Bring Your Own Licence (BYOL) on AWS allows organisations to use existing on-premises software licences on EC2 instances, avoiding the per-hour licence fees embedded in AWS-provided AMIs. For software products like Windows Server, SQL Server, Oracle Database, and Red Hat Enterprise Linux — all of which carry substantial AWS-bundled licence costs — BYOL can deliver 30–80% savings on the software cost component of EC2 instances.
But BYOL introduces significant complexity. Each major software vendor has specific licensing rules for cloud deployment — and those rules are not always consistent with the way AWS presents BYOL as a straightforward option. This article is part of our AWS Enterprise Negotiation Guide and covers AWS License Manager as the operational tool for managing BYOL, alongside the commercial and compliance dimensions that make BYOL optimisation a specialist discipline.
For the broader context of BYOL across AWS, Azure, and GCP, see our cloud BYOL guide, which covers the major vendor-specific rules in detail.
SQL Server BYOL on EC2 (using existing SQL Server Enterprise licences with Software Assurance) delivers the most dramatic BYOL savings — AWS-provided SQL Server Enterprise on a db.r6i.2xlarge RDS instance costs approximately $2.80/hour in licence fees alone. BYOL eliminates this, reducing the effective cost to EC2 infrastructure charges only. At 730 hours/month, that is $2,044/month per instance in licence cost avoidance.
What Is AWS License Manager?
AWS License Manager is a free AWS service that helps organisations manage software licences across AWS and on-premises environments. It provides a central inventory of licence entitlements, tracks actual usage against those entitlements, and enforces licence rules to prevent non-compliance before it occurs.
License Manager integrates with EC2, Systems Manager, and AWS Organizations to provide fleet-wide licence visibility. It supports both AWS-provided licences (which appear automatically) and self-managed licences (BYOL entitlements you define manually from your existing agreements).
Core License Manager Capabilities
| Capability | What It Does | Value to BYOL Programmes |
|---|---|---|
| Licence configuration | Define licence rules (count limits, vCPU/core restrictions, tenancy requirements) | Enforce licence boundaries automatically |
| Licence tracking | Count deployed instances consuming a licence type | Prevent over-deployment before audit exposure |
| AMI controls | Associate licence requirements with AMIs to enforce on launch | Prevent unlicensed deployments at the source |
| Licence inventory | Discover software installations across EC2 and on-premises (via Systems Manager) | Identify BYOL candidates and unused licences |
| Marketplace integration | Manage licences purchased via AWS Marketplace | Unified view of BYOL + Marketplace entitlements |
| Cross-account visibility | Aggregate licence data across AWS Organizations member accounts | Organisation-wide BYOL compliance monitoring |
BYOL Eligibility by Software Vendor
Not all software licences are eligible for BYOL on AWS, and the rules vary significantly by vendor. Understanding eligibility before building a BYOL programme is essential — deploying software under BYOL claims that are not actually permitted by the vendor's licensing terms creates audit exposure that can exceed the savings.
Microsoft
Microsoft is the most complex BYOL vendor for AWS. The key rules are:
Windows Server: BYOL for Windows Server on EC2 requires Software Assurance (SA) and activation through Azure Hybrid Benefit equivalence — but on AWS specifically, this is handled through dedicated hosts or dedicated instances. Windows Server BYOL is not permitted on shared (multi-tenant) EC2 instances. AWS provides dedicated hosts specifically for Windows Server BYOL, which carries a host fee but eliminates per-instance Windows licence charges.
SQL Server: SQL Server BYOL on EC2 is permitted with active SA coverage. SQL Server can be deployed on dedicated hosts, dedicated instances, or shared instances — the tenancy restriction that applies to Windows Server does not apply to SQL Server. This makes SQL Server one of the highest-value BYOL opportunities on AWS.
Azure Hybrid Benefit vs AWS BYOL: Note that Azure Hybrid Benefit (AHB) applies to Azure only — it cannot be used for AWS deployments. AWS and Microsoft have separate BYOL arrangements, and Microsoft's licensing terms for cloud require careful reading to confirm which benefits apply to which hyperscaler. Our Azure Hybrid Benefit guide covers the Azure-specific picture in detail.
Oracle
Oracle's BYOL rules for AWS are among the most restrictive in the industry. Oracle requires that all physical cores on the underlying host are licensed if Oracle's Processor Licence metric is used — AWS's shared tenancy model means that the number of cores you must licence is the full physical server capacity, not just the vCPUs allocated to your instances. This makes Oracle BYOL on standard EC2 instances economically unviable for most deployments.
The only compliant path for Oracle BYOL on AWS is through Dedicated Hosts, where you have a physical server allocated exclusively to your account. Even then, Oracle requires all cores on that dedicated host to be licenced. See our detailed cloud BYOL guide — the Oracle section covers the 10 golden rules in full.
Red Hat Enterprise Linux (RHEL)
Red Hat supports BYOL on AWS through its Cloud Access programme. Subscribers with active RHEL subscriptions can transfer those subscriptions to AWS instances through the Red Hat Cloud Access portal, replacing the per-hour RHEL licence embedded in AWS's RHEL AMIs. This can save $0.06–$0.14/hour per instance depending on instance size and RHEL subscription tier.
Other Vendors
Many enterprise software vendors — including IBM, SAP, and Citrix — have cloud-specific licensing terms that affect BYOL eligibility and measurement. Before implementing BYOL for any software product, obtain a written confirmation from the vendor that your planned deployment scenario is compliant. Verbal assurances are insufficient; vendor audit teams operate from the written licence agreement, not from sales rep conversations.
Setting Up AWS License Manager for BYOL
Implementing License Manager for BYOL programmes involves three phases: inventory, configuration, and enforcement.
Phase 1: Licence Inventory
Use AWS Systems Manager Inventory to discover all software installations across your EC2 fleet. This identifies instances already running BYOL-eligible software and instances running software you may not be aware of. Cross-reference the discovery output against your licence entitlement records to establish a baseline compliance position.
Phase 2: Licence Configuration
Create licence configurations in License Manager for each BYOL product in scope. A licence configuration defines the licence count limit (how many instances or vCPUs can consume the licence), the metric (vCPUs, instances, cores), and enforcement rules (hard limit that blocks deployment, or soft limit that alerts only).
Phase 3: AMI and Launch Template Association
Associate licence configurations with the AMIs used to launch BYOL instances. This ensures that any launch from a BYOL AMI automatically increments the licence counter and is blocked if the hard limit is reached. For Windows Server BYOL specifically, associate the licence configuration with your dedicated host allocation.
BYOL Cost Savings Model: SQL Server Example
SQL Server Enterprise on AWS provides one of the clearest BYOL value cases. Consider an organisation running 10 SQL Server Enterprise instances on r6i.2xlarge (8 vCPU, 64 GiB) in us-east-1.
| Scenario | EC2 Compute (on-demand) | SQL Server Licence | Monthly Total (10 instances) |
|---|---|---|---|
| AWS-provided SQL SE | $0.504/hr × 730 = $368 | $0.68/hr × 730 = $496 | $8,640 |
| AWS-provided SQL EE | $0.504/hr × 730 = $368 | $2.80/hr × 730 = $2,044 | $24,120 |
| BYOL SQL EE (with SA) | $0.504/hr × 730 = $368 | $0 (BYOL) | $3,680 |
| BYOL SQL EE + 1-yr RI | ~$0.32/hr × 730 = $234 | $0 (BYOL) | $2,340 |
For 10 instances migrating from AWS-provided SQL Server Enterprise to BYOL with Reserved Instance pricing, the annual saving is approximately $260K. For organisations with 50+ SQL Server instances, this represents a seven-figure annual saving opportunity from a single BYOL programme.
BYOL Compliance Risks and How to Mitigate Them
The compliance risks of poorly managed BYOL are significant. Software vendors — particularly Oracle and Microsoft — conduct licence audits that specifically include cloud deployments. An audit finding that your BYOL deployment does not meet the vendor's cloud licensing requirements can result in claims for additional licence purchases, back-support charges, and penalties.
The primary risk vectors in BYOL programmes are auto-scaling (instances being launched without licence accounting), incorrect tenancy (shared instances where dedicated instances are required), and stale licence records (instances running after the licences were re-assigned on-premises).
AWS License Manager's hard limit enforcement addresses the auto-scaling risk: no additional BYOL instances can launch once the configured limit is reached. Tenancy enforcement is handled through dedicated host reservations and AMI controls. Stale licence records require a quarterly reconciliation process — comparing License Manager's deployed count against your current licence entitlement records from your software asset management system.
For organisations managing complex BYOL programmes across multiple vendors, working with a specialist advisory firm that understands both the AWS technical implementation and the vendor-specific licence rules significantly reduces audit risk. See our rankings of the best AWS negotiation consulting firms for specialist advisory options.
Interaction with Azure Hybrid Benefit and Other Cloud BYOL Programmes
Many enterprise organisations run hybrid or multi-cloud environments with BYOL on both AWS and Azure. An important constraint: the same licence unit generally cannot be used simultaneously across multiple platforms. If a Windows Server licence is deployed on AWS via BYOL, the same licence unit cannot concurrently be used on Azure under Azure Hybrid Benefit.
Managing cross-cloud BYOL allocation requires central licence position management — typically within your SAM (Software Asset Management) tool — that tracks which licence units are deployed where. License Manager provides AWS-side visibility, but the cross-platform coordination requires a centralised ITAM/SAM process. Our cloud BYOL guide covers the multi-cloud coordination requirements in detail.
Need Help Implementing a BYOL Programme on AWS?
Our specialist advisory partners combine AWS technical expertise with deep knowledge of vendor licensing rules — the combination required to implement BYOL without creating audit exposure.
Get Expert Help →10 Tactics for BYOL Optimisation on AWS
Frequently Asked Questions
Is AWS License Manager free?
Yes. AWS License Manager is a free service — there are no charges for License Manager itself. You pay only for the AWS resources (EC2 instances, Systems Manager) that License Manager manages.
Can I use the same licence for BYOL on AWS and Azure simultaneously?
Generally no. Most software vendor licence agreements prohibit using the same licence unit simultaneously across multiple platforms. Multi-cloud BYOL requires sufficient licence units to cover all deployments across all clouds, and your SAM tool must track cross-platform allocation.
What happens if my auto-scaling group launches more BYOL instances than my licence entitlement?
If you have configured hard limits in License Manager, auto-scaling launches that would exceed the limit are blocked. Without hard limits, over-deployment can occur silently. Always use hard limits for BYOL configurations to prevent compliance exposure.
Does Oracle BYOL work on regular EC2 instances?
Oracle's licensing terms require all physical cores on the underlying host to be licensed when using Processor metric licences — making BYOL on shared EC2 instances extremely expensive or non-compliant. Compliant Oracle BYOL on AWS requires Dedicated Hosts, and even then requires all cores on the dedicated host to be licensed.