Project Basics
Tell us about your project so we can tailor recommendations to your needs.
Project Information
Compute
Choose your compute platform and size. All prices are on-demand, Linux, us-east-1.
Lambda Configuration
Storage
Configure object storage (S3) and block storage (EBS) with the right durability and access tier.
S3 Object Storage
Enable S3 Buckets
Highly durable (11 9s), scalable object storage for files, assets, backups, and data lakes.
EBS Block Storage (per instance)
Enable EBS Volumes
SSD block storage attached to EC2/ECS. Required for OS disk and persistent application data.
Database
Choose managed relational (RDS) or NoSQL (DynamoDB) database options.
Amazon RDS — Relational Database
Enable RDS
Fully managed relational DB: MySQL, PostgreSQL, MariaDB, Oracle, SQL Server, or Aurora.
Amazon DynamoDB — NoSQL
Enable DynamoDB
Serverless key-value and document store. Single-digit ms latency at any scale. No instance management.
Networking & Delivery
Load balancers, CDN, DNS, and egress traffic configuration.
Load Balancers
Application Load Balancer (ALB)
Layer 7 HTTP/HTTPS routing. Supports path-based routing, host-based routing, WebSockets, gRPC, and Lambda targets. Best for web apps and APIs.
$0.008/hr (~$5.76/mo) + $0.008 per LCU
Network Load Balancer (NLB)
Layer 4 TCP/UDP/TLS routing. Sub-millisecond latency, static IPs, handles millions of requests per second. Best for low-latency or non-HTTP workloads.
$0.008/hr (~$5.76/mo) + $0.006 per NLCU
CloudFront CDN
Amazon CloudFront
Global CDN with 450+ edge locations. Reduces latency for end users and offloads origin traffic. Required for S3 static sites. Integrates with WAF and Shield.
$0.0085/GB transfer (US/EU) • $0.0100/10K HTTPS requests
Additional Networking
NAT Gateway
Allows private subnet instances to reach the internet. Required for ECS tasks and EC2 instances in private subnets to pull images and call external APIs.
$0.045/hr (~$32.40/mo) + $0.045/GB processed
Route 53 Hosted Zone
Authoritative DNS for your domain. Health checks, failover routing, latency-based routing, and Alias records for AWS resources.
$0.50/hosted zone/mo • $0.40/1M queries
Security & Compliance
AWS security services. GuardDuty and CloudTrail are recommended for all production workloads.
Threat Detection & Protection
Amazon GuardDuty
Intelligent threat detection using ML. Monitors CloudTrail, VPC Flow Logs, DNS logs. Detects compromised instances, crypto mining, data exfiltration, and more.
~$1–$10/mo typical small workload • scales with volume
AWS WAF (Web Application Firewall)
Protect against OWASP Top 10, SQL injection, XSS, and bot traffic. Works with ALB, CloudFront, and API Gateway. Includes managed rule groups from AWS and third parties.
$5/WebACL/mo + $1/rule/mo + $0.60/1M requests
AWS Shield Advanced
Enhanced DDoS protection with 24/7 DRT (DDoS Response Team) access, near-real-time attack visibility, cost protection, and advanced attack attribution. Required for PCI, HIPAA DDoS compliance.
$3,000/mo flat fee — covers all protected resources in the account
Secrets & Encryption
AWS Secrets Manager
Store and auto-rotate database credentials, API keys, and certificates. Integrates with RDS for automatic rotation.
$0.40/secret/mo + $0.05/10K API calls
AWS KMS — Customer Managed Keys (CMK)
Customer-managed encryption keys for S3, RDS, EBS, CloudTrail, and more. Key rotation, audit trail, and fine-grained access policies via IAM.
$1.00/CMK/mo + $0.03/10K API calls
Monitoring & Audit
AWS Config
Continuous resource configuration recording and compliance evaluation. Tracks changes to all AWS resources and evaluates against compliance rules.
$0.003/config item recorded + $1/active rule/mo
Cost Proposal
Estimated monthly AWS infrastructure cost for your project
| Service | Configuration | Unit Price | Qty | Monthly Cost |
|---|---|---|---|---|
| Total Monthly Estimate | $0.00 | |||
| Annual (×12) | $0.00 | |||