OpenClaw on AWS Lightsail: Cost Breakdown and Configuration Lessons
OpenClaw on AWS Lightsail Configuration and Costs
A developer attempted to build a personal assistant bot called "Belvedere" using OpenClaw on AWS Lightsail with Claude Sonnet 4.6 via Bedrock. The setup involved two Lightsail instances (medium_3_0, 4GB, $40/mo each) running the openclaw_ls_1_0 blueprint in us-east-1, aiming to manage family calendars, school logistics, travel booking, and morning briefings via Telegram.
What Worked
The system successfully pulled JetBlue fares via headless Chromium, cross-referenced work calendars against family commitments, and flagged scheduling conflicts. It connected to Google Calendar via gogcli, read Gmail via himalaya (read-only), and pulled credentials from 1Password.
What Didn't Work
- Sandbox Issues: The Lightsail blueprint ships with sandbox mode set to "all," which broke gog, himalaya, op CLI, and cron jobs. The undocumented fix was changing sandbox mode to "non-main" (valid values are "all", "non-main", and "off").
- Cron Problems: Morning briefing cron jobs ran inside sandbox containers without access to host binaries or the gateway websocket, causing failures and inconsistent execution times (sometimes firing on UTC instead of ET).
- Permission Issues: Basic commands like
npm install -g openclaw@latestfailed without sudo due to root-owned global npm directories. - Setup Hurdles: Bedrock First Time User form required submission both via webform and CLI, with 3-4 hour delays between attempts.
- Token Management: The gateway auth token embedded in systemd service files rotated frequently, requiring frequent
--accept-latestlogin checks.
Cost Breakdown
The AWS bill for one week totaled $98.31:
- Bedrock (Claude Sonnet 4.6): $69.61
- Lightsail: $8.17
- Other (WAF, Route53, EC2): $20.53
$64 of the Bedrock bill came from a single heavy setup day with 567 invocations, each carrying 10-15K tokens of context. The system prompt (AGENTS.md alone is 8KB, plus SOUL.md, USER.md, and memory files) gets sent on every API call. With 30-minute heartbeat polling, that's ~48 calls/day just for heartbeats.
Recommendations
- Skip Lightsail entirely in favor of a $5 VPS on Hetzner or DigitalOcean with the Anthropic API directly (~$20-35/month at this usage level).
- Change sandbox to "non-main" or "off" immediately instead of the default "all."
- Trim AGENTS.md from the default 8KB boilerplate that ships with every API call.
- Reduce heartbeat frequency from 30 minutes to 1-2 hours for personal bots.
- Set timezone explicitly everywhere since OpenClaw and cron don't always agree on "local time."
📖 Read the full source: r/openclaw
👀 See Also
OpenClaw user struggles with AI agent automation after successful Claude Code pipeline
A marketing agency owner successfully created an image recreation pipeline using Claude Code in one hour, but encountered problems when trying to teach the same process to an AI agent in OpenClaw running on Gemini 3.1 Pro, with issues including bad reasoning, slow responses, and incorrect outputs.
Developer Switches from Specs to Proposals for Parallel Claude Code Sessions
A developer shares a workflow using proposals instead of specs when running 5-10 Claude Code sessions in parallel, addressing the problem of AI generating technically correct but contextually wrong code from detailed specifications.
Claude Code vs Codex: A Builder's Workflow Split
A developer shares practical split: Claude Code for focused repo work with clean diffs, Codex for messy cross-tool tasks involving browser, docs, and app testing.
Practical lessons from automating LinkedIn outreach with OpenClaw
A developer shares hard-won lessons from three weeks of automating LinkedIn outreach with OpenClaw, covering LinkedIn's automation detection, account warm-up periods, ICP scoring with intent signals, rate limiting nuances, and conversation flow design.