NEW: Real-Time Usage Tracking for AI Agents — track Claude Code, Kimi, Codex & more. Try it free →

CostGoat Logo

CostGoat

Cloud · AWS · April 30, 2025

$9,700 — a chatty microservice through one NAT gateway cost $9.7K in a month

Vendor

AWS

Service

NAT Gateway

Amount

$9,700 (reported)

Timeframe

30 days before an alarm

Cause

NAT data-processing charges

Outcome

Fixed the setup

Who's exposed: Any AWS account pushing high-volume egress through a NAT gateway. A chatty service or unbatched calls make the per-GB data-processing charge compound quietly.

Self-reported with a full cost and rate breakdown. r/aws (by u/Leather-Form1805)

What happened

A team ran what looked like a textbook AWS setup: two private subnets with one NAT gateway per availability zone. A new microservice began calling an external API around 5,000 times a minute, and all of that egress routed through the NAT gateway. At roughly 4TB a day for 30 days, the NAT data-processing charge alone reached $9,700. Nothing flagged it in real time. Cost Explorer's alert fired only after the billing month closed, by which point the finance team was the one who noticed.

Root cause

A NAT gateway charges for every gigabyte it processes, about $0.045 per GB on top of an hourly fee, and cross-AZ traffic adds more. That stays invisible until volume climbs. A high-frequency service sending all of its traffic through NAT turns a per-GB rate into a large monthly number. Traffic bound for AWS services like S3 or DynamoDB could have skipped the NAT through a free gateway endpoint, but with no endpoints or prefix lists in place, everything took the metered path. Cost Explorer's monthly cadence meant the signal arrived a month late.

How to avoid it

Add free VPC gateway endpoints for S3 and DynamoDB so that traffic never touches the NAT. Gateway endpoints for those services cost nothing and remove the most common source of NAT data-processing charges.

Alarm on NAT gateway BytesProcessed daily, not just on the monthly bill. A per-day alarm turns a month-long leak into a same-day catch.

For heavy external egress, batch or compress requests, or right-size to a NAT instance. The cost scales with gigabytes processed, so cutting volume cuts the bill directly.

CostGoat watches your AWS bills, so a surprise like this reaches you as an alert, not an invoice.

More Bill Shock stories

August 28, 2022

$213,000 — a hacked account ran Lambda in six regions overnight and support first said it was on you

January 15, 2025

$450,000 — a compromised key ran up 19 billion translations on Google Cloud

June 7, 2024

$96,000/wk — artists fled Meta's AI policies to Cara, and its serverless bill scaled as fast as its users

February 27, 2024

$104,500 — a DDoS on one sound file ran a free static site to a $104K bill

← All Bill Shock stories

AI Pricing

Gemini API PricingClaude API PricingGoogle Veo PricingAI Cost CalculatorsReplicate API PricingOpenRouter API PricingOpenRouter Free Models
DownloadsPricingDashboardContactIssuesAffiliatesTermsPrivacy

© 2026 CostGoat. All rights reserved.

Made by Functioncraft: Redis GUI Client · SSH GUI Client

Affiliate disclosure: Some links earn CostGoat a commission or credit when you sign up — no extra cost to you.