AWS charges $0.01 per GB in each direction for data transferred between Availability Zones within the same region. That's $0.02/GB for a round trip. It appears on your bill as "DataTransfer-Regional-Bytes" and it compounds fast in distributed architectures — database replication, microservice calls across AZs, Kafka inter-broker traffic, EKS pod-to-pod communication.

Exact Cross-AZ Pricing

Traffic pathCostApplies to
Same AZ, within a VPC $0.00 EC2, RDS, ElastiCache, EKS
Different AZs, same region EC2, RDS, ElastiCache, MSK, EKS, EFS
VPC peering, same AZ $0.00 Changed in May 2021 — was $0.01/GB
VPC peering, different AZs Standard in-region rate applies
Transit Gateway, same region Per GB sent through TGW attachment
Different regions Varies by region pair

Source: AWS EC2 pricing, AWS VPC pricing.

The billing direction trap: $0.01/GB applies in each direction independently. A database query that sends 1 GB of data from us-east-1a to us-east-1b costs $0.01 — but the response flowing back costs another $0.01. High-throughput bidirectional traffic doubles the apparent per-GB rate to $0.02/GB effective.

Which Services Are Affected

EC2 — instance-to-instance traffic

Any private IP communication between EC2 instances in different AZs is charged. This includes application servers calling each other, internal APIs, and batch jobs reading from distributed data stores across AZs.

RDS — read replicas and connections

If your application EC2 instances are in us-east-1a and your RDS primary is in us-east-1b, every query and response crosses AZs. Multi-AZ RDS replication between primary and standby also crosses AZs — AWS absorbs the replication cost, but your application connection traffic is still charged.

ElastiCache — cross-AZ reads

ElastiCache cluster nodes are spread across AZs for availability. Read requests routed to a node in a different AZ than the caller incur the $0.01/GB charge. High-frequency cache reads (millions per hour) make this a significant line item.

MSK (Kafka) — inter-broker replication

Kafka brokers replicate every partition across AZs by default. A topic with replication factor 3 across 3 AZs means every message is transmitted twice across AZ boundaries for replication. At high throughput this is one of the largest cross-AZ cost sources.

EKS — pod-to-pod traffic

Kubernetes does not AZ-pin pod-to-pod communication by default. A pod in us-east-1a calling a service whose pod happens to be scheduled in us-east-1b generates cross-AZ traffic. At microservice scale this accumulates across hundreds of service-to-service calls.

ALB — backend targets in different AZs

An Application Load Balancer distributes traffic across registered targets in all AZs. Without zone-aware routing, a request landing on the ALB node in us-east-1a may be forwarded to a backend in us-east-1b — crossing AZs for every request the cross-AZ backend handles.

What This Costs at Scale

A microservices application with 10 services averaging 500 GB/day of inter-service traffic, with 40% of calls crossing AZ boundaries:

Cross-AZ traffic (200 GB/day × 30 days)6,000 GB/month
Outbound charge (6,000 GB × $0.01)$60.00
Inbound charge (6,000 GB × $0.01 return traffic)$60.00
Monthly cross-AZ transfer cost$120.00

An MSK cluster with 3 brokers across 3 AZs, replication factor 3, 1 TB/day of message throughput: each message is replicated to 2 other brokers, each in a different AZ — generating roughly 2 TB/day of cross-AZ replication traffic, or ~$600/month.

How to Find What Is Generating Cross-AZ Charges

Cost Explorer shows the total but not which resources. For that you need VPC Flow Logs. First, identify which IPs are in which AZ:

# Map private IPs to AZ via their network interface
aws ec2 describe-network-interfaces \
  --query 'NetworkInterfaces[*].{IP:PrivateIpAddress,AZ:AvailabilityZone,
    Type:InterfaceType,Instance:Attachment.InstanceId}' \
  --output table

Then query flow logs in Athena to find cross-AZ pairs. Build an AZ lookup from the IP→AZ map above and join it against flow log records to find pairs where source AZ ≠ destination AZ, ordered by bytes transferred:

SELECT
  srcaddr,
  dstaddr,
  SUM(bytes) AS total_bytes,
  ROUND(SUM(bytes) / 1073741824.0 * 0.01, 2) AS estimated_cost_usd
FROM vpc_flow_logs
WHERE start >= to_unixtime(current_timestamp - interval '30' day)
GROUP BY srcaddr, dstaddr
ORDER BY total_bytes DESC
LIMIT 50;

Cross-reference the top IP pairs against your AZ map to identify which service-to-service calls are generating the most cross-AZ traffic. Alternatively, Netway does this automatically — it maps your topology, analyses flow logs, and surfaces cross-AZ cost patterns with instance IDs and monthly cost estimates.

How to Reduce Cross-AZ Transfer Costs

1. AZ-aware routing in EKS — use topology spread constraints to keep pods in the same AZ as their callers, and enable topology-aware routing in Services so kube-proxy prefers same-AZ endpoints:

# In your Service spec
service.kubernetes.io/topology-mode: "Auto"

2. ElastiCache cluster mode with AZ pinning — configure your application to prefer reads from the ElastiCache node in the same AZ. The ElastiCache SDK supports preferring local-AZ replicas with the ReadPreference setting.

3. Place RDS in the same AZ as the primary application fleet — if most of your EC2 compute is in us-east-1a, put the RDS primary in us-east-1a. RDS Multi-AZ standby replication cost is absorbed by AWS; your application connection traffic stays same-AZ.

4. ALB target group zone-aware routing — enable cross-zone load balancing only when needed, and use target group AZ failover so the ALB prefers targets in the same AZ as the incoming request when available.

5. Reduce MSK replication cross-AZ cost — for non-critical topics, reduce replication factor from 3 to 2, or use same-AZ replicas where durability requirements allow. For high-throughput topics evaluate whether cross-AZ replication is worth the cost relative to the failure scenario it covers.

Same-AZ is always free. The simplest reduction strategy: co-locate tightly coupled services in the same AZ. Accept that if that AZ has an outage, those services fail together — and use AZ redundancy only where availability requirements justify the cross-AZ transfer cost.

Check Your Cross-AZ Spend in Cost Explorer

aws ce get-cost-and-usage \
  --time-period Start=2026-06-01,End=2026-06-26 \
  --granularity MONTHLY \
  --filter '{"Dimensions":{"Key":"USAGE_TYPE","Values":["USE1-DataTransfer-Regional-Bytes"]}}' \
  --metrics UnblendedCost UsageQuantity \
  --output table

The usage type prefix (USE1-) varies by region — USE2- for us-east-2, USW2- for us-west-2, EUW1- for eu-west-1. Replace accordingly for your region.

Detect Cross-AZ Waste Automatically

Cross-AZ transfer cost is difficult to attribute manually — Cost Explorer shows the total, but not which service call or resource pair is generating it. Netway analyses your VPC Flow Logs to identify the specific EC2 instances and traffic patterns driving cross-AZ charges, with monthly cost estimates per finding and the recommended fix.

Netway detects cross-AZ traffic waste, S3-via-NAT, and 12 other cost patterns across all your VPCs in one scan. First scan is free →