How to Reduce Cloud Egress Costs

A CDN caches content at edge locations, reducing the volume of data transferred from your origin servers. CloudFront egress rates are lower than direct S3/EC2 egress, and cached content is served without any origin transfer at all. For a typical web application, a CDN reduces origin egress by 60-90%. Cloudflare's CDN has no bandwidth caps on any plan, including free.

Compress every text-based response: HTML, CSS, JavaScript, JSON, XML, SVG. Brotli achieves 15-25% better compression than gzip. A 100KB JSON response compresses to 20-30KB, reducing your egress charge by 70-80% for that request. CloudFront and Cloudflare support automatic compression. Enable it at the CDN layer and at your application layer.

Cloudflare R2 is S3-compatible and charges zero egress fees. Any workload where the majority of cost comes from serving objects (static sites, media, CDN origins, public datasets) can eliminate egress entirely. Migration uses standard S3 tools. A team serving 50TB/month from S3 saves $4,352/month by switching to R2. That is $52,224/year.

Gateway VPC Endpoints route S3 and DynamoDB traffic over the AWS backbone instead of the internet. They are completely free and take minutes to set up. Any EC2 instance, ECS task, or Lambda function accessing S3 or DynamoDB should use a Gateway Endpoint. There is no reason not to have these enabled in every VPC.

Cross-region data replication is often set up during initial architecture and never revisited. Audit your replication policies: do you actually need S3 CRR to three regions? Can your disaster recovery strategy use single-region with Glacier? Each unnecessary replication stream costs $0.01-$0.02/GB transferred.

Cross-AZ transfer costs $0.01/GB each direction. While multi-AZ deployment is required for HA, not all traffic needs to cross AZ boundaries. Use AZ-aware routing in your load balancer, deploy read replicas per-AZ, cache frequently accessed data locally, and consider AZ-local endpoints for internal services. Kubernetes clusters should use topology-aware routing.

NAT Gateways charge $0.045/GB processed plus $32/month per gateway. Alternatives include: NAT instances (cheaper for low-traffic subnets), IPv6 egress-only internet gateways (free), VPC Interface Endpoints for AWS service traffic, and moving workloads to public subnets where appropriate. See our dedicated NAT Gateway cost guide for detailed alternatives.

AWS CloudFront offers Reserved Capacity pricing with 12-month commitments for predictable workloads. AWS Direct Connect provides lower egress rates for on-premises connectivity. Azure ExpressRoute unlimited plans offer flat-rate pricing. For enterprises spending $10K+/month on egress, these committed-use programs offer meaningful discounts.

Use HTTP caching headers (Cache-Control, ETag, Last-Modified) aggressively. Return 304 Not Modified for unchanged resources instead of re-sending the full response. Implement application-level caching (Redis, ElastiCache) to avoid regenerating identical responses. Each cached response eliminates both compute cost and egress cost.

Instead of moving data to your processing, move processing to where the data lives. Use AWS Lambda@Edge or CloudFront Functions to process at the edge. Use DynamoDB streams instead of polling. Process S3 data with Lambda in the same region rather than transferring to a central processing cluster. Architect for data locality to minimize transfer.

What is the fastest way to reduce cloud egress costs?

The fastest win is putting a CDN (CloudFront or Cloudflare) in front of your application. This reduces origin egress by caching content at edge locations, and CDN egress rates are lower than direct egress. For storage-heavy workloads, migrating to Cloudflare R2 eliminates egress entirely.

How much can I save on egress costs?

Typical savings range from 40-80% depending on your workload. CDN caching alone reduces origin egress by 60-90% for web applications. Compression saves 50-70% on text-based content. Switching to R2 for storage eliminates egress entirely. Combined, these strategies can reduce total egress spend by 80% or more.

Do VPC Gateway Endpoints reduce egress costs?

Yes. VPC Gateway Endpoints for S3 and DynamoDB are free and route traffic over the AWS backbone instead of the public internet, eliminating egress charges for that traffic. Interface Endpoints for other services cost $0.01/GB but can avoid NAT Gateway processing fees ($0.045/GB).

Should I use compression to reduce egress?

Absolutely. Enabling Brotli or gzip compression on all text-based responses (HTML, CSS, JS, JSON, XML) typically reduces transfer size by 50-70%. This directly reduces egress charges since you pay per GB transferred. CloudFront and Cloudflare both support automatic compression.