Data transfer is the most misunderstood cost on AWS bills. See EC2 data transfer pricing for current rates. It appears as dozens of line items across services, making it hard to track. For many companies, data transfer is the third-largest AWS cost after compute and storage — yet it's the least optimized. The charges seem small per GB, but at scale they represent 10-20% of total AWS spend.
TL;DR: Three changes that save the most on data transfer: (1) Use VPC endpoints for S3 and DynamoDB — eliminates NAT Gateway processing fees ($0.045/GB saved per request). (2) Serve content through CloudFront — egress through CloudFront costs $0.085/GB vs $0.09/GB direct, plus caching reduces origin requests. (3) Co-locate communicating services in the same AZ — cross-AZ transfer costs $0.01/GB each direction, which adds up fast for chatty microservices.
AWS Data Transfer Pricing Overview
| Transfer Type | Cost per GB |
|---|---|
| Inbound (internet to AWS) | Free |
| Same AZ | Free |
| Cross-AZ (same region) | $0.01 each direction ($0.02 round-trip) |
| Cross-Region | $0.02 each direction |
| Internet egress (first 10 TB) | $0.09 |
| Internet egress (next 40 TB) | $0.085 |
| Internet egress (next 100 TB) | $0.07 |
| CloudFront egress | $0.085 (varies by region) |
| NAT Gateway processing | $0.045 |
| VPC endpoint processing | $0.01 |
Strategy 1: Eliminate NAT Gateway Data Processing Charges
NAT Gateway charges $0.045 per GB processed — on top of regular data transfer fees. For services accessing S3, DynamoDB, or other AWS APIs through a NAT Gateway, switching to VPC Gateway Endpoints eliminates this charge entirely.
| 1 TB/month to S3 via | NAT Gateway | VPC Gateway Endpoint |
|---|---|---|
| Processing fee | $45.00 | $0.00 |
| Transfer fee | $0.00 | $0.00 |
| Gateway hourly fee | $32.40 | $0.00 |
| Total | $77.40 | $0.00 |
VPC Gateway Endpoints for S3 and DynamoDB are free. VPC Interface Endpoints for other services cost $0.01/GB (still 78% cheaper than NAT Gateway).
Strategy 2: Use CloudFront for Internet Egress
CloudFront egress is cheaper than direct internet egress, and caching eliminates repeated origin fetches.
| Scenario (10 TB/month) | Direct Egress | CloudFront (50% cache hit) |
|---|---|---|
| Origin fetches | 10 TB x $0.09 = $900 | 5 TB x $0.00 (free origin) = $0 |
| Edge delivery | — | 10 TB x $0.085 = $850 |
| Total | $900 | $850 |
With higher cache hit rates, savings increase substantially. At 80% cache hit: $170 in origin fetches + $850 in edge delivery = $1,020 for 50 TB of user-facing traffic.
Strategy 3: Co-Locate Services in the Same AZ
Cross-AZ transfer costs $0.01/GB each direction. For microservices making thousands of API calls per second, this adds up:
| Architecture | Monthly Cross-AZ Cost |
|---|---|
| 3 services, 100 GB/day cross-AZ traffic | $60/month |
| 10 services, 500 GB/day cross-AZ traffic | $300/month |
| 50 services, 2 TB/day cross-AZ traffic | $1,200/month |
Solutions:
- Use AZ-aware routing (ALB AZ affinity, service mesh AZ preference)
- Place tightly coupled services in the same AZ
- Accept the trade-off: same-AZ is less resilient but cheaper
Strategy 4: Compress Data in Transit
Compressing API responses and data streams reduces transfer costs proportionally.
| Data Type | Compression Ratio | Transfer Savings |
|---|---|---|
| JSON API responses | 80-90% | 80-90% |
| Log data | 85-95% | 85-95% |
| CSV/TSV files | 75-85% | 75-85% |
Enable gzip/brotli compression on ALB and API Gateway. For inter-service communication, use protocol buffers or MessagePack instead of JSON.
Strategy 5: Use S3 Transfer Acceleration Selectively
S3 Transfer Acceleration costs $0.04-$0.08/GB on top of regular transfer. Only use it for long-distance uploads where speed justifies the cost. For same-region uploads, direct S3 uploads are free and fast enough.
Strategy 6: Audit Cross-Region Replication
Every cross-region replication setup costs $0.02/GB in data transfer plus the storage cost in the destination region. Audit each replication:
- Is it required for compliance?
- Is it required for latency?
- Can read replicas serve the purpose instead?
Strategy 7: Use PrivateLink Instead of Internet for B2B APIs
When connecting to third-party services or exposing your APIs to customers, PrivateLink keeps traffic on the AWS network ($0.01/GB) instead of routing through the internet ($0.09/GB) — an 89% reduction.
Related Guides
- AWS Data Transfer Pricing: The Hidden Cost
- AWS CloudFront Cost Optimization: Cut CDN Costs
- AWS NAT Gateway Pricing Guide
- AWS S3 Cost Optimization Guide
FAQ
Why is data transfer so expensive on AWS?
AWS monetizes outbound bandwidth because internet transit capacity is a finite resource. Inbound is free to encourage data ingestion. The pricing model incentivizes keeping data within AWS and using CDN services like CloudFront.
How can I see my data transfer costs broken down?
Use AWS Cost Explorer with the "Usage Type" filter set to "DataTransfer". The AWS Cost and Usage Report provides the most granular data. Group by "Usage Type" to see cross-AZ, cross-region, and internet egress separately. AWS Cost and Usage Report provides the most granular data.
Is it worth restructuring my architecture to save on data transfer?
If data transfer exceeds 10% of your AWS bill, yes. The most impactful changes (VPC endpoints, CloudFront, AZ co-location) can be implemented incrementally without major architectural changes.
Lower Your Data Transfer Costs with Wring
Wring helps you access AWS credits and volume discounts to lower your data transfer costs. Through group buying power, Wring negotiates better rates so you pay less per GB transferred.
