Skip to main content

AWS Cost Explorer MCP Server

Create a powerful Model Context Protocol (MCP) server for AWS Cost Explorer in minutes with our AI Gateway. This guide walks you through setting up seamless Cost Explorer integration with enterprise-grade security and AWS Signature v4 authentication.

About AWS Cost Explorer API

AWS Cost Explorer enables you to visualize, understand, and manage your AWS costs and usage over time. The Cost Explorer API provides programmatic access to:

  • Cost Analysis: Query detailed cost and usage data
  • Forecasting: Predict future costs based on historical data
  • Budgets: Create and manage cost budgets with alerts
  • Recommendations: Get savings recommendations for Reserved Instances and Savings Plans
  • Anomaly Detection: Detect unusual spending patterns
  • Cost Allocation: Tag-based cost tracking and reporting
  • Usage Reports: Detailed resource utilization metrics
  • Savings Opportunities: Identify cost optimization potential

Key Features

  • Granular Data: Hourly, daily, and monthly cost breakdowns
  • Multi-Dimensional Analysis: Filter by service, region, account, tags
  • Historical Data: Up to 13 months of cost history
  • Forecast Accuracy: ML-powered cost predictions
  • Real-time Updates: Cost data updated multiple times daily
  • Reserved Instance Tracking: RI utilization and coverage
  • Savings Plans Analysis: Track savings and recommendations
  • Custom Cost Categories: Business-specific cost grouping

What You Can Do with Cost Explorer MCP Server

The MCP server transforms Cost Explorer's API into a natural language interface, enabling AI agents to:

Cost Analysis

  • Cost Queries

    • "Show total AWS costs for last month"
    • "Break down costs by service for this quarter"
    • "Compare costs between production and development"
    • "Show daily cost trend for current month"

  • Dimensional Analysis

    • "Show EC2 costs by instance type"
    • "List costs by AWS region"
    • "Display costs by cost allocation tags"
    • "Analyze costs by linked account"

Budgets & Alerts

  • Budget Management

    • "Create $5000 monthly budget for production"
    • "Set up budget alert at 80% threshold"
    • "Track budget vs actual spend"
    • "Create budgets by service or tag"

  • Alert Configuration

    • "Alert when daily spend exceeds $200"
    • "Notify on 20% cost increase"
    • "Set up anomaly detection alerts"
    • "Create forecast-based alerts"

Forecasting

  • Cost Predictions

    • "Forecast next month's AWS bill"
    • "Predict quarterly infrastructure costs"
    • "Show cost trend for next 12 months"
    • "Calculate year-end total projection"

  • What-If Analysis

    • "Estimate cost of adding 10 EC2 instances"
    • "Project savings from Reserved Instances"
    • "Calculate impact of usage changes"
    • "Model different growth scenarios"

Optimization Recommendations

  • Reserved Instances

    • "Show RI purchase recommendations"
    • "Calculate potential RI savings"
    • "Analyze RI utilization rates"
    • "Find unused Reserved Instances"

  • Savings Plans

    • "Get Savings Plans recommendations"
    • "Compare Compute vs EC2 Instance plans"
    • "Track Savings Plans utilization"
    • "Calculate commitment optimization"

Anomaly Detection

  • Unusual Spending

    • "Detect cost anomalies in last week"
    • "Show root cause of cost spikes"
    • "Monitor specific service anomalies"
    • "Set custom anomaly thresholds"

  • Pattern Analysis

    • "Identify unusual usage patterns"
    • "Track seasonal cost variations"
    • "Detect unauthorized resource usage"
    • "Monitor cost trend deviations"

Reporting

  • Custom Reports

    • "Generate executive cost summary"
    • "Create departmental chargeback report"
    • "Show cost savings achievements"
    • "Build tag-based cost allocation report"

  • Automated Insights

    • "Weekly cost optimization tips"
    • "Monthly savings opportunities"
    • "Unutilized resource reports"
    • "Cost efficiency metrics"

Quick Start Guide

1. Prerequisites

  • AWS Account with billing access
  • Authentication method (choose one):
    • AWS IAM credentials (Access Key ID and Secret Access Key)
    • OAuth2 via AWS IAM Identity Center (SSO)
    • SAML 2.0 federation
  • Cost Explorer API enabled
  • AI Gateway account

2. Authentication Options

Option A: AWS IAM Credentials (Traditional)

Use AWS Access Key ID and Secret Access Key with the required IAM permissions below.

Option B: OAuth2 via AWS IAM Identity Center

AWS supports OAuth2 through IAM Identity Center for programmatic access:

  1. Enable IAM Identity Center:

    • Navigate to IAM Identity Center in AWS Console
    • Enable Identity Center in your organization's management account
    • Configure identity source

  2. Register OAuth Application:

    aws sso-admin register-client \
      --client-name "AI-Gateway-CostExplorer-MCP" \
      --client-type "public" \
      --scopes "ce:*"

  3. Configure OAuth Settings:

    • Authorization URL: https://[your-sso-url].awsapps.com/start/authorize
    • Token URL: https://[your-sso-url].awsapps.com/start/token
    • Redirect URI: https://auth.aigateway.cequence.ai/v1/outbound/oauth/callback
    • Scopes: Configure based on Cost Explorer operations needed

  4. Permission Sets: Create permission set in IAM Identity Center with Cost Explorer and Budgets policies attached.

3. Required IAM Permissions

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ce:GetCostAndUsage",
        "ce:GetCostAndUsageWithResources",
        "ce:GetCostForecast",
        "ce:GetDimensionValues",
        "ce:GetReservationUtilization",
        "ce:GetReservationPurchaseRecommendation",
        "ce:GetSavingsPlansPurchaseRecommendation",
        "ce:GetSavingsPlansUtilization",
        "ce:GetSavingsPlansUtilizationDetails",
        "ce:GetTags",
        "ce:GetAnomalies",
        "ce:GetAnomalyMonitors",
        "ce:GetAnomalySubscriptions",
        "ce:CreateAnomalyMonitor",
        "ce:CreateAnomalySubscription",
        "ce:UpdateAnomalyMonitor",
        "ce:UpdateAnomalySubscription",
        "budgets:ViewBudget",
        "budgets:CreateBudget",
        "budgets:UpdateBudget",
        "budgets:DeleteBudget"
      ],
      "Resource": "*"
    }
  ]
}

4. MCP Server Configuration

For IAM Credentials:

  1. Navigate to the AI Gateway dashboard
  2. Click "Create New MCP Server"
  3. Select "AWS Cost Explorer" from the available integrations
  4. Choose "AWS IAM" authentication
  5. Configure credentials:
    • Enter AWS Access Key ID
    • Enter AWS Secret Access Key
    • Enable Cost Explorer API if needed
    • Set default time ranges and granularity

For OAuth2 (IAM Identity Center):

  1. Navigate to the AI Gateway dashboard
  2. Click "Create New MCP Server"
  3. Select "AWS Cost Explorer" from the available integrations
  4. Choose "OAuth 2.0" authentication
  5. Configure OAuth settings:
    • Authorization URL: Your IAM Identity Center authorize endpoint
    • Token URL: Your IAM Identity Center token endpoint
    • Client ID: From registered application
    • Client Secret: From registered application (if confidential client)
    • Scopes: Select required Cost Explorer permissions
    • AWS Region: us-east-1 (Cost Explorer primary region)

5. Test Your Connection

Try these commands to verify your setup:

  • "Show current month's AWS costs"
  • "List top 5 most expensive services"
  • "Get cost forecast for next month"

OAuth2 Scopes for Cost Explorer Operations

When using OAuth2 via IAM Identity Center, configure permission sets with these Cost Explorer actions:

Cost Analysis

  • ce:GetCostAndUsage - Query cost and usage data
  • ce:GetCostAndUsageWithResources - Detailed resource costs
  • ce:GetCostForecast - Predict future costs
  • ce:GetDimensionValues - Available cost dimensions
  • ce:GetTags - Cost allocation tags

Savings & Optimization

  • ce:GetReservationUtilization - RI utilization metrics
  • ce:GetReservationPurchaseRecommendation - RI recommendations
  • ce:GetSavingsPlansPurchaseRecommendation - Savings Plans advice
  • ce:GetSavingsPlansUtilization - Track savings plans usage

Anomaly Detection

  • ce:GetAnomalies - View cost anomalies
  • ce:GetAnomalyMonitors - List anomaly monitors
  • ce:CreateAnomalyMonitor - Set up monitoring
  • ce:CreateAnomalySubscription - Configure alerts

Budget Management

  • budgets:ViewBudget - View budget details
  • budgets:CreateBudget - Create new budgets
  • budgets:UpdateBudget - Modify budgets
  • budgets:DeleteBudget - Remove budgets

Configure permission sets in IAM Identity Center to match your cost management requirements.

Common Use Cases

Financial Planning

Budget and forecast effectively:

"Create annual budget with quarterly milestones"
"Forecast infrastructure costs for next fiscal year"
"Model cost impact of 50% growth"
"Set up variance alerts for budget overruns"

Cost Allocation

Implement chargeback/showback:

"Generate cost report by department tags"
"Calculate per-project infrastructure costs"
"Show cost breakdown by environment"
"Create monthly chargeback invoices"

Optimization Initiatives

Reduce AWS spending:

"Identify top 10 cost saving opportunities"
"Find unused or underutilized resources"
"Calculate ROI of Reserved Instance purchases"
"Show resources without cost allocation tags"

Executive Reporting

Provide cost visibility:

"Generate executive dashboard metrics"
"Show month-over-month cost trends"
"Compare actual vs budgeted costs"
"Highlight cost optimization achievements"

Advanced Features

Custom Cost Categories

Organize costs by business logic:

"Create cost category for product lines"
"Group costs by business unit"
"Categorize shared vs dedicated resources"
"Track costs by customer segment"

Multi-Account Analysis

Manage organization-wide costs:

"Aggregate costs across all accounts"
"Compare costs between AWS accounts"
"Show organizational unit spending"
"Track cross-account resource sharing"

Detailed Filtering

Precise cost analysis:

"Show costs for specific tags combinations"
"Filter by multiple dimensions simultaneously"
"Exclude credits and refunds"
"Include only production resources"

Time-Based Analysis

Historical and trend analysis:

"Compare costs year-over-year"
"Show hourly cost patterns"
"Analyze weekend vs weekday usage"
"Track cost trends by service"

Best Practices

Tagging Strategy

  • Implement comprehensive tagging policy
  • Use consistent tag keys and values
  • Tag all resources at creation
  • Regular tag compliance audits

Budget Management

  • Set budgets for all major cost centers
  • Use forecasted budgets for planning
  • Configure multi-threshold alerts
  • Review and adjust budgets quarterly

Cost Optimization

  • Regular recommendation reviews
  • Automate resource scheduling
  • Right-size instances based on usage
  • Leverage spot instances where appropriate

Reporting Cadence

  • Daily anomaly monitoring
  • Weekly optimization reviews
  • Monthly cost reports
  • Quarterly budget reviews

Troubleshooting

Common Issues

  • No Data: Ensure Cost Explorer is enabled
  • Missing Costs: Check for untagged resources
  • Forecast Errors: Need 30+ days of history
  • Access Denied: Verify IAM permissions

Data Accuracy

  • Allow 24 hours for cost finalization
  • Credits may affect calculations
  • Check for data transfer costs
  • Verify tax inclusion settings

Integration Examples

With AWS Services

"Create CloudWatch alarm for budget exceeded"
"Export cost data to S3 for analysis"
"Trigger Lambda on anomaly detection"
"Send cost reports via SNS"

With AI Gateway Tools

"Send daily cost summary to Slack"
"Create cost dashboard in Google Sheets"
"Update Jira with monthly AWS costs"
"Generate cost reports in Confluence"

Cost Categories and Allocation

Built-in Dimensions

  • Service: EC2, S3, RDS, Lambda, etc.
  • Region: us-east-1, eu-west-1, etc.
  • Usage Type: BoxUsage, DataTransfer, etc.
  • Operation: RunInstances, GetObject, etc.
  • Instance Type: t3.micro, m5.large, etc.

Custom Dimensions

  • Cost Allocation Tags: Department, Project, Owner
  • AWS-Generated Tags: aws:createdBy, aws:cloudformation:stack-name
  • Linked Account: For AWS Organizations
  • Cost Categories: Business-defined groupings

Anomaly Detection

Monitor Types

  • Service Monitors: Track specific AWS services
  • Linked Account: Monitor individual accounts
  • Cost Category: Monitor custom categories
  • Tags: Track tagged resource groups

Alert Configuration

"Create anomaly monitor for production tag"
"Set 50% threshold for anomaly alerts"
"Exclude expected seasonal variations"
"Configure daily anomaly summary"

Savings Recommendations

Reserved Instances

"Show RI recommendations for EC2"
"Calculate break-even point for RIs"
"Compare No Upfront vs All Upfront"
"Track RI expiration dates"

Savings Plans

"Recommend optimal Savings Plan commitment"
"Compare savings across plan types"
"Show current plan utilization"
"Calculate additional savings potential"

Security Considerations

Access Control

  • Use read-only IAM policies
  • Implement MFA for sensitive operations
  • Audit Cost Explorer API usage
  • Restrict budget modification permissions

Data Privacy

  • Mask sensitive tag values
  • Control cost data visibility
  • Implement data retention policies
  • Encrypt exported cost data

API Limits and Pricing

Rate Limits

  • GetCostAndUsage: 100 requests per second
  • GetCostForecast: 10 requests per second
  • Recommendations: 10 requests per second
  • Anomaly Detection: 10 requests per second

Pricing

  • API Requests: $0.01 per request
  • Anomaly Detection: Free for first 100 monitors
  • Budgets: Free for first 2 budgets
  • No charges: For viewing in console

Ready to take control of your AWS costs? Start creating your Cost Explorer MCP server today and enable AI-powered cloud financial management!