One of our large customers had a huge AWS footprint. The organization had different platform support teams, cloud resources creation teams, networking teams, and application development teams.
App teams used to request account creations on a per application basis, while central cloud teams used to respond by creating an account with many default configurations. Each account had at least two VPCs for two regions and multiple endpoints irrespective of an application requirement.
We observed that multiple endpoints were created in bulk and many endpoints were unused, while AWS charges still included them monthly that we had to pay. The challenge now was how to find unused endpoints.
The networking team was asked to observe VPC Flow Logs for a few days and find the unused ones for a sample account. The result was almost half the endpoints were unused for the app under observation and it went unchecked for months.
For our organization, almost $100-per-month USD savings were achieved for the just one VPC under observation. Imagine a large organization with hundreds of accounts with double the number of VPCs for resiliency requirements!