Terraform AWS Cost Optimization

5 Terraform Mistakes That Cost You Money on AWS

Common Terraform misconfigurations that silently inflate your AWS bill, and how to fix them with real-world examples.

· 3 min read

If you’ve been running Terraform on AWS for any length of time, chances are your infrastructure has a few hidden cost leaks. I’ve seen these patterns across hundreds of student projects and enterprise environments. Here are the five most common Terraform mistakes that silently drain your AWS budget — and how to fix each one.

1. Not Setting instance_type Defaults Wisely

Many engineers copy-paste t3.large or m5.xlarge from tutorials without right-sizing. In Terraform, you should use variables with sensible defaults:

1
2
3
4
5

variable "instance_type" {
  description = "EC2 instance type"
  type        = string
  default     = "t3.micro"  # Start small, scale up
}

The fix: Start with the smallest instance that works. Use AWS Compute Optimizer data to right-size after 2 weeks of production traffic.

2. Forgetting prevent_destroy on Stateful Resources

Accidentally destroying an RDS database or S3 bucket with years of data is every engineer’s nightmare:

1
2
3
4
5
6
7

resource "aws_db_instance" "production" {
  # ... config ...
  
  lifecycle {
    prevent_destroy = true
  }
}

The fix: Add prevent_destroy = true to every stateful resource. It costs nothing and saves everything.

3. Leaving Default Storage Encryption Off

Unencrypted EBS volumes and S3 buckets aren’t just a security risk — they also miss out on AWS’s free encryption and can trigger compliance audit failures that cost real money to remediate.

1
2
3
4
5
6
7
8
9

resource "aws_ebs_volume" "data" {
  availability_zone = "us-east-1a"
  size              = 100
  encrypted         = true  # Always enable this
  
  tags = {
    Name = "encrypted-data-volume"
  }
}

4. Not Using Spot Instances for Non-Critical Workloads

In my EKS courses, I show students how switching to Spot instances can reduce compute costs by 60-90%. Terraform makes this straightforward:

1
2
3
4
5

resource "aws_eks_node_group" "spot" {
  capacity_type = "SPOT"
  instance_types = ["t3.medium", "t3a.medium", "t3.large"]
  # Multiple instance types increase Spot availability
}

I’ve helped teams reduce their daily EKS costs from $15+ to under $3 using Spot instances with intelligent autoscaling.

5. Not Tagging Resources for Cost Allocation

Without proper tags, your AWS bill is an unreadable blob. Terraform makes tagging easy with default_tags:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12

provider "aws" {
  region = "us-east-1"
  
  default_tags {
    tags = {
      Environment = "production"
      Project     = "my-app"
      ManagedBy   = "terraform"
      Owner       = "platform-team"
    }
  }
}

The fix: Set default_tags in your provider block so every resource gets tagged automatically. Then enable AWS Cost Explorer tags to see exactly where your money goes.

Want to go deeper? My Terraform on AWS course covers all these patterns with 20+ real-world demos. And if you want weekly tips like this delivered to your inbox, join the newsletter.

Enjoyed this? Get more in your inbox.

Weekly DevOps & Cloud insights from a 383K+ Udemy instructor