Unexplained S3 ListBuckets cost in cost explorer

Question

We are trying to optimise AWS S3. The cost explorer shows very high cost of ListBuckets calls.

To get the source of these calls, we enabled the CloudTrails with configuration to log all the management and data eventtype logs for S3. In the cloudtrail logs, there is not even 0.0001% of the calls which are reflected in the cost explorer. What can be the possible reasons for this?

Is the ListBuckets in cost explorer related to some other API in CloudTrail? Or are the ListBuckets events not getting logged in CloudTrail becuase am I doing something wrong while configuring the CloudTrails?

Answer 1

According to Actions, resources, and condition keys for Amazon S3 - Service Authorization Reference:

ListBucket action
Grants permission to list some or all of the objects in an Amazon S3 bucket (up to 1000)

I always find this naming confusing. The ListBucket operation lists the contents of buckets, not to be confused with ListBuckets permission that is associated with the ListAllMyBuckets action. Confusing indeed!

So, I think it is actually charging you for listing the contents of buckets. In boto3 this is called list_objects(). So, look for anything in Cost Explorer that might talk about listing objects within a bucket and it will probably show more data.