Cost Optimization (Pillar: Cost)
The Cost Optimization pillar of WAF++ defines requirements, principles and measurable controls to operate cloud costs transparently, attributably and continuously optimized.
Costs are not a side effect of architecture. They are an architecture outcome that must be actively governed – not observed after the fact.
What does Cost Optimization mean in WAF++?
Cost Optimization means that an organization has demonstrable control over the following dimensions:
| Dimension | What is controlled? | WAF-COST Control |
|---|---|---|
Cost Allocation |
Are all costs clearly attributed to workloads, teams and environments? |
WAF-COST-010 |
Budget & Alerting |
Are there budget limits and automated alerts upon breach? |
WAF-COST-020 |
Rightsizing |
Are resources sized according to actual demand – not hypothetically over-provisioned? |
WAF-COST-030 |
Retention & Lifecycle |
Do all storage and log resources have defined lifecycles? No infinite retention? |
WAF-COST-040 |
Architectural Cost Debt |
Are the economic impacts of architecture decisions documented and reviewed? |
WAF-COST-050, WAF-COST-100 |
FinOps Governance |
Is there a structured review cycle with clear accountability? |
WAF-COST-060 |
Observability Costs |
Are logging and monitoring costs actively governed through tiering and retention? |
WAF-COST-070 |
Commitment Optimization |
Are baseline workloads cost-optimized through reservations? |
WAF-COST-080 |
Egress & Data Transfer |
Are data transfer costs controlled, VPC Endpoints used, CDN deployed? |
WAF-COST-090 |
Cost Debt Register |
Are known cost debts documented, assessed and assigned to a paydown plan? |
WAF-COST-100 |
Why is Cost Optimization a separate pillar?
Costs are cross-cutting: they arise in Security, Reliability, Operations and Governance. Nevertheless, Cost Optimization is an independent discipline because:
-
It has its own governance dimension: FinOps, TCO assessment, chargeback models
-
It requires specific technical controls that no other pillar covers
-
It addresses Architectural Cost Debt as a structural risk – analogous to technical debt
-
Costs must be embedded as strategic decision inputs in architecture processes
-
Brownfield and greenfield scenarios require fundamentally different approaches
| Cost Optimization without technical enforcement is wishful thinking. Budgets without tagging are estimates. Rightsizing without monitoring is guesswork. |
Delineation from other pillars
-
Operations addresses: Monitoring, incident response, change management.
-
Governance addresses: Policies, decision processes, compliance frameworks.
-
Architecture addresses: Design principles, patterns, technical decisions.
-
Cost Optimization addresses: Economic governance, TCO, FinOps, cost debt, budget governance.
Cost Optimization assumes that resources are tagged, budgets are defined and architectures are documented, and extends this with economic measurement, optimization cycles and strategic cost control.
Controls Overview
The Cost pillar is operationalized through 10 measurable controls (WAF-COST-010 to WAF-COST-100).
| Control ID | Title | Severity | Automatable |
|---|---|---|---|
Cost Allocation Tagging Enforced |
High |
High |
|
Cost Budgets & Alerting Configured |
High |
High |
|
Resource Rightsizing & Idle Detection |
Medium |
Medium |
|
Storage & Retention Lifecycle Defined |
High |
High |
|
Cost Impact Assessment in ADRs |
High |
Partial |
|
FinOps Review Cadence |
Medium |
Low–Medium |
|
Observability & Logging Cost Tiers |
Medium |
High |
|
Commitment & Reserved Capacity Planning |
Medium |
Medium |
|
Data Transfer & Egress Cost Management |
High |
Medium |
|
Architectural Cost Debt Register & Quarterly Review |
Medium |
Partial |
Quick Start
New to the Cost pillar? Recommended reading order:
-
Definition – What is Cost Optimization as a discipline?
-
Scope – Brownfield vs. greenfield, what is in scope?
-
Cost Principles – 7 core principles including Architectural Cost Debt
-
Architectural Cost Debt – The central concept of this pillar
-
Controls – The 10 measurable controls
-
Maturity Model – Where does my organization stand?
-
FinOps Integration – Processes, roles and review cycles
-
Best Practices – How to implement it in practice?