CLOUD SECURITY LAB

Developers Create and Leave, But the Bill Goes to the Department Head — Why Resource Deletion is Key to Budget Management in Practice

by

cslab
in

Cloud resources are easy to create, but easy to forget to delete.

That “forgetfulness” undermines a company’s financial governance.

>

What This Article Covers

  • Why resource deletion is not just cleanup for engineers in practice
  • 4 structural impacts of undeleted resources on company finances
  • The meaning of resource lifecycle from a FinOps perspective
  • 4 immediately applicable governance patterns in practice

Introduction — An Infrastructure Team Lead’s Month-End

The monthly cloud bill arrives. The infrastructure team lead discovers a strange item: dev-test-instance-aaron-temp-2. It was created six months ago, and the engineer named Aaron left three months ago. 120,000 KRW per month, totaling 720,000 KRW, quietly drained away over six months.

But this isn’t just one or two items. Upon investigation, approximately 25% of the department’s total cloud costs were coming from ghost resources with unknown origins and no responsible party.

Here’s the truth we must face:

“Not deleting resources” isn’t just failing to clean up,

it’s a sign that the company’s financial governance has broken down a step further.

The real reason we teach “delete resources after the lecture” in training/education isn’t because of classroom costs, but because that engineer, once in the field, must grow into someone who protects the company’s budget.

4 Reasons Why Resource Deletion is Key to Budget Management in Practice

1. Budget Forecast Accuracy Collapses

One of the most important metrics in FinOps is Forecast Accuracy. The CFO and finance team predict cloud spending for the next quarter to formulate the company-wide budget, and this forecast determines hiring, equipment purchases, and R&D investments.

The problem is that as undeleted resources accumulate monthly, the cost baseline itself inflates. If a department that used to predict with ±5% accuracy drops to ±25%, the finance team starts to question all IT requests from that department.

Forecast accuracy is not just a number. It is a measure of trust that “this department knows its infrastructure.” Lose trust, lose budget.

2. Cost Accountability Becomes Impossible to Trace

Resources created without tags, resources left by departed employees, resources whose projects are unknown — all these fall into the “Shared Cost” pool.

As shared costs grow, the company’s Showback / Chargeback model breaks down.

  • Showback: “This department used this much.”
  • Chargeback: “This department is responsible for this much.”

If this doesn’t work, it’s impossible to measure which services are profitable and which projects are losing money. The foundation for Unit Economics analysis collapses, ultimately leading to poor business decisions.

A SaaS company might miscalculate per-user margins and set incorrect prices,

while a data company might misestimate per-query costs and sell at a loss.

3. Governance Trust Erodes, Approval Chains Lengthen

The most frequent question finance and security teams ask IT departments is simple:

“Why did this much cost occur?”

Organizations with broken resource lifecycle management cannot answer this question. If they can’t answer, two things happen in the next quarter:

  • Automatic budget cuts
  • Requirement for pre-approval for all resource creation

The second is more critical. If security and finance teams start requiring approval for every instance creation, engineering speed drops by half, and the company’s overall infrastructure agility disappears. “Only organizations with a ‘good deletion culture’ enjoy the ‘freedom to create quickly.’”

4. Direct Cost Leakage Accumulates

This is the most visible part, but in fact, it’s a smaller problem compared to the three above. However, when accumulated, it’s by no means small.
Forgotten Resource (per item) Hourly Cost Annual Cost
Unused Elastic IP $0.005 Approx. $44
Idle NAT Gateway $0.045 Approx. $394
Empty EKS Control Plane $0.10 Approx. $876
Forgotten GPU Instance (g4dn.xlarge) $0.526 Approx. $4,608
RDS db.t3.medium standalone $0.068 Approx. $596

Even if an engineering organization of 100 people has an average of 1-2 such remnants per person, direct losses of tens of millions to hundreds of millions of KRW occur annually. And this money could have been used for new hires or R&D.

4 Governance Patterns to Apply in Practice

① Tag Enforcement

Mandate 4 tags for all resources:

  • Owner — Responsible person’s email
  • Project — Project code for billing
  • Environment — dev / staging / prod
  • ExpireAt — Automatic expiration date (ISO 8601)

AWS uses SCP (Service Control Policy) or Tag Policy, Azure uses Azure Policy, and GCP uses Organization Policy to block the creation of untagged resources entirely.

# Terraform — Enforcing tags on all resources
locals {
  required_tags = {
    Owner       = var.owner
    Project     = var.project
    Environment = var.environment
    ExpireAt    = var.expire_at
  }
}

resource "aws_instance" "app" {
  # ... omitted ...
  tags = merge(local.required_tags, {
    Name = "app-server"
  })
}

② TTL-based Automatic Expiration

Based on the ExpireAt tag, a Lambda function automatically reclaims expired resources once a day. Even if people forget, the system deletes them. This is particularly effective for PoC environments, learning environments, and demo environments.

③ Activate Cost Anomaly Detection

AWS Cost Anomaly Detection, Azure Cost Management Anomaly, GCP Recommender — detect cost spikes within 24 hours and notify via Slack/email. If an incident is discovered the next day instead of a month later, the loss is reduced by 1/30.

④ Weekly Review of Idle Resources

Establish a ritual where the infrastructure team reviews AWS Trusted Advisor, Compute Optimizer, and Cost Explorer Rightsizing recommendations weekly. If “cleanup time” isn’t put on the calendar, no one will clean up.

⚠️ Most Common Pitfalls in Practice

  • “I didn’t create it, so I don’t need to delete it” — If no one deletes it, the company bears the cost. Ultimately, it’s everyone’s loss.
  • “Development environments are small costs” — Surprisingly many companies have 24/7 development clusters that cost more than production environments.
  • Missing cloud resources in offboarding handovers — The most common cause of ghost resources. “Submission of owned resource manifest” must be included in the HR process.
  • Tolerating untagged resources — If “I made it quickly because I was in a hurry” is allowed once, that culture will never disappear.
  • Creating with IaC and deleting with the console — Dependency errors lead to only half being deleted, and the rest become orphans. You must delete with the tool you used to create.

✅ Summary

  • Resource deletion is not just cleanup, but part of financial governance
  • Undeleted resources create 4 repercussions — collapsed forecasts, untraceable accountability, eroded governance trust, direct cost leakage
  • 4 key practical tools — Mandatory tagging, TTL automation, cost anomaly detection, weekly idle resource review
  • The cheapest way to protect your department’s standing in next quarter’s budget negotiations is to delete unused resources today

The real reason we teach “delete after practice” in lectures is to ensure that the learner, once in the field, becomes an engineer who protects the company’s money. It’s not about technology, but about transmitting an operational culture.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *