DEV Community

Cover image for Introducing AWS FinOps Agent - An AI That Investigates Your Cloud Costs
AWS Community Builders profile image Sarvar Nadaf
Sarvar Nadaf for AWS Community Builders

Posted on

Introducing AWS FinOps Agent - An AI That Investigates Your Cloud Costs

#ai #aws #discuss #agents

👋 Hey there, Tech Enthusiasts!

I'm Sarvar, a Cloud Architect who loves turning complex tech problems into simple solutions. I've worked with AWS, Azure, DevOps, Data, Analytics, Generative-AI and Agentic-AI building real systems for real companies. In this article series, I'll share what I've learned in a way that's easy to follow, whether you're experienced or just getting started.

Let's get into it! 🚀

If you have managed AWS costs across multiple accounts, you know the pain. You get an alert at 9 AM that something spiked overnight. You open Cost Explorer, filter by service, then by account, then by region. Then it is over to CloudTrail to figure out what changed. By the time you trace it to a developer who launched a new instance type in a test account, two hours have passed. And that was just one anomaly.

I have been doing this for years across organizations running 50 to 500 AWS accounts. Monthly cost reviews, chasing engineers for explanations, building reports in spreadsheets that nobody reads until budget meetings. When AWS announced the FinOps Agent in public preview on June 9, 2026, I cleared my afternoon and set it up.

This article is my honest take after spending real time with it what it does well, where it fits in an enterprise setup, and how it changes the daily work for architects and FinOps teams.

What Is AWS FinOps Agent, in Plain Terms?

It is an AI agent that sits on top of your existing AWS cost tools Cost Explorer, Cost Anomaly Detection, Cost Optimization Hub, Compute Optimizer, and CloudTrail and does the manual work you have been doing yourself.

You ask it questions in plain English. It pulls data from those services, correlates events, and gives you answers. You can also tell it to run tasks on a schedule or react when a cost anomaly fires.

It runs in us-east-1 during the preview, but it can see cost data from all your regions (except GovCloud and China). It is free during the preview period with a monthly usage cap.

The underlying engine uses Amazon Bedrock foundation models, but you do not need to know or care about that. You just talk to it.

Setting It Up Genuinely Simple

I was expecting a 30-minute setup with IAM policy headaches. It took about 5 minutes.

Here is the actual flow:

  1. Open the AWS Console, switch to us-east-1, find FinOps Agent
  2. Click "Get Started" and give your agent a name
  3. It creates an IAM role for you with one click read-only access to billing and cost management services
  4. Optionally connect Jira and Slack
  5. Open the web application and start asking questions

That is it. No CloudFormation stack, no Terraform module, no custom Lambda functions. The whole process felt like it was designed for people who have better things to do than fight with IAM policies.

One thing to note: if you have multi-session enabled in your AWS Console, disable it first. I hit a permissions error during Slack setup that traced back to this. The documentation does not make this obvious upfront.

Also, if you are setting up Slack, you need to add the FinOps Agent app as a member of the channel before configuring the integration in the console. Miss that step and you will get an error with no helpful message. The AWS docs mark it as "Important" but it is easy to skip over.

The First Question I Asked

I opened the chat and typed:

"What were my top 5 cost drivers last month, grouped by service and account?"

Within about 15 seconds, it came back with a table showing exactly that. It pulled from Cost Explorer, broke it down by service, showed the account names, and included the percentage change from the previous month.

No dashboard to build. No saved report to configure. Just a question and an answer.

I then asked a follow-up about why EC2 costs went up in one of my accounts. The agent went deeper it identified the instance type that caused the increase, surfaced the relevant CloudTrail event showing when those instances were launched, and pointed to the IAM role that made the API call.

That kind of investigation jumping between Cost Explorer and CloudTrail, matching timestamps, finding the right principal usually takes me 20 to 30 minutes. The agent did it in under a minute.

One thing I learned quickly: by default, costs shown include credit adjustments. If you want pre-credit numbers (which is what most enterprises care about for budgeting), you need to say that in your prompt. I told the agent to always exclude credits, and it remembered that preference in my next session without me repeating it.

Where This Solves Real Enterprise Pain

Let me map this to the problems I have seen in every organization I have worked with.

Problem 1: Cost Anomalies Go Uninvestigated

Every enterprise I know has AWS Cost Anomaly Detection turned on. Most of them also have a shared email inbox or Slack channel where those alerts land. And in most cases, those alerts sit there for hours or days before someone looks at them.

The reason is simple investigation is manual and time-consuming. AWS FinOps Agent automates this. You set up an automation that says: "When a cost anomaly is detected above $500, investigate it, find the root cause, and post the findings to our #finops-alerts Slack channel."

From that point, every anomaly gets investigated the moment it arrives. The output includes what changed, the CloudTrail event that caused it, the IAM principal responsible, and a summary of the likely root cause.

For a small FinOps team supporting many accounts, this is the difference between catching problems in hours versus catching them in days.

Problem 2: Engineers Cannot Self-Serve Cost Information

In most enterprises, if a developer wants to understand their team's cost, they either need Cost Explorer access (which many organizations restrict) or they file a request with the central FinOps team.

This creates a bottleneck. In my experience, the FinOps team ends up spending a significant chunk of their time answering basic questions like "How much did our staging environment cost last month?" or "Which of our Lambda functions is the most expensive?"

With FinOps Agent, engineers ask their question, the agent answers it using real data, and the FinOps team never gets involved.

You can also upload context files a CSV that maps accounts to team owners, a document that explains your tagging conventions, a list of which cost centers map to which business units. The agent uses this context to understand questions like "What is Team Alpha spending?" without anyone having to explain which accounts belong to Team Alpha.

Problem 3: Monthly Reports Are a Time Sink

Every FinOps team I have worked with produces some version of a monthly cost report. It goes to finance, to engineering leadership, sometimes to the CTO. Building it involves exporting data from Cost Explorer, formatting it in a slide deck or spreadsheet, adding commentary about what changed, and sending it out.

This takes 4 to 8 hours per month in my experience. Some teams spend even longer because different stakeholders want different views.

FinOps Agent lets you schedule these. You tell it: "Every Monday at 8 AM, generate a cost report for last week broken down by business unit, highlight any changes over 10%, and deliver it as a PDF to the #finops-weekly Slack channel."

It runs on schedule. No human involvement. The report shows up in Slack every Monday. You can set up different reports for different audiences a detailed one for engineering leads, a summary for finance, an executive view for the CTO.

The output formats are HTML, PDF, or PPT all presentation-ready.

Problem 4: Optimization Recommendations Sit in a Dashboard Nobody Checks

AWS Cost Optimization Hub and Compute Optimizer both produce solid recommendations rightsizing opportunities, idle resources, Savings Plans suggestions. The problem is that these recommendations live in AWS dashboards that engineers rarely check.

FinOps Agent can pull these recommendations, summarize them, and create Jira tickets assigned to the team that owns each resource. Instead of a FinOps analyst manually reviewing the dashboard and creating tickets, the agent does it on a schedule.

Example automation: "Every Thursday, check Cost Optimization Hub for new recommendations over $100/month in potential savings. For each one, create a Jira ticket in the INFRA project with the recommendation details, the affected resource, and the estimated savings."

Now optimization work flows into engineering sprints naturally, without someone manually copying data between tools.

How It Fits Into an Enterprise Architecture

Let me describe how I would deploy this in a typical multi-account enterprise setup.

Management Account Setup

You create the FinOps Agent in your management account (or the account that has the consolidated billing payer role). This gives it visibility across all member accounts. The IAM role it creates is read-only by default it cannot make changes to your infrastructure.

Member account owners can also create their own agent scoped to just their account if they want independent cost visibility without management account access. This means you can have multiple agents with different scopes a central one for the FinOps team and individual ones for teams that want their own view without seeing the full organization.

Access Patterns

Role How They Use It
FinOps Team Set up automations for anomaly investigation, scheduled reports, optimization ticket creation
Engineering Leads Ask ad-hoc cost questions about their team's spend
Finance Receive scheduled reports in their preferred format
Platform Team Monitor shared infrastructure costs, investigate spikes in shared services
Individual Engineers Self-serve answers about their service's cost impact

How the Pieces Connect

The agent reads from your existing AWS cost services Cost Explorer for spend data, Cost Anomaly Detection for alerts, Cost Optimization Hub and Compute Optimizer for recommendations, and CloudTrail for change history. It writes only to Jira and Slack when you configure those integrations and trigger a task. It does not modify any AWS resources.

Security Model

  • IAM role-based access (you control what it can read)
  • Read-only by default against billing services
  • Write actions (Jira tickets, Slack posts) only happen when you configure and trigger them
  • All activity logged in CloudTrail for audit
  • No cross-account write permissions
  • The agent uses Amazon Bedrock foundation models to process your queries your cost data is accessed through IAM roles within your own account and does not leave AWS

One thing worth noting for architects evaluating risk: this service has zero infrastructure dependency. Your actual cost tools, accounts, and resources are unchanged. If the agent were deprecated tomorrow, you would be back to manual work not rebuilding systems. That makes it a low-risk addition to your environment during preview.

What I Noticed During Hands-On Testing

The Good

Speed of answers. Asking a cost question and getting a real answer in 15-30 seconds changes your workflow. I found myself asking follow-up questions I would never have bothered investigating manually.

Root cause correlation. The fact that it connects Cost Anomaly Detection alerts to CloudTrail events automatically is genuinely useful. This is the step that takes the most time in manual investigation.

Scheduled tasks actually work. I set up a weekly report for Thursday morning. It fired within 2 minutes of the scheduled time, and the PDF it produced was clean and readable. Results also get stored in an "Artifacts" tab in the web app for later access.

Context files are powerful. After uploading an account-to-team mapping, the agent started answering team-level questions correctly without any additional configuration.

Memory across sessions. I told it to always exclude credits when showing cost totals. In my next session, it remembered that preference without me repeating it.

The Rough Edges (It Is Preview After All)

Slack messages are links, not inline content. When the agent posts to Slack, it sends a link back to the FinOps Agent web app rather than the full analysis inline. This means you still need to click through to see the details. For a quick glance during a busy morning, this adds friction.

Sending to Slack is not automatic. After the agent completes an analysis in a chat session, you still need to explicitly prompt "Please send this to Slack." Event-triggered automations handle routing on their own, but for ad-hoc queries you need that extra step.

English only. Prompts in other languages sometimes work, but responses are always in English. Some prompts get a flat "Only English is supported" response. Global enterprises will need multi-language support at GA.

Single region availability. The agent only runs in us-east-1 during preview. It can see multi-region cost data, but the console experience requires you to be in that region.

No IaC support yet. You cannot create the agent via CloudFormation or Terraform. Console-only setup for now. For enterprises that mandate infrastructure as code for everything, this is a blocker until GA.

Compute Optimizer queries are region-scoped. When I asked for rightsizing recommendations, it only checked us-east-1 by default. You need to specify other regions explicitly in your prompt. Easy to miss if you have workloads spread across multiple regions.

Trust but verify. Like any AI system, the agent can occasionally misidentify a root cause or produce an incomplete analysis. In the early days, treat its output as a strong starting point that still needs a human eye before you act on it or forward it to engineering. Once you have seen enough accurate results to build confidence, you can reduce oversight.

Real Workflow: Before and After

Let me lay out what a typical week looks like for a FinOps team before and after adopting this. These numbers assume automations are tuned and the agent is producing reliable output getting there takes a week or two of initial validation.

Before FinOps Agent

Monday morning:

  1. Check Cost Anomaly Detection alerts from the weekend (5 alerts) - 10 minutes
  2. Open Cost Explorer for each alert, filter by account/service/time - 15 minutes per alert
  3. Open CloudTrail, search for relevant API calls - 10 minutes per alert
  4. Write up findings and post to Slack - 5 minutes per alert
  5. Total: about 2.5 hours for 5 anomalies

Wednesday:

  1. Pull Cost Optimization Hub, review new recommendations - 30 minutes
  2. Create Jira tickets for engineering teams - 45 minutes

Friday:

  1. Build weekly cost report for leadership - 1.5 hours

Weekly total for routine FinOps work: roughly 5-6 hours

After FinOps Agent (once automations are stable)

Monday morning:

  1. Check Slack - 5 anomaly investigations already posted over the weekend with root causes identified
  2. Review findings, confirm no false positives - 15 minutes

Wednesday:

  1. Check Jira - optimization tickets already created for engineering teams
  2. Review for accuracy - 10 minutes

Friday:

  1. Weekly report already delivered to Slack on Thursday evening
  2. Quick review for anything unusual - 5 minutes

Weekly total: roughly 30 minutes of review instead of 5-6 hours of manual work

That freed-up time goes to strategic work: Savings Plans analysis, architecture reviews for cost efficiency, building chargeback models, negotiating Enterprise Discount Programs.

Who Should Try This Today

If you are in one of these situations, set it up this week:

  • FinOps team of 1-3 people supporting many accounts. The automation alone justifies the setup time.
  • Engineering organization where developers do not have Cost Explorer access. Give them the agent instead.
  • Any team that produces recurring cost reports manually. Automate them immediately.
  • Organizations where cost anomaly alerts go uninvestigated. Event-triggered investigation fixes this.

If you are a solo developer with one account and minimal spend, this is probably more than you need right now. But if your monthly bill is complex enough that you spend time understanding it, it is worth trying.

A word of caution: This is a preview service. There is no SLA, features may change before GA, and you should not wire it into critical production workflows without a plan for what happens if the service changes or pricing is introduced. Use it to learn and validate, and be ready to adjust when GA arrives.

What Early Customers Are Reporting

Several companies shared their experience during the preview period. Here is what stood out to me:

Workday runs their AI platform across many AWS accounts. Their team was spending hours every month chasing cost outliers and building leadership reports. They said that anomaly detection and reporting now happens from one natural-language interface, replacing what used to be hours of manual dashboard work.

Convera, a global commercial payments company in a regulated environment, focused on catching small cost changes before they compound. They described the agent completing the full loop detecting anomalies, investigating root cause, and creating Jira tickets for the right engineer so issues reach the owner directly instead of sitting in a shared queue.

Mitre 10, a New Zealand retailer with a lean platform team, was splitting time between reliability work and cost governance. They now define investigation workflows once and have them run continuously, instead of relying on someone remembering to check.

AVIV Group operates digital marketplaces across France, Germany, and Belgium with hundreds of AWS accounts. As they shift to a hybrid FinOps model, the agent answers engineer questions directly, freeing the central team for strategy and leadership reporting.

What I Am Watching For at GA

A few things I want to see before this moves from "useful preview" to "enterprise standard":

  1. Pricing at GA. It is free during preview. Enterprise adoption depends on what it costs relative to the time it saves.
  2. IaC support. We need CloudFormation and Terraform support to deploy this in governed environments.
  3. Inline Slack responses. The current link-based approach adds friction. Full findings posted inline would make the Slack integration much more natural.
  4. Multi-language support. Global enterprises need this.
  5. IAM Identity Center integration. For SSO-based access control in organizations that have moved away from IAM users.
  6. Deeper Slack interaction. Currently delivery-only engineers cannot ask the agent questions from within Slack. That would complete the loop.
  7. Multi-region Compute Optimizer queries by default. Should not require specifying regions manually.

Bottom Line

AWS FinOps Agent does not replace your FinOps team. It replaces the repetitive, manual investigation work that consumes most of their time. It takes the data that already exists across Cost Explorer, CloudTrail, Cost Optimization Hub, and Compute Optimizer, and makes it accessible through conversation instead of dashboards.

For architects, it means getting cost answers during design reviews without waiting for someone to run a report. For FinOps teams, it means spending time on strategy instead of triage. For engineering teams, it means getting cost context delivered to them in Jira and Slack instead of learning yet another AWS console.

It took me 5 minutes to set up, and within the first hour I had it answering questions, investigating anomalies, and scheduling weekly reports. For a preview service, that is a strong start.

The setup guide is at: https://docs.aws.amazon.com/finops-agent/latest/userguide/what-is.html

The console is at: https://us-east-1.console.aws.amazon.com/finops-agent/home

Try it while it is free. Worst case, you spend 10 minutes setting it up and decide it is not for you yet. Best case, you automate away hours of weekly grunt work and spend that time on work that actually needs a human brain.

Written after hands-on testing during the public preview period (June 2026). All features and behaviors described reflect the preview state and may change at general availability.

📌 Wrapping Up

Thanks for reading! If this was helpful:

  • ❤️ Like if it added value
  • 💾 Save for later
  • 🔄 Share with your team

Follow me for more on: AWS architecture, FinOps, DevOps, and AI Infrastructure.

👉 Visit my website | Connect on LinkedIn | Email: simplynadaf@gmail.com

Happy Learning 🚀

Top comments (0)