The latest articles on DEV Community by Abhishek Gupta (@abhishek_gupta_pinpo). https://dev.to/abhishek_gupta_pinpo https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3888783%2Fddd00119-fad5-440b-8a81-734215d9c447.png https://dev.to/abhishek_gupta_pinpo en Abhishek Gupta Mon, 20 Apr 2026 10:51:00 +0000 https://dev.to/abhishek_gupta_pinpo/finops-at-design-time-i-found-3840month-in-avoidable-spend-before-writing-a-line-of-terraform-oip https://dev.to/abhishek_gupta_pinpo/finops-at-design-time-i-found-3840month-in-avoidable-spend-before-writing-a-line-of-terraform-oip <p>FinOps is almost entirely retrospective. AWS Cost Explorer tells you what happened last billing cycle. Trusted Advisor tells you which resources are underutilised right now. Cost anomaly alerts fire after the anomaly has already run for hours.</p> <p>Every tool in the standard FinOps stack analyses infrastructure that already exists. Which means by the time any of them are useful, the structural decisions that determine 80% of your architecture's lifetime cost have already been made, deployed, and are now expensive to reverse.</p> <p>I have been an AWS solutions architect for nine years. The pattern is consistent, and I have been complicit in it: design the architecture, write the IaC, deploy, and then discover the cost. The Pricing Calculator gives you a static estimate that assumes steady-state traffic and correct configuration. Neither assumption holds under a real workload.</p> <p>This post is about a session where I broke that pattern - and caught $3,840 per month in avoidable spend before a single resource was provisioned.</p> <p><strong>The architecture</strong></p> <p>Event processing pipeline for a Series B SaaS product. Customer activity events ingested via API, processed asynchronously, stored for downstream analytics. Expected baseline: 1,200 RPS, with a 6× spike on campaign days.<br> Canvas topology in pinpole:</p> <p>Route 53 → API Gateway → Lambda (ingest) → SQS → Lambda (processor) → DynamoDB</p> <p>Lambda configured at 512 MB, reserved concurrency 200. DynamoDB in on-demand capacity mode. The AWS Pricing Calculator estimate at steady-state baseline: ~$4,100/month.</p> <p>Under a Constant simulation at 1,200 RPS, everything looked healthy. Cost settled at $4,230/month - close to the Pricing Calculator number, which felt like a good sign.</p> <p>Old workflow would have stopped there. Steady state is fine, cost is in range, proceed to deploy. pinpole's workflow does not stop there.</p> <p><strong>Finding 1: DynamoDB on-demand at spike load</strong></p> <p>I ran a Spike pattern at 7,200 RPS - the 6× campaign day load. The AI recommendations panel updated within seconds.</p> <p>The finding: DynamoDB on-demand at 7,200 RPS ingest, with 1.4× write amplification to a secondary index, was going to produce approximately $2,890/month in DynamoDB write costs alone on campaign days. Provisioned capacity with auto-scaling - minimum 1,500 WCU, maximum 12,000 WCU, target utilisation 70% - would bring that to approximately $740/month.<br> The Pricing Calculator estimate had modelled DynamoDB at steady-state write volume. It had not accounted for the spike multiplier. The difference: $2,150/month per month from one configuration decision.</p> <p><strong>Finding 2: Lambda memory allocation</strong></p> <p>The AI recommendation engine flagged that both Lambda functions at 512 MB were likely operating in a region of the memory/cost curve where increasing memory allocation reduces total compute cost despite the higher per-GB-second rate. The reason: execution duration drops non-linearly when CPU increases, because Lambda allocates CPU proportionally to memory.<br> I accepted the recommendation to 1,024 MB, reran the simulation. Projected Lambda cost dropped. The configuration that performs better under load also costs less to run - that counterintuitive result does not surface in any static calculator.</p> <p><strong>Finding 3: No distribution layer in front of API Gateway</strong></p> <p>Under spike load, API Gateway was absorbing the full request volume directly. Adding CloudFront to the canvas and rerunning showed that cacheable responses no longer hit the origin - API Gateway RPS at the ingest layer dropped meaningfully at peak, and the monthly API Gateway cost reduction offset the CloudFront cost.</p> <p><strong>The result</strong></p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th></th> <th>Before</th> <th>After</th> </tr> </thead> <tbody> <tr> <td>DynamoDB (campaign day)</td> <td>$2,890/mo</td> <td>$740/mo</td> </tr> <tr> <td>Lambda (both functions)</td> <td>Baseline</td> <td>Reduced</td> </tr> <tr> <td>API Gateway + CloudFront</td> <td>$X</td> <td>$X − delta</td> </tr> <tr> <td><strong>Total identified saving</strong></td> <td></td> <td><strong>$3,840/mo</strong></td> </tr> </tbody> </table></div> <p>All three findings identified before a deployment pipeline was touched. The post-deployment validation on the optimised configuration came in at $30 under the simulation projection.</p> <p><strong>The broader point</strong></p> <p>The dollar figure matters less than the mechanism. These are not obscure optimisations. DynamoDB capacity mode, Lambda memory right-sizing, and distribution layer decisions exist in almost every event-driven AWS architecture. They are routinely not caught until the first billing cycle - not because engineers are negligent, but because the tools required to catch them have historically required deployed infrastructure.</p> <p>That constraint is removable. The feedback loop that FinOps typically operates in - deploy, observe, optimise, redeploy - now has a step zero.<br> Full post with simulation methodology, execution history, and the design-time FinOps checklist I now run on every new service →</p> <p>14-day Pro trial, no credit card. Free tier available at <a href="https://dev.tourl">app.pinpole.cloud</a></p> aws finops cloudarchitecture devops