The scariest cloud bill is the one that looks right
AWS just showed customers trillion-dollar bills. The real exposure is the small metering error you can't see, on a consumption cost you can neither audit nor cap.
Last week some AWS customers opened their billing console and found they owed trillions of dollars. One account that had spent nineteen cents in June was projected to owe nearly $2.5 billion; another showed a month-over-month change of 55 trillion percent. AWS confirmed the cause as a unit-pricing defect in its estimated-billing subsystem, said actual charges were untouched, and everyone had a good laugh. Somewhere in the pipeline a gigabyte got read as a byte, a factor of a billion, and the numbers went to the moon.
The funny part is the safe part. A bill for $502 billion is self-refuting: nobody pays it, everybody files a ticket, the vendor ships a fix by morning. The failure I would actually worry about is the one that reads $612,000 when the real figure was $580,000, on infrastructure you cannot independently count. That bill draws no laugh and no ticket. It gets paid.
The meter became a business system when nobody was looking
For twenty years enterprise software was priced like a lease. You bought seats or a license, the number was fixed, and finance could forecast it a year out. The cloud replaced the lease with a meter, and the meter has been steadily eating your P&L ever since. Compute, storage, egress, per-request, per-token: the modern bill is the sum of billions of tiny metered events, computed by the vendor, on the vendor’s infrastructure, using the vendor’s counters.
That is a larger shift than it sounds. The number that used to be a line item you negotiated once a year is now the live output of a system you don’t own and can’t inspect. When your cost of goods sold is metered by someone else, their measurement pipeline is part of your financial controls whether you treat it that way or not. Most companies don’t. They take the dashboard as ground truth, the way you would trust a utility meter, and then build budgets, alerts, and board slides on top of a number they have never once reconciled against anything.
You cannot audit the number you run the business on
Here is the question I put to leadership teams and rarely get a clean answer to: how would you know if your cloud bill were wrong by five percent? Not wrong by a billion. Wrong by five percent, in the vendor’s favour, quietly, for a year.
Almost nobody can answer, because almost nobody keeps an independent count. The whole appeal of managed infrastructure is that you don’t run the meters; you consume the number. So the instrument you use to make seven-figure decisions is one you have no way to check. The AWS bug is useful precisely because it made that visible for one afternoon. Estimate and reality diverged by a factor of a billion, and the only reason anyone noticed is that a billion is absurd. Divergence by a factor of 1.05 carries no such alarm.
The meter fails open, toward revenue
There is a second asymmetry worth naming, and it isn’t an accident. The big clouds have never offered a real hard spending cap. You can set budgets and alarms, but they notify, they don’t stop, and they lag. AWS’s own reasoning is that a true cap could take down a production workload mid-spike, which is a fair point for a hospital and a terrible one for a student running a hobby project. The design is consistent either way: when something goes wrong, the meter keeps running. It fails open, in the direction of the vendor’s revenue, at exactly the moment your interests and theirs come apart.
That is the structural fact underneath the funny screenshots. A metered relationship is one where the party doing the counting profits from the count, has no real-time duty to stop, and shares its numbers with you as a courtesy display rather than an audited statement. It works almost all the time. It works right up until a unit conversion, a pricing change, or a runaway agent turns the courtesy display into a heart attack.
Why this gets worse before it gets better
If you think this is a cloud problem, look at where pricing is heading. AI is dragging the whole industry toward per-token, per-call, per-agent-action billing: more metered events, each smaller and more opaque, counted deeper inside the vendor. I have written about how the same model can cost ten times as much depending on cache behaviour you can barely see, and how someone is subsidizing your compute at a price that will not hold. Stack metering you can’t audit on top of pricing you can’t predict, and the finance function is now forecasting a P&L line built on a number it can neither verify nor cap.
There is an engineering lesson buried in the root cause too. Billing is the most deterministic thing in software. It is arithmetic on integers, and it still broke on a units error that a strong type would have caught at compile time. As the industry rushes to put probabilistic, agentic systems into every workflow, the counterpoint deserves stating plainly: some systems must stay boring. Ledgers, billing, entitlements, anything that touches money should be the most deterministic, most typed, most tested, least clever code you own. Know which of your systems are allowed to guess and which are not.
What I would actually do
Three things, none of them exotic.
Reconcile, don’t trust. Pull the vendor’s usage data into your own system and check it against counters you control: your own request logs, your own token counts, your own storage inventory. You don’t need a match to the penny. You need a tripwire that fires when their number and yours disagree by more than noise.
Own the kill switch. If the vendor won’t give you a hard cap, build the crude version yourself: budget alarms wired to automation that actually shuts things off, and assume the alarm arrives late. A control you don’t own is not a control.
Fence off the deterministic core. Draw an explicit line around the systems that compute money and keep them dumb, typed, and audited. That is exactly where the AI-everywhere mandate should stop.
None of this comes from distrusting your cloud provider. The point is narrower: you outsourced a P&L input to a system you can’t see into, and in doing so you gave up the one thing worth keeping, your own way of checking. The trillion-dollar bill was a gift. It showed you, for free and for one afternoon, how much you had been taking on faith.
If you are trying to work out which numbers your business runs on that nobody actually verifies, that is the kind of question I dig into in an AI advisory hour.