AWS Trusted Advisor is your personal cloud expert! It helps you to provide best practices for AWS by inspecting your AWS environment with a motto toward saving money, improving system performance and reliability, and closing security gaps to protect.
In this post, I am going to cover the essential things about AWS Trusted Advisor such as:
- What it can do!
- How does it work?
- Best practices to perform at no charge.
- Its Features and Functionalities.
- AWS Trusted Advisor Explorer vs. AWS Systems Manager Explorer.
What is AWS Trusted Advisor?
AWS Trusted Advisor is an AWS tool that provides you with real-time assistance to help you provision your resources following AWS best practices. It checks to help optimize your AWS infrastructure, provide better security and performance, reduce your overall costs, and also monitor service limits. Whether you want to develop applications, or as part of ongoing improvement, Always take advantage of the recommendations provided by Trusted Advisor it helps keep your solutions provisioned optimally.
How does it Work?
The Trusted Advisor scans an organization’s cloud infrastructure and provides recommendations based on the defined best practices. The basic recommendations can be grouped into three categories:
- No problem detected—a green check.
- The investigation recommended—an orange exclamation mark.
- Action recommended—a red exclamation mark.
If you are planning to migrate to the AWS cloud or to set up a new cloud application, Trusted Advisor’s recommendations can help you to optimize your cloud infrastructure. For example, if you are planning to set up a new RDS instance and receive a notification from AWS Trusted Advisor that two of 15 RDS instances have been idle for more than 30 days, you can investigate and plan to utilize one of the idle instances rather than introducing a new one. This saves costs for your organization.
Also Check: What Are The Roles and Responsibilities Of an AWS Certified Solutions Architect.
Trusted Advisor offers a list of control points for each of these 4 areas, and it examines how your account, resources, and architecture are put in place to see if you’re in line with best practices. It essentially serves as an automatic auditor for your account, which can help you save money, improve the use of your resources, maintain a tighter and more secure environment, ensure that your resources will still be usable in the event of a failure, and ensure that you stay within the bounds of your service agreement, allowing you to ask for an increase when appropriate.
AWS Trusted Advisor Check a large section of services which can be grouped into four categories:
- Cost Optimization—recommendations provided by Trusted Advisor can reduce expenses by highlighting idle resources or by committing reserved resources.
- Security—With the help of AWS Trusted Advisor users can harden their AWS services against intruders by enabling various security features.
- Fault Tolerance—suggestions that enhance the resilience of your applications by highlighting health issues, missing backups, and redundancy shortfalls.
- Performance—recommendations that can increase the overall performance of your applications and cloud infrastructure by checking your service limits and monitoring instances.
Best Practices Of AWS Trusted Advisor At No Charge
The following Trusted Advisor checks are now available to all AWS users:
- Service Limits Check – This check inspects your usage with regard to the most important service limits for each AWS product. It alerts you when you are using more than 80% of your allocation resources such as EC2 instances and EBS volumes.
- Security Groups – Specific Ports Unrestricted Check – This check will look for and notify you of overly permissive access to your EC2 instances and help you to avoid malicious activities such as hacking, denial-of-service attacks, and loss of data.
- IAM Use Check – This check alerts you if you are using account-level credentials to control access to your AWS resources instead of following security best practices by creating users, groups, and roles to control access to the resources.
- MFA on Root Account Check – This check recommends the use of multi-factor authentication (MFA), to improve security by requiring additional authentication data from a secondary device.
Check Also: Free AWS Training and Certifications
Features and Functionalities
AWS Trusted Advisor provides many features for you to customize recommendations and proactively monitor your AWS resources.
Recent Changes (Available with Business or Enterprise-level Support Plan)
You can track recent changes in check status on the console dashboard. The most recent changes appear at the top of the list to bring them to your attention.
Exclude Items
The “exclude items” feature allows you to customize the Trusted Advisor report. You can exclude items from the check result if they are not relevant; the excluded items appear separately, and you can restore (include) them at any time.
Action Links (beta)
You can track recent changes in check status on the console dashboard. The most recent changes appear at the top of the list to bring them to your attention.
Access Management
You can use AWS Identity and Access Management (IAM) to control access to specific checks or check categories.
Refresh
AWS Trusted Advisor Explorer vs. AWS Systems Manager Explorer
AWS announced on May 4 that AWS Systems Manager Explorer will provide a multi-account summary of Trusted Advisor checks. There are a few differences between the services:
- The performance, security, and reliability checks from AWS Trusted Advisor will all be combined by Systems Manager Explorer. AWS Trusted Advisor Explorer will aggregate only cost optimization suggestions after the examination.
- Systems Manager Explorer is accessible across the greatest number of regions, but AWS Advisor Explorer is only accessible across a select number of regions (AWS advises choosing the US-East region), as it depends on a number of services that are not present across all regions.
- Since AWS Trusted Advisor Explorer is a CloudFormation template that customers can change, it can offer more flexibility. Additionally, it enables us to use custom dashboards, resource tags, and third-party visualisation tools, as well as data searches via AWS Athena (SQL style). In order to produce custom reports and dashboards using pre-set widgets as specified by AWS, AWS Systems Manager Explorer allows queries via AWS API.
Related Links/References
- Overview of Amazon Web Services & Concepts
- How to create a free tier account in AWS
- AWS Management Console Walkthrough
- AWS Certified DevOps Engineer Professional DOP-C02
- AWS Certified Solutions Architect Associate SAA-C03 Exam
Next Task For You
Begin your journey towards becoming an AWS Certified DevOps Engineer Professional by checking our FREE CLASS. Click on the below image to register for our FREE CLASS.
Leave a Reply