Home/AWS Hub/White Papers/AWS Data Transfer and Egress Cost
AWS  |  Data Transfer and Egress White Paper

Negotiating AWS Data Transfer: Rate Card, Architecture, Exit Leverage

List internet egress still opens at $0.09 per GB in 2026, while the EU Data Act drives switching charges to zero on January 12, 2027. Your negotiation lives between those two numbers.

Prepared by Redress Compliance  ·  June 2026  ·  Representative AWS estate scenario (benchmark scenario, not a quote)

Executive Summary

Data transfer is the least negotiated line on most AWS bills. Internet egress lists at $0.09 per GB for the first 10 TB each month, tiering down to $0.05 above 150 TB, and the same gigabyte often pays a second toll of $0.045 per GB through a NAT gateway before it ever leaves the region.

The leverage is mispriced by most buyers. In the worked estate, architecture alone cuts the monthly transfer line from $78,000 to $28,800, a 63 percent reduction, before AWS discounts a single rate. Negotiated instruments stack on top: Data Transfer Private Pricing at 20 to 55 percent off list, CloudFront private pricing at 40 to 70 percent.

The deadline matters. AWS has offered free egress for customers leaving the platform since March 2024, and the EU Data Act eliminates switching charges outright on January 12, 2027. Exit egress is no longer a credible lock in argument, and your account team knows it.

This paper delivers the negotiation cycle framework, the verified baseline method, the five contract clauses, the discount benchmarks by scenario, the counters to standard AWS tactics, and the BATNA and side letter construction we use with clients.

$0.09
List price per GB for the first internet egress tier in 2026. The anchor AWS never volunteers down.
40 to 70%
CloudFront private pricing discount range off list at committed volume, engagement file 2024 to 2025.
$936K
Annual transfer line in our benchmark estate before any action. Most of it is removable or negotiable.
Jan 12, 2027
EU Data Act deadline: cloud switching charges, including egress on exit, go to zero.
1

Where the 2026 Rate Card Actually Charges You

You cannot negotiate a line you cannot decompose. AWS data transfer is not one price. It is at least seven distinct meters, and they stack on the same traffic.

Transfer path2026 list rateWhat buyers miss
Internet egress (DTO)$0.09/GB first 10 TB, $0.085 next 40 TB, $0.07 next 100 TB, $0.05 above 150 TB monthlyFirst 100 GB per month is free. Tiers reset monthly, so spiky traffic pays the top tier repeatedly.
Cross AZ traffic$0.01/GB in each directionBilled on both sides, so the effective rate is $0.02 per GB moved. Chatty microservices pay it constantly.
Inter region transfer$0.01 to $0.02/GB by region pairReplication and DR pipelines run it 24/7. It compounds silently.
NAT gateway processing$0.045/GB plus $0.045 per hour per gatewayStacks on top of DTO or inter region for the same gigabyte.
PrivateLink processing$0.01/GB standard, tiering to $0.004 at volume, plus $0.01 per hour per AZUsually 4x cheaper than routing the same traffic through NAT.
Gateway endpoints (S3, DynamoDB)$0.00Free, and still missing from a remarkable share of enterprise VPCs we review.
Origin to CloudFront$0.00AWS to CloudFront fetch is free, which is what makes CDN fronting a rate arbitrage.
List cost per GB by transfer path, 2026 $0.00 $0.03 $0.06 $0.09 USD per GB Internet egress, first tier $0.090 NAT gateway processing $0.045 stacks on DTO for the same gigabyte Cross AZ, both directions $0.020 Inter region, typical $0.020 CloudFront private, benchmark $0.020 PrivateLink processing $0.010 S3 gateway endpoint $0.000

Figure 1. List cost per GB by AWS transfer path, 2026 rate card. CloudFront private rate is an engagement file benchmark, not a published price.

Three mechanics on this card are routinely missed in contracts we review. First, the NAT toll stacks: a gigabyte exiting through a NAT gateway pays $0.045 processing plus the DTO tier rate.

Second, cross AZ is billed on both sides, so the real rate is $0.02 per GB moved. Third, DTO tiers reset monthly, which keeps seasonal traffic re entering the expensive first tiers.

2

The Negotiation Cycle: Who Controls the Calendar

AWS controls the renewal calendar, the reference prices, and the consumption data presentation. The buyer side framework flips each of those in a twelve week sequence run ahead of any EDP signature, renewal, or private pricing request.

Weeks 1 to 4

Baseline and decompose

Pull twelve months of Cost and Usage Report data. Split the transfer line by the seven paths in Section 1, by account, and by workload. Tag what is structural and what is waste.

Weeks 5 to 8

Re architect and market test

Execute the free and cheap path swaps: gateway endpoints, PrivateLink, CloudFront fronting. In parallel, price the same workloads on at least one credible alternative to build the BATNA file.

Weeks 9 to 12

Negotiate and paper

Take the post optimization baseline to AWS. Negotiate DTPP and CloudFront private pricing against it, land the five clauses from Section 5, and paper the side letter.

The order is the point. Buyers who negotiate first and optimize second hand AWS an inflated baseline, then spend the term underconsuming a commitment sized on traffic they since eliminated.

3

Build the Egress Baseline AWS Cannot Argue With

A verified baseline survives AWS scrutiny when it is built from the Cost and Usage Report at line item grain, not from Cost Explorer screenshots. CUR is the billing system of record. It lets you attribute every transfer dollar to a path, an account, and a workload owner.

Here is the benchmark estate we use to illustrate the method: a media and analytics business pushing 800 TB to the internet monthly (benchmark scenario, not a quote; the free 100 GB monthly tier is excluded as immaterial).

Transfer pathMonthly volumeRate basisMonthly cost
Internet egress (DTO)800 TBTiered $0.09 to $0.05$43,800
NAT gateway processing400 TB$0.045/GB$18,000
Cross AZ traffic500 TB$0.02/GB round trip$10,000
Inter region replication300 TB$0.02/GB$6,000
NAT gateway hours6 gateways$0.045/hour each$200
Total transfer line$78,000

That is $936,000 a year, and on the first pass AWS will frame it as the cost of doing business. The baseline work proves otherwise. Roughly 80 percent of the NAT processing in this estate is S3 bound traffic that a free gateway endpoint eliminates outright.

CloudFront fronting moves all 800 TB of DTO off the $0.09 ladder. The origin fetch is free, and committed CDN volume prices at a $0.02 blended benchmark under private pricing. Topology fixes halve the cross AZ chatter, and replication trimming cuts inter region volume by a third.

Transfer pathArchitecture moveNew monthly volumeNew monthly cost
Internet egress via CloudFrontCDN fronting, private pricing at $0.02 blended800 TB$16,000
NAT gateway processingGateway endpoints for S3 and DynamoDB traffic80 TB$3,600
Cross AZ trafficAZ affinity and topology aware routing250 TB$5,000
Inter region replicationFiltered replication, compression200 TB$4,000
NAT gateway hoursUnchanged6 gateways$200
Total transfer line$28,800
Benchmark estate: monthly transfer cost, current vs optimized $0K $10K $20K $30K $40K $50K $43.8K $16.0K Internet egress $18.0K $3.6K NAT processing $10.0K $5.0K Cross AZ $6.0K $4.0K Inter region Current After architecture moves 63% lower, before any discount

Figure 2. Benchmark estate monthly transfer cost by category. NAT gateway hours ($200) unchanged and omitted from bars. Benchmark scenario, not a quote.

63%
Transfer line reduction from architecture alone

From $78,000 to $28,800 monthly in the worked estate, before AWS concedes a single negotiated rate.

22 to 38%
Typical first pass reduction across real estates

The range we see across client engagements where the estate is messier than the worked example. Benchmark ranges: Redress Compliance advisory engagement file, 2024 to 2025.

4

Architecture Before Commitment: The Sequencing Trap

The standard reseller and account team advice is to sign a larger EDP and let the headline discount absorb the egress line. We disagree, and the engagement data is why. The EDP percentage discounts a rate card you can collapse architecturally first, and it creates a consumption obligation in the same stroke.

Here is the mechanic most buyers learn too late: data transfer spend draws down your EDP commitment. Cut egress 63 percent mid term, as the worked estate does, and the saved dollars reappear as commitment shortfall exposure at true up. Your own optimization becomes a penalty.

The buyer side sequence: optimize the paths first, let the post optimization run rate season for two or three billing cycles, then size the EDP commitment and request private pricing against the verified lower baseline. Never let an account team set the commit on the pre optimization number.

The architecture levers themselves are not exotic. Gateway endpoints for S3 and DynamoDB are free and remove the NAT toll. PrivateLink replaces NAT for service to service traffic at roughly a quarter of the processing rate. CloudFront fronting converts $0.09 tier DTO into CDN rates AWS will discount much more aggressively.

5

The Five Contract Clauses That Protect the Budget

Discounts decay; clauses persist. These five decide whether your commitment protects the budget across the term. None of them appear in AWS first draft paper.

ClauseWhat it must sayWhy it matters
1. Transfer rate lockA Data Transfer Private Pricing addendum with named per GB tiers that survive renewal and apply across all linked accounts.The EDP percentage is not a rate card. Without DTPP, the egress rates float at list underneath your discount.
2. Shortfall protectionCarryforward or true forward language if consumption falls short because of cost optimization, plus a no penalty band of at least 10 percent.Neutralizes the sequencing trap in Section 4. Optimization should never convert into a shortfall invoice.
3. Commit eligibilityData transfer, CloudFront, and marketplace spend count toward commitment drawdown at 100 percent.AWS has historically treated some categories asymmetrically. Every dollar you spend should retire a dollar of commit.
4. SKU stabilityNo reclassification or repricing of data transfer SKUs mid term; EU Data Act switching terms applied globally, not only to EU contracting entities.Locks the January 12, 2027 zero switching charge regime into your paper everywhere you operate.
5. Exit egress side letterPre agreed free or capped final migration egress, without requiring account closure, plus metering audit rights on transfer billing.The public free exit program requires moving everything and contacting AWS support. Your contract should not depend on a blog post.
6

Discount Benchmarks: Renewal and Exit Scenarios

These are the ranges we see when the instruments above are negotiated against a verified baseline. They come from buyer side engagements, not vendor collateral. Benchmark ranges: Redress Compliance advisory engagement file, 2024 to 2025.

ScenarioInstrumentDiscount off list transfer rates
Renewal, no competitive tensionEDP renewal as presented0 to 8 percent
EDP uplift applied to transfer lineStandard EDP percentage7 to 22 percent
Committed egress volumeData Transfer Private Pricing addendum20 to 55 percent
Committed CDN volume, 12 month termCloudFront private pricing40 to 70 percent
Full exit migrationFree exit egress program or Data Act terms100 percent (credited on exit)
Negotiated discount off list transfer rates, by scenario 0% 25% 50% 75% 100% Discount off list, percent Renewal, no tension 0 to 8% EDP applied to transfer 7 to 22% DTPP, committed volume 20 to 55% CloudFront private pricing 40 to 70% Full exit, egress credited 100% on exit

Figure 3. Discount ranges by scenario, matching the table above. Benchmark ranges: Redress Compliance advisory engagement file, 2024 to 2025.

Two reading notes. The DTPP and CloudFront ranges require committed monthly volume, typically with a 12 month floor, so they belong after the baseline work, not before. And the exit row is leverage even if you never use it: a credible, priced exit reframes every other row.

7

AWS Standard Tactics and the Buyer Side Counters

AWS tacticWhat it sounds likeThe counter
Discount misdirection"Your EDP discount already covers data transfer."The EDP percentage rides on list rates. Demand the DTPP addendum with named per GB tiers in writing.
Commit inflation"Lock a bigger commitment now and the egress problem goes away."Size the commit on the post optimization run rate, seasoned over two or three cycles. Never on the inflated baseline.
Growth gating"Private pricing is only for customers growing 20 percent plus."Private pricing follows volume and competitive tension, not growth. Bring the competitor quote to the table.
Calendar squeeze"This pricing expires at the end of our quarter."Start the cycle six months before renewal. A deadline only works on a buyer without a baseline and a BATNA.
Data control"Cost Explorer shows your transfer spend is in line with peers."Own the CUR based baseline and the audit rights. The party that controls the data controls the negotiation.
8

BATNA Construction and the Side Letter

Egress fees were designed as exit friction, and that design is now failing. Since March 2024 AWS has provided free data transfer out for customers leaving the platform, through credits arranged via AWS support for accounts moving all data off. The EU Data Act goes further: switching charges must be cost based today and disappear on January 12, 2027.

Be precise about what the public program is not. It is not a steady state multi cloud subsidy. It requires a full migration, an application to AWS, and it arrives as credits, not a rate change. As an operating lever it is nearly useless. As negotiation leverage it is excellent, because it prices your exit at zero.

The BATNA file should price your top egress driving workloads on at least one alternative: zero egress object storage providers, another hyperscaler with free switching terms, or a colocation plus CDN design. The point is not to move. The point is that AWS believes you can.

Side letter language we use (adapt with counsel): "Customer's data transfer out charges incurred in connection with a migration of workloads or data off AWS, in whole or in part, shall be waived or credited in full, without requirement of account closure. Data transfer rates in Exhibit [X] shall not increase during the term and any successor program shall apply automatically if more favorable. Customer may audit transfer metering records for any billing period on 30 days notice."

Pair the side letter with clause 4 from Section 5 so the Data Act regime applies globally. AWS contracting entities outside the EU have no obligation to extend it, which is exactly why you put it in the paper now, while it still reads as a concession.

Our recommendation: run the twelve week cycle before you sign anything. Decompose the transfer line from the CUR, execute the free path swaps, and only then negotiate DTPP and CloudFront private pricing against the lower, verified baseline with the five clauses and the exit side letter on the table.

  • If your renewal is more than six months out: start the baseline now and let the optimized run rate season. The 63 percent architecture saving in the worked estate required no negotiation at all.
  • If AWS paper is already in front of you: do not sign a commit sized on the current transfer line. Hold for shortfall protection and the DTPP addendum at minimum. A 30 day delay is cheaper than a three year mistake.

Redress Compliance is 100 percent buyer side, with 500+ enterprise clients and $2B+ under advisory. We are glad to tie a meaningful part of the fee to delivered value.

Prepared by Redress Complianceredresscompliance.com
Data center network cabling

Facing an AWS renewal or EDP decision?

Thirty minutes with a buyer side advisor. Your transfer baseline, our benchmark file, and the clause list ready before AWS calls.

Buyer side intelligence, monthly

One letter a month. Negotiation moves, audit signals, and price book shifts.