Short, sourced notes on cloud-exit economics and running boring, predictable infrastructure. A new one goes up most days — subscribe at the bottom so you don't miss it.
Grab the free checklist — the one-page guide to stopping a surprise cloud bill →
A surprise AWS bill — a resource left running, or a leaked key someone abused — is one of the most common panics in cloud. Here's how to ask AWS to waive a first-time accidental bill (it works more often than you'd think), and the six guardrails that stop it happening again.
The follow-up to the CloudWatch per-scan post: the exact self-hosted setup that replaces it — Grafana + Loki on a flat-rate box where queries are free — with the hardware, a docker-compose to copy, the migration path, and the real savings.
Amazon CloudWatch Logs Insights bills per gigabyte your queries scan, not per gigabyte you store — so an always-on dashboard on auto-refresh quietly becomes a metered query loop that can cost more than the rest of your logging combined. Here's the trap, how to spot it on your bill, and the fix.
Most SaaS teams go hunting for an extra $100k in revenue. At any real scale, that money is usually already in your AWS/Azure/GCP bill as pure waste — across four predictable line items. Here's where it hides and how to find yours in an afternoon.
A SaaS founder's Google Cloud bill jumped from ~$200/month to ~$55,000 in a single billing cycle — one public Firebase API key, abused against the Gemini API. Here's exactly how it happens, how to fight the charge, and the five settings that cap it for good.
Storage and compute have list prices you can shop on. Egress is the line that quietly scales with your success — and it's the one almost nobody budgets for. Here's how to find it on your own bill in five minutes.
I publish honest, sourced breakdowns of cloud-exit economics — egress, storage, monitoring, reliability — and the occasional announcement. Leave your email and I'll let you know when something new goes up.
Double opt-in — you'll get one email to confirm. No spam, unsubscribe anytime. Read by me, never shared.