 보통 30-50% 절감 가능. ## 📖 핵심 개념 - Tag: 자원에 메타 (env, team, project). - Cost allocation: tag 기반 청구. - Reserved / Savings: 1년+ 약정 = 30-70% 할인. - Spot: 대기 가능한 작업 = 70-90% 할인. ## 💻 코드 패턴 ### Tagging strategy ```hcl # Terraform — default tags provider "aws" { default_tags { tags = { Environment = var.env Team = var.team Project = var.project CostCenter = var.cost_center ManagedBy = "terraform" } } } ``` → AWS Cost Explorer 가 tag 별 청구 분석. ### IAM 강제 — 미태그 금지 ```json { "Effect": "Deny", "Action": ["ec2:RunInstances", "rds:CreateDBInstance"], "Resource": "*", "Condition": { "Null": { "aws:RequestTag/Team": "true" } } } ``` ### 비용 모니터링 ```ts // AWS Cost Explorer API const ce = new AWS.CostExplorer({ region: 'us-east-1' }); const r = await ce.getCostAndUsage({ TimePeriod: { Start: '2026-05-01', End: '2026-05-09' }, Granularity: 'DAILY', Metrics: ['UnblendedCost'], GroupBy: [{ Type: 'TAG', Key: 'Team' }], }).promise(); ``` ```yaml # Slack alert if cost spike - alert: DailyCostSpike expr: aws_cost_today > 2 * aws_cost_avg_7d ``` ### Reserved Instances / Savings Plans ``` On-demand: $100/month Reserved 1y: $60 (40% off) Reserved 3y: $40 (60% off) Savings Plan: $50 (50% off, 더 유연) ``` → 안정적 baseline = RI / SP. spike = on-demand. ### Spot instances ```hcl resource "aws_instance" "worker" { instance_market_options { market_type = "spot" spot_options { max_price = "0.05" } } } ``` → 1-2분 알림 후 종료. Stateless / batch / autoscaling group. ```hcl # K8s — Karpenter provisioner: spec: requirements: - { key: karpenter.sh/capacity-type, operator: In, values: [spot, on-demand] } ``` ### Rightsizing ```bash # CloudWatch + Compute Optimizer aws compute-optimizer get-ec2-instance-recommendations # → "이 t3.large 는 t3.small 로 충분" ``` → CPU / memory < 20% 사용 = 작게. ### Idle 자원 (가장 흔한 낭비) ```bash # 미사용 EBS volumes aws ec2 describe-volumes --filters Name=status,Values=available # Idle ELB (no traffic) # Stopped EC2 (EBS 비용 그대로) # Old snapshots aws ec2 describe-snapshots --owner-ids self --query 'Snapshots[?StartTime<`2025-01-01`]' # Unused EIP aws ec2 describe-addresses --filters Name=association-id,Values= ``` ```bash # 매일 정리 aws ec2 delete-volume --volume-id $UNATTACHED ``` ### Scheduled scaling (dev) ```hcl # Dev 환경 = 9-18 만 켜기 (50% 절감) resource "aws_autoscaling_schedule" "off" { scheduled_action_name = "off-evening" recurrence = "0 18 * * 1-5" desired_capacity = 0 ... } resource "aws_autoscaling_schedule" "on" { scheduled_action_name = "on-morning" recurrence = "0 9 * * 1-5" desired_capacity = 2 } ``` ### Data transfer (숨은 비용) ``` Same-AZ: free Cross-AZ: $0.01/GB Cross-region: $0.02-0.09/GB Internet egress: $0.05-0.09/GB NAT gateway: $0.045/GB + $0.045/hour → VPC endpoint 로 S3 / DynamoDB 직접 (free) ``` ### S3 storage class ``` Standard: $23/TB/mo Intelligent-Tier: 자동 전환 Standard-IA: $12.5/TB/mo (가끔 access) Glacier: $4/TB/mo (long backup) Glacier Deep: $1/TB/mo (rare) ``` ```hcl resource "aws_s3_bucket_lifecycle_configuration" "main" { rule { status = "Enabled" transition { days = 30; storage_class = "STANDARD_IA" } transition { days = 90; storage_class = "GLACIER" } } } ``` ### Budget alarm ```hcl resource "aws_budgets_budget" "monthly" { name = "monthly" budget_type = "COST" limit_amount = "10000" limit_unit = "USD" time_unit = "MONTHLY" notification { threshold = 80 threshold_type = "PERCENTAGE" notification_type = "ACTUAL" subscriber_email_addresses = ["finance@acme.com"] } } ``` ### LLM cost (위 AI_LLM_Cost_Optimization) ``` LLM = 새로운 cloud bill. 별도 추적. ``` ## 🤔 의사결정 기준 | 절감 영역 | 우선순위 | |---|---| | Idle 자원 | 즉시 (매주 cleanup) | | Rightsizing | 월별 | | Tag + visibility | 즉시 | | RI / Savings | 6개월 안정 후 | | Spot | Stateless 작업 | | Data transfer | VPC endpoint | | S3 lifecycle | 항상 | ## ❌ 안티패턴 - **Tag 없음**: cost 누구 책임 모름. - **모든 자원 on-demand**: RI / SP 없으면 30-70% 더. - **Dev 24h 켜둠**: 70% 낭비. - **Spot prod stateful**: 강제 종료 시 데이터 잃음. - **Snapshot / EBS / EIP 청소 X**: 매월 누적. - **Cross-AZ 무절제**: $$$/GB. - **Cost monitoring 없음**: 청구서 보고 놀람. ## 🤖 LLM 활용 힌트 - Tag → visibility → 액션. - Idle 청소가 가장 ROI. - Spot + Karpenter 자동. ## 🔗 관련 문서 - [[DevOps_Terraform_Patterns]] - [[DevOps_Kubernetes_Basics]] - [[AI_LLM_Cost_Optimization]]