I'd like to know what's the best way to avoid unexpectedly high charges for a specific AWS service.
Setup
- Using
AWS Polly
text to speech service
- A specific
IAM
user with a specific policy
, only allowing full (*
) access to the particular service
- A
budget action
that assigns a read only policy
to that user when a certain threshold of the monthly limit (in terms of costs) is reached
Possible problem
This setup works, but the problem is that once the threshold is reached, the execution of the budget action (here: assignment of the read only policy) takes quite a long time - I've tested it and it took about 20 hours(!) before the restricted policy was assigned.
I've also looked into AWS Quotas
, but they don't seem to be the right solution as they are a very generic way to control the amount of request. Additionally, they can't be reduced but only increased.
Other solutions or steps to take?
Is there any AWS related way to further prevent being charged large amounts of money when someone (be it deliberately or accidentally) abuses the service? In the worst case I'll have to cover costs for about a whole day (see above) before any restrictive automatic measurements will be taken.
I can run the code from my backend and also implement some type of rate limiting, but still...