Resources GitHub
Home / Resources / FinOps for AI
FinOps for AI

FinOps for AI

AI spend patterns that standard FinOps tools miss โ€” cross-service billing disguises, OCU floor costs, inference waste, and detection logic for the new AI infrastructure stack.

Articles in this Category

Amazon Bedrock Knowledge Base Costs Don't Show Up Under Bedrock

When you create a Bedrock Knowledge Base, AWS silently provisions OpenSearch Serverless at $345/month. The charge appears under a different service name. When you delete the KB, the collection keeps billing. Five real incidents, detection SQL, and a fix checklist.

๐Ÿ“… April 29th, 2026 โฑ๏ธ 9 min read

Runaway AI Inference: How a Prompt Loop at 2 AM Becomes a $4,200 Weekend Bill

Token consumption can spike 18ร— above your rolling baseline in 48 hours. Standard FinOps alerts won't catch it. Six real incidents ($15 to $50K), the FOCUS-native detection SQL, and a three-layer fix for the engineer who built it, the analyst who watches the bill, and the manager who owns the outcome.

๐Ÿ“… May 22nd, 2026 โฑ๏ธ 10 min read

SageMaker Real-Time Inference Endpoints Bill When Nobody Is Calling Them

SageMaker real-time endpoints can't scale to zero โ€” they bill $724+/month whether they receive 0 requests or 10,000. The charge is invisible in standard billing data until you join it with CloudWatch. Five real incidents, detection SQL, and a fix checklist for the engineer who deployed it, the analyst watching the bill, and the manager who owns the outcome.

๐Ÿ“… May 25th, 2026 โฑ๏ธ 9 min read

A Stolen API Key, 48 Hours, $82,000: The AI Billing Signature That Standard FinOps Tools Miss

A Google Maps key gained Gemini scope without the owner knowing. 48 hours, $82,314. 2,863 live exposed keys in Common Crawl. AWS Bedrock API keys carry identical risk. The FOCUS-native detection query, the three conditions that distinguish attacks from legitimate first-day usage, and a full incident response checklist.

๐Ÿ“… May 26th, 2026 โฑ๏ธ 11 min read

Your AI Inference Bill Grows Every Sprint Without New Traffic โ€” It's Your System Prompts

Input token consumption climbs 15%+ month over month as developers add few-shot examples, safety rules, and RAG context across sprints โ€” invisible to standard dashboards that watch total Bedrock spend. Four real incidents ($800 to $8,400/month), the FOCUS-native two-window detection query, and a fix checklist for engineers, FinOps practitioners, and engineering leaders.

๐Ÿ“… May 26th, 2026 โฑ๏ธ 10 min read