Your cloud bill arrived. It's 20% higher than last month. You ask your team — nobody can explain the increase. This is cloud sprawl in action, and it's more common than most engineering leaders want to admit.
What Is Cloud Sprawl?
Cloud sprawl is the uncontrolled proliferation of cloud resources — instances, databases, storage buckets, load balancers, and networking components — that have been created but are no longer actively managed. It happens because:
- Cloud provisioning is fast and cheap (no procurement process to slow things down)
- Developers create resources for short-term projects and forget to clean up
- Organisations lack visibility into what they've actually deployed
- Shadow IT bypasses central governance entirely
The 7 Types of Wasted Cloud Resources
1. Zombie Virtual Machines
VMs that are running but serving no useful purpose. Common causes: dev environments left on over weekends, a failed migration where the old workload was never decommissioned, or a proof-of-concept that became permanent. A zombie m5.2xlarge on AWS costs roughly £300/month running 24/7.
2. Orphaned Snapshots and AMIs
EBS snapshots, Azure disk snapshots, and OCI custom images created for backups or migrations and never deleted. Storage costs are low per-GB but they accumulate rapidly. Many organisations discover hundreds of gigabytes of forgotten snapshots during their first CloudVista scan.
3. Unattached Storage Volumes
Block storage volumes that were detached when a VM was terminated but not deleted. AWS EBS volumes cost $0.10/GB/month whether attached or not. A single forgotten 1TB volume costs £72/month.
4. Idle Load Balancers
Application and network load balancers with no active targets. AWS ALBs cost roughly $18/month regardless of traffic. Organisations commonly find 10–30 abandoned load balancers during first-pass inventory audits.
5. Over-provisioned Instances (Right-Sizing Opportunities)
Production workloads running on instance types 2–4x larger than required. CPU utilisation below 10% is a right-sizing signal. This isn't shadow IT — it's legitimate waste from conservative initial sizing that was never revisited.
6. Shadow IT Accounts and Subscriptions
Entire cloud accounts or Azure subscriptions created by teams outside the central Cloud/Ops team — often to avoid procurement or compliance overhead. These accounts bypass tagging policies, cost controls, and security guardrails entirely.
7. Forgotten Managed Services
RDS instances, ElastiCache clusters, and managed Kubernetes clusters that were stood up for a project and never terminated. These are particularly expensive — an Aurora cluster can cost £400–2,000/month and is easy to forget about once a project winds down.
The shadow IT multiplier: Shadow IT resources rarely have any governance attached — no tags, no cost allocation, no compliance checks. When they eventually get discovered (often during a security incident or a surprise bill), the remediation cost dwarfs the original resource cost.
How to Find and Eliminate Cloud Sprawl
Step 1: Get complete visibility first
You can't fix what you can't see. Connect an inventory tool like CloudVista to every cloud account and subscription — including ones you think are inactive. Run a full sync and review the complete resource list, sorted by last activity date and cost contribution.
Step 2: Tag everything, enforce tagging going forward
Enable tag enforcement policies that prevent resource creation without mandatory tags (owner, environment, project, cost-centre). For existing untagged resources, use CloudVista's bulk-attribution workflows to assign ownership before taking action.
Step 3: Set idle resource policies
Define what "idle" means for each resource type — e.g., VM CPU utilisation below 5% for 14 consecutive days, EBS volume unattached for more than 7 days, load balancer with zero traffic for 30 days. Route idle resource findings to team Slack channels automatically.
Step 4: Implement a stop-before-terminate process
Rather than immediately terminating suspected zombies (which risks deleting something important), stop/pause them first and notify the owner. If nobody objects within 14 days, terminate and delete. This reduces conflict and builds trust in the process.
Step 5: Review cloud accounts, not just resources
Shadow IT often lives in accounts that don't appear in your central billing view. Audit all AWS accounts under your organisation, all Azure subscriptions under your tenant, and all OCI compartments — not just the ones your central team manages.
CloudVista tip: CloudVista's Stale Resources page identifies every VM, volume, load balancer, and managed service that hasn't had meaningful activity in the past 30 days — colour-coded by severity and estimated monthly cost, so you can prioritise the highest-value cleanups first.
Building a Cloud FinOps Practice
Eliminating cloud sprawl isn't a one-off project — it's a practice. The most effective FinOps teams combine:
- Continuous inventory scanning — new zombie resources appear constantly
- Weekly cost anomaly reviews — catch spending spikes before they compound
- Monthly right-sizing passes — re-evaluate instance sizing every quarter
- Team cost dashboards — make spend visible to the engineers creating it
- Budget alerts with automated escalation — prevent bill shock from individual accounts
Find Your Cloud Waste in Under 10 Minutes
CloudVista's Stale Resources dashboard shows every idle, orphaned, and over-provisioned resource across all your clouds — free, no credit card required.
Start Free Today View Live Demo