AWS has over 200 services. Most of them exist because Amazon noticed customers building something themselves and thought “we could charge for that.” That is not cynicism — it is literally their product strategy. Werner Vogels has said as much on stage.
The managed service model works brilliantly for AWS. You pay a premium for not having to think about operations. But here is what nobody talks about: for many of these services, the “convenience tax” is 5–10x what the underlying infrastructure actually costs. At scale, that tax becomes your biggest line item.
I have audited cloud bills for dozens of companies spending £50k–£500k per month on AWS. In almost every case, five services account for a disproportionate share of the overspend — and all five have self-hosted alternatives that are cheaper, often better, and not as hard to run as AWS wants you to believe.
1. NAT Gateway — The Silent Killer
What you are paying: £0.035/GB of data processed + £0.035/hour per gateway. Sounds cheap. It is not.
What it actually costs: A moderately busy application pushing 5TB/month through NAT Gateway pays roughly £175 in processing fees alone — per gateway, per AZ. Run three AZs (as AWS recommends) and you are at £525/month just for the privilege of your private subnets talking to the internet. I have seen companies spending £3,000–£5,000/month on NAT Gateway without realising it.
The alternative: A t3.micro instance running as a NAT instance costs about £7/month. Yes, you lose the managed high-availability. But you can run two of them behind an auto-scaling group for £14/month and get equivalent resilience for 97% less.
For even less operational overhead, consider fck-nat — an open-source NAT instance AMI built specifically to replace NAT Gateway. It handles failover, is battle-tested, and costs a fraction of the managed service.
When to keep NAT Gateway: If your data transfer through NAT is under 100GB/month, the managed service is fine. The convenience is worth it at low volumes. Above that, do the maths.
2. CloudWatch — Monitoring That Monitors Your Wallet
What you are paying: £0.30 per metric per month (first 10k), £0.76 per GB log ingestion, £0.03 per 1,000 GetMetricData API requests, plus dashboard costs, alarm costs, and Logs Insights query costs.
What it actually costs: A company with 50 microservices easily generates 5,000+ custom metrics and 500GB+ of logs per month. That is £1,500 in metrics + £380 in log ingestion + query costs. I regularly see CloudWatch bills of £3,000–£8,000/month.
The alternative: Prometheus + Grafana for metrics (free, open source, industry standard). Loki or OpenSearch for logs. The compute to run this stack is typically £200–£400/month on equivalent EC2 instances — or even less on dedicated hardware.
The tooling is also better. Grafana dashboards are more flexible than CloudWatch dashboards. PromQL is more powerful than CloudWatch Metrics Insights. And you are not paying per-query to search your own logs.
When to keep CloudWatch: For basic EC2/RDS metrics and alarms on a small deployment (under 10 services), CloudWatch is convenient and the cost is manageable. But the moment you start sending custom metrics or high-volume logs, the economics flip.
3. Application Load Balancer (ALB) — £20/month That Is Actually £200
What you are paying: £0.023/hour (£16.50/month base) + £5.84 per LCU-hour. AWS buries the real cost in “LCU” (Load Balancer Capacity Units) — a composite metric of new connections, active connections, bandwidth, and rule evaluations.
What it actually costs: Most production ALBs with reasonable traffic land at £80–£200/month each. Run separate ALBs for production, staging, and internal services (a common pattern) and you are at £300–£600/month.
The alternative: Caddy, Nginx, or HAProxy on a £15/month instance handles the same traffic with TLS termination, HTTP/2, and health checks. Caddy in particular provides automatic HTTPS with Let’s Encrypt — arguably a better developer experience than ACM.
For Kubernetes environments, an ingress controller (Traefik, Nginx Ingress) replaces ALB entirely and runs on resources you are already paying for.
When to keep ALB: If you are deeply integrated with AWS WAF, or using ALB’s native authentication features, the migration cost may not be worth it for a single load balancer. But if you are running three or more, self-hosting saves significantly.
4. Amazon OpenSearch (Elasticsearch) — The Markup Machine
What you are paying: OpenSearch instances start at £0.096/hour for a small t3.small.search. But nobody runs production search on a t3. A typical three-node r6g.large.search cluster with EBS storage runs about £700–£900/month. Need a dedicated master node? Add another £300.
What it actually costs: The same r6g.large instances as plain EC2 boxes cost £200/month for three. Add EBS storage and you are at £250–£300 total. The OpenSearch “managed service” markup is 200–300%.
The alternative: Self-hosted OpenSearch or Elasticsearch on EC2 (or dedicated hardware) at a third of the cost. Use the official Docker images, Ansible playbooks, or Kubernetes operators for deployment. The operational overhead is real but well-documented — snapshot backups, rolling upgrades, and shard management are solved problems.
For log search specifically, consider Loki (from Grafana Labs). It is simpler than Elasticsearch, costs less to run, and integrates natively with Grafana.
When to keep managed OpenSearch: If search is critical to your product (you are building a search engine, a marketplace with complex queries) and you do not have an engineer comfortable with Elasticsearch operations. The cost premium buys you peace of mind for a core product feature.
5. RDS — Good Service, Wild Markup
What you are paying: RDS Multi-AZ db.r6g.xlarge PostgreSQL: roughly £580/month. Add storage, IOPS, backup retention, and Performance Insights: £750–£1,000/month.
What it actually costs: The equivalent EC2 instance is £195/month. Add EBS gp3 storage and you are at £220–£250. The managed service costs 3–4x the raw infrastructure.
The alternative: Self-hosted PostgreSQL with automated backups (pgBackRest), streaming replication for HA, and PgBouncer for connection pooling. The setup takes a day. Ongoing maintenance is a few hours per month. For that, you save £500+/month per database instance.
If you want managed convenience without the AWS markup, consider services like Crunchy Bridge or Neon, which offer managed PostgreSQL at significantly lower prices than RDS.
When to keep RDS: If you have a single database, no dedicated DBA experience on the team, and the cost is under £300/month. The convenience is worth it at that scale. But if you are running four RDS instances (production, staging, analytics, and the one someone created “temporarily” last year), self-hosting the non-production instances alone saves £1,000+/month.
The Compound Effect
None of these individual line items looks catastrophic in isolation. Together, they add up:
| Service | Managed Cost | Self-Hosted Cost | Monthly Savings |
|---|---|---|---|
| NAT Gateway (3 AZ) | £525 | £15 | £510 |
| CloudWatch | £3,000 | £300 | £2,700 |
| ALB (×3) | £450 | £15 | £435 |
| OpenSearch (3-node) | £800 | £300 | £500 |
| RDS (×2 non-prod) | £1,000 | £250 | £750 |
| Total | £5,775 | £880 | £4,895 |
That is nearly £59,000 per year — real money, even for well-funded companies. And this is a conservative estimate for a mid-sized SaaS operation.
The Trade-Off Is Real — But Smaller Than You Think
AWS wants you to believe that self-hosting any of these services is a full-time job. It is not. Modern tooling (Terraform, Ansible, Kubernetes operators) has dramatically cut the operational overhead. A senior engineer can set up and maintain all five of these self-hosted alternatives as a part-time responsibility.
The question is not “managed vs self-hosted.” It is “is the convenience worth 3–10x the cost at our current scale?” For a 5-person startup, usually yes. For a 50-person company spending £100k/month on AWS, usually no.
Not sure which services are eating your budget? Book a Platform Fit Verdict and we will break down your bill line by line.