AWS Trusted Advisor: You Can Trust It!

AWS has served hundreds of thousands of customers and gained deep experience in the cloud. AWS Trusted Advisor bundles the entirety of this know-how, uses it to monitor the AWS environment, and will recommend improvements for AWS cost optimization, security, fault tolerance, and performance. There are many ways to leverage Trusted Advisor, and we sense that not enough of you are taking advantage of this great tool.

Trusted Advisor scans an organization’s cloud infrastructure and provides recommendations based on the defined best practices. The recommendations can be grouped into three categories

*No problem detected

*Investigation recommended

*Action recommended

Whether you are planning to migrate to the cloud or to set up a new cloud application, Trusted Advisor’s recommendations can help optimize your cloud infrastructure. For example, if you are planning to set up a new RDS instance and receive a notification from AWS Trusted Advisor that two of 15 RDS instances have been idle for more than 30 days, you can investigate and plan to utilize one of the idle instances rather than introducing a new one. This saves costs for your organization.

Trusted Advisor Checks

Trusted Advisor offers a large selection of checks that can be performed on various services. The checks can be grouped into four categories

*Cost Optimization

 Recommendations that can reduce expenses by highlighting idle resources or by committing reserved resources.

 

Example 

Idle Load Balancers flags load balancers that are either not connected to any back-end instances or handling extremely low traffic.

*Security

Recommendations that can harden your AWS services against intruders by enabling various security features.

Example

MFA on Root Account checks if multi-factor authentication (MFA) has been enabled on a root account. AWS strongly recommends enabling MFA on root accounts to enhance security.

*Fault Tolerance

suggestions that enhance the resilience of your applications by highlighting health issues, missing backups, and redundancy shortfalls.

Example

Amazon RDS Multi-AZ checks if the DB instance has been deployed in a single availability zone. In such a scenario, a DB failure will cause an outage because of a lack of high availability. Alternatively, a high-availability setup resumes operating from the standby database without any disruption to the business.

*Performance

suggestions that can increase the overall performance of your applications and cloud infrastructure by checking your service limits and monitoring instances.

Example

High Utilization Amazon EC2 Instances checks the CPU utilization during the previous two weeks and sends alerts if daily utilization exceeded 90% for more than three days. Consistently high utilization can lead to application performance issues.

There are six core Trusted Advisor checks, which are provided to customers free of charge. The remaining premium checks can be implemented by upgrading to business or enterprise support plans. The six core checks fall under the following security and performance categories

*Performance

Service Limits

*Security

Security Groups – Specific Ports Unrestricted

IAM Use

MFA on Root Access

EBS Public Snapshots

RDS Public Snapshots

Recent Trusted Advisor Announcements

Amazon has two exciting new announcements for Trusted Advisor that allow the user to be even more proactive and take automated actions to optimize their AWS environment. First, Amazon has added a Service Limit Dashboard in which the user can view and export limit data.  Second, a user can monitor service limits with a new feature in which Trusted Advisor will publish metrics to CloudWatch. With this feature, you can create an alarm to inform you of the most current utilization and limit data for the service limit checks. These metrics can be viewed within Cloudwatch for Business and Enterprise customers.

There are many reasons for moving from traditional data centers to a cloud model. High elasticity, agility, and low startup costs are the primary reasons that have attracted numerous organizations to embrace a cloud architecture. With time and the involvement of multiple teams, however, reigning in costs for AWS accounts becomes a challenge. AWS Trusted Advisor offers automatic insights on your AWS resources and can help you take appropriate action. Although enterprise and business support involves additional fees, Trusted Advisor usually provides impressive cost savings, added security, and a highly resilient setup.