I have been charged for EC2 when I have no instances ever created in that region

US East (N. Virginia) Amazon Elastic Compute Cloud running Linux/UNIX USD 2.61 $1.232 per On Demand Linux c5a.8xlarge Instance Hour 2.118 Hrs

Topics

Compute Cloud Financial Management

Tags

Amazon EC2 AWS Billing AWS Cost Categories

Language

English

arkan leki

asked 10 months ago283 views

1 Answer

Newest
Most votes
Most comments

Accepted Answer

You can search CloudTrail to find out the who launched the instance to help track this down.

EXPERT

kentrad

answered 10 months ago

EXPERT

Sedat Salman

reviewed 10 months ago

EXPERT

Hiroki Takahashi

reviewed 10 months ago

arkan leki
10 months ago
Thanks , I found the event in CloudTrail and discovered that I attempted to launch my app on an EC2 instance in the Frankfurt region. However, I encountered an issue with the AWS CLI configure credentials, causing the launch to fail. To confirm the issue, I tried launching the app in another region, but it also failed to create the instance. Despite the failures, I noticed that I was still charged for the demand EC2. I'm uncertain if I had selected the 'instanceType' as 'c5a.8xlarge'.

Here's a breakdown of the important details from the log entry:

Event Time: July 2, 2023, at 11:33:15 UTC. Event Source: The event was generated by the 'ec2.amazonaws.com' service. Event Name: 'RunInstances' - Indicates an attempt to launch an EC2 instance. User Identity: I, as an IAM user, was identified by the username '#was_me', but the principal ID was incorrect ('wrong key'). I belong to the AWS account with the ID '300684590307'. Request Parameters: The provided parameters for launching the instance, including the image ID, instance type, security group name, etc. Error: The operation resulted in an unauthorized error with the code 'Client.UnauthorizedOperation'. The error message is encoded for security reasons and is not visible in the provided log entry. TLS Details: Information about the TLS (Transport Layer Security) connection used for the API call, including the TLS version, cipher suite, and client-provided host header."
kentrad EXPERT
10 months ago
You can decode the error message to see if it offers anymore information: https://awscli.amazonaws.com/v2/documentation/api/latest/reference/sts/decode-authorization-message.html
kentrad EXPERT
10 months ago
If you have AWS Config turned on, you can gain some more insight into the lifetime of the instance. Also, if you turn resource ids on your Cost and Usage Reports, you can get down to the specific instance that the charge is for.
arkan leki
10 months ago
Cloud Watch Metric for that EC2 instance is 2 hours and 10 minutes of CPUUtilization , Should the responsibility for using this computation time of 2 hours and 10 minutes of CPUUtilization lie with the user or AWS

Relevant content

I have problem create on-demand macOS
Accepted Answer
Shawn
asked a month ago
Being charged, but have no services running?
MeltingDog
asked 6 months ago
Why have I been charged?
El
asked 9 months ago
Amazon Elastic Compute Cloud Dedicated per Region Fee with Reserved Instances
VALD
asked 2 years ago
Why do I have running EC2 instances that I didn't launch?
AWS OFFICIALUpdated a year ago
Why can't I run sudo commands on my EC2 Linux instance?
AWS OFFICIALUpdated 9 months ago
How do I migrate my SSL certificate to the US East (N. Virginia) Region to use with my CloudFront distribution?
AWS OFFICIALUpdated 9 months ago
Why am I being charged for Amazon EC2 when all my instances were terminated?
AWS OFFICIALUpdated 2 years ago
Why am I seeing charges for 'Public IPv4 addresses' when I am under the AWS free tier?
EXPERT
dnyanesh-db
published 2 months ago
Introducing Amazon EC2 I4g storage-optimized instances
EXPERT
Markus Adhiwiyogo
published a year ago