AWS Trusted Advisor: You Can Trust It!

AWS Trusted Advisor - what is it and can you trust it?Since its introduction in 2006, AWS has served hundreds of thousands of customers and gained deep experience in the cloud. AWS Trusted Advisor bundles the entirety of this know-how, uses it to monitor the AWS environment and will recommend improvements for cost optimization, security, fault tolerance, and performance. There are many ways to leverage Trusted Advisor, and our sense is that not enough of you are taking advantage of this great tool.

 

The diagram below describes how Trusted Advisor scans an organization’s cloud infrastructure and provides recommendations based on the defined best practices. The recommendations can be grouped into three categories:

  1. No problem detected—a green check;
  2. Investigation recommended—an orange exclamation mark;
  3. Action recommended—a red exclamation mark.

Amazon Trusted Advisor Diagram

How AWS Trusted Advisor helps organizations optimize their cloud infrastructure. Source: AWS.

 

Whether you are planning to migrate to the cloud or to set up a new cloud application, Trusted Advisor’s recommendations can help optimize your cloud infrastructure. For example, if you are planning to set up a new RDS instance and receive a notification from AWS Trusted Advisor that two of 15 RDS instances have been idle for more than 30 days, you can investigate and plan to utilize one of the idle instances rather than introducing a new one. This saves costs for your organization.

 

Trusted Advisor Checks

Trusted Advisor offers a large selection of checks that can be performed on various services. The checks can be grouped into four categories:

1. Cost Optimization—recommendations that can reduce expenses by highlighting idle resources or by committing reserved resources.

Example: Idle Load Balancers flags load balancers which are either not connected to any back-end instances or handling extremely low traffic.

2. Security—recommendations that can harden your AWS services against intruders by enabling various security features.

Example: MFA on Root Account checks if multi-factor authentication (MFA) has been enabled on a root account. AWS strongly recommends enabling MFA on root accounts to enhance security.

3. Fault Tolerance—suggestions that enhance the resilience of your applications by highlighting health issues, missing backups, and redundancy shortfalls.

Example: Amazon RDS Multi-AZ checks if the DB instance has been deployed in a single availability zone. In such a scenario, a DB failure will cause an outage because of a lack of high availability. Alternatively, a high-availability setup resumes operating from the standby database without any disruption to the business.

4. Performance—suggestions that can increase the overall performance of your applications and cloud infrastructure by checking your service limits and monitoring instances.

Example: High Utilization Amazon EC2 Instances checks the CPU utilization during the previous two weeks and sends alerts if daily utilization exceeded 90% for more than three days. Consistently high utilization can lead to application performance issues.

There are six core Trusted Advisor checks, which are provided to customers free of charge. The remaining premium checks can be implemented by upgrading to business or enterprise support plans. The six core checks fall under the following security and performance categories:

  • Performance
    • Service Limits
  • Security
    • Security Groups – Specific Ports Unrestricted
    • IAM Use
    • MFA on Root Access
    • EBS Public Snapshots
    • RDS Public Snapshots

 

Recent Trusted Advisor Announcements

Amazon has two exciting new announcements for Trusted Advisor that allow the user to be even more proactive and take automated actions to optimize their AWS environment. First, Amazon has added a Service Limit Dashboard in which the user can view and export limit data.  Second, a user can monitor service limits with a new feature in which Trusted Advisor will publish metrics to CloudWatch. With this feature, you can create an alarm to inform you of the most current utilization and limit data for the service limit checks. These metrics can be viewed within Cloudwatch for Business and Enterprise customers.

 

Case Study

Hungama Digital Media Entertainment Pvt. Ltd. used Trusted Advisor to perform cost optimization audits on Amazon EC2 instances and Amazon EBS volumes in the company’s environment. The results exceeded expectations and helped Hungama save money.

  • Some of the EC2 instances were significantly over-provisioned and, therefore, underutilized. Also, some of the test servers were never shut down after completion of special projects. Following these findings, the test servers were automatically shut down during lean hours and the over-provisioned servers were adjusted to a more efficient size.
  • Checks on EBS volumes yielded similar findings that identified underutilized EBS volumes used for test projects. As part of the optimization exercise, many volumes were deleted and snapshots were saved on Amazon S3.

Final Note

There are many reasons for moving from traditional data centers to a cloud model. High elasticity, agility, and low startup costs are the primary reasons that have attracted numerous organizations to embrace a cloud architecture. With time and the involvement of multiple teams, however, reigning in costs for AWS accounts becomes a challenge. AWS Trusted Advisor offers automatic insights on your AWS resources and can help you take appropriate action. Although enterprise and business support involves additional fees, Trusted Advisor usually provides impressive cost savings, added security, and a highly resilient setup.

 

Take Further Control Over Your Cloud Costs

The AWS cloud can be extremely cost-effective as long as you have the right tools in place. Try Cloud Protection Manager for free in order to automate your backup and recovery for EC2 instances, EBS volumes, RDS, Redshift, and Aurora clusters. By extending and enhancing native Amazon snapshots, Cloud Protection Manager offers the most efficient backup available.

Share this post →

You might also like: