Confirming the hotfix from CloudConformity
There is increase on GuardDuty bill across 70% accounts in our organization starting from June 01 that caused by CloudConformity. The hotfix from CloudConformity has been deployed since June 12 night, and our Cloud-Infra team is confirming the fix on our 3 own accounts (tsi product domain).
Meanwhile, CloudConformity scan interval of all accounts will be set to 6 hours instead of 1 hour until we confirmed the fix has working.
June 04,
We got report from srs team that there is increase on GuardDuty bill starting from June 01. Teams are discussing the issue.
June 11,
Cloud-Infra team has done CloudTrail analysis and found-out there is increase on AWS API call on 5 sample accounts, you can see the report in this spreadsheet.
June 12,
CloudConformity support acknowledge there was logic error on retry mechanism that cause high number of API call to our accounts. While we're waiting for their fix, we change the scan interval of all accounts to 6 hours instead of 1 hour to reduce number of API call to our accounts.
On that night, CloudConformity released a hotfix and said the number of retry and API call has been decreased since then.
June 15,
We're confirming the fix from CloudConformity, by changing back the interval of 3 tsi AWS accounts to 1 hour interval. These accounts were impacted by the issue, and now we're monitoring whether the fix is working or not.
The plan after we've confirmed the fix is working, then we will change back the scan interval to 1 hour for all accounts.