Introduction to AWS Trusted Advisor

Introduction to AWS Trusted Advisor

5 mins read919 Views Comment
clickHere
Updated on Feb 10, 2023 09:31 IST

AWS Trusted Advisor uses checks to evaluate your account. These checks look for ways to optimize your AWS infrastructure, enhance availability and efficiency, keep costs down, and keep track of service quotas.

2022_05_Kinesis-1.jpg

AWS Trusted Advisor inspects all of the resources in your AWS account and makes recommendations to improve them as per Amazon Web Services’ best practices.

When you first begin using AWS, it is relatively simple to keep track of what is running. However, as your account footprint expands, you may encounter sub-optimal cost management and performance scenarios that go unnoticed.

AWS Trusted Advisor configures AWS resources based on best practices: cost optimization, security, fault tolerance, and performance improvement.

But first, let’s go through the topics we will cover in this blog. In this post, I’ll go over the key features of AWS Trusted Advisor, such as:

  1. How does Trusted Advisor work?
  2. Trusted Advisor features
  3. Benefits of Trusted Advisor
  4. Trusted Advisor vs Inspector
  5. AWS Trusted Advisor cost optimization
  6. Trusted Advisor performance category
  7. AWS Trusted Advisor security category
  8. Trusted Advisor fault tolerance checks

How does Trusted Advisor work?

The Trusted Advisor works by scanning a company’s cloud infrastructure and provides recommendations based on best practices. You can divide the fundamental recommendations into three categories, such as:

  1. A green check indicates that there are no problems.
  2. A red exclamation mark is advised.
  3. An orange exclamation mark demonstrates that you should make specific changes after further investigation.
2022_05_AWS-trusted-advisor-1.jpg

Trusted Advisor features 

There are many features of Trusted Advisor, such as:

Recent Changes

On the console dashboard, you can view recent changes in check status. You can see the most recent changes at the top of the list to draw your attention.

Action Links 

On the console dashboard, you can view recent changes in check status. You can see the most recent changes at the top of the list to draw your attention.

Refresh

By clicking the Refresh All button in the top-right corner of the summary dashboard, you can refresh individual checks or all checks at once. (Note: You can refresh a check every 5 minutes.)

Must Explore – What is a cloud architect?

Access Management

You can use this feature (AWS Identity and Access Management (IAM)) to restrict specific checks or check categories access.

Exclude Items

Items can be excluded from the check result if they are irrelevant. The excluded items appear separately, and you can restore them at any time.

Benefits of Trusted Advisor 

There are many benefits of using Advisor, such as:

Fault Tolerance

Advisor provides suggestions that improve your applications’ resilience by highlighting health issues, missing backups, and redundancy gaps.

Protection

Users can harden their AWS services against intruders by enabling various security features with the help of AWS Trusted Advisor.

Performance 

Advisor recommendations include checking your service limits and monitoring instances to improve the overall performance of your applications and cloud infrastructure.

Cost Optimization

Advisor recommendations can reduce expenses by highlighting idle resources or committing reserved resources.

AWS Trusted Advisor vs Inspector

There are many differences between AWS Trusted Advisor and Inspector, such as:

AWS Trusted Advisor AWS Inspector
Agent-less Agent-based
Premium support Free-tier
EC2 configuration AWS account and Administration
Scheduled Real-time recommendation
No impact on performance Increases performance

AWS Trusted Advisor cost optimization

There are many cost checks that a Trusted Advisor performs, such as:

  1. Less consumption of EC2 Instances: Advisor examines any EC2 instances running in the last 14 days and using less than 10% of their CPU capacity or having network I/O of less than 5MB.
  2. Idle Load Balancer: AWS Trusted Advisor checks for load balancers that are idle or not in use.
  3. Underutilized EBS Volumes: Trusted Advisor examines volume configurations and reports underutilized volumes.
  4. Lambda Errors: Looks for Lambda functions with high error rates, leading to higher costs.
  5. Lambda Timeouts: Looks for Lambda functions with excessive timeout rates, which could result in significantly higher costs.

AWS Trusted Advisor performance category

There are many performance checks that a Trusted Advisor performs, such as:

  1. Excessive instance rules: Trusted Advisor looks for EC2 instances with a high number of security group rules.
  2. High utilization EC2 Instances: Trusted Advisor looks for EC2 instances that have exceeded 90% CPU utilization for four days in the last 14 days.
  3. Route 53 alias record sets: Trusted Advisor looks for resource record sets. You can transform these sets into alias record sets.
  4. Overused EBS Magnetic Volumes: Trusted Advisor searches for EBS magnetic volumes that could benefit from a more efficient configuration.
  5. Cloudfront substitute domain names: Trusted Advisor looks for CNAMES with incorrect DNS settings.

AWS Trusted Advisor security category

There are many security checks that a Trusted Advisor performs, such as:

  1. RDS Security Group access risk: Trusted Advisor describes the limit of database access granted by security groups.
  2. Amazon EBS Public Snapshots: Trusted Advisor examines the permissions of your EBS volume snapshots and alerts you if they are set to public.
  3. Amazon Route 53 MX: Trusted Advisor looks for a valid SPF record in the record sets.
  4. AWS CloudTrail Logging: Trusted Advisor examines your CloudTrail usage.
  5. ELB Security Groups: Trusted Advisor looks for missing security groups or configurations that allow access to ports not associated with the ELB.

Trusted Advisor fault tolerance checks

There are many fault tolerance checks that a Trusted Advisor performs, such as:

  1. Route 53 Failover: Trusted Advisor checks for poorly configured failover resource record sets.
  2. EBS Snapshots: Trusted Advisor looks for the age of your EBS volume snapshots
  3. Amazon Aurora DB instance accessibility: Trusted Advisor searches for Aurora DB clusters with both public and private instances.
  4. VPN Tunnel Redundancy: Trusted Advisor determines how many tunnels are configured for your VPNs.
  5. Autoscaling Group Resources: Trusted Advisor checks the availability of resources defined in the autoscaling group launch configuration.

Conclusion

If you want to learn more about AWS resources or services, you can refer to the following articles:

Amazon Virtual Private Cloud (VPC)
Amazon Virtual Private Cloud (VPC)
Amazon Virtual Private Cloud (Amazon VPC) allows you to launch AWS resources into a predefined virtual network. This virtual network closely resembles a traditional network that you would run in...read more
AWS Command Line Interface (CLI)
AWS Command Line Interface (CLI)
The AWS Command Line Interface (CLI) tool allows developers to control Amazon public cloud services by typing commands on a specific line.

Recently completed any professional course/certification from the market? Tell us what liked or disliked in the course for more curated content.

Click here to submit its review with Shiksha Online.

FAQs

What types of items does the trusted Advisor examine?

Using AWS Trusted Advisor, you can examine many services, such as auto-scaling EC2 groups, deleted health checks on Route 53, etc.

How frequently does AWS Trusted Advisor refresh the checks?

AWS Trusted Advisor regularly refreshes checks without user intervention, but the interval can vary greatly.

What are the five AWS Trusted Advisor utility categories?

The AWS Trusted Advisor utility provides various services, such as cost optimization, performance, security, fault tolerance, and service limits.

About the Author

This is a collection of insightful articles from domain experts in the fields of Cloud Computing, DevOps, AWS, Data Science, Machine Learning, AI, and Natural Language Processing. The range of topics caters to upski... Read Full Bio

Comments