Skip to content

Trusted Advisor

AWS Trusted Advisor is a tool designed to help AWS customers optimize their cloud environments. It provides real-time guidance on improving the performance, security, cost efficiency, fault tolerance, and service limits of AWS resources.

Key Features

1. Best Practices Checks

Trusted Advisor evaluates your AWS environment against a set of best practices in five categories: - Cost Optimization: Identify underutilized or idle resources to reduce costs. - Performance: Improve the performance of your applications. - Security: Enhance security by identifying vulnerabilities or misconfigurations. - Fault Tolerance: Increase system availability and reduce downtime. - Service Limits: Monitor usage to prevent service interruptions caused by resource limits.

2. Personalized Recommendations

Trusted Advisor provides tailored recommendations based on your AWS environment, enabling proactive management of resources.

3. Actionable Insights

Each recommendation includes detailed steps to resolve the identified issues, making it easy to implement best practices.

4. Integration with AWS Services

  • AWS Organizations: Centralized management for multi-account environments.
  • AWS Support Plans: Access to additional checks and features with Business or Enterprise Support plans.
  • Amazon CloudWatch: Set up alarms for specific Trusted Advisor metrics.

5. Automated Notifications

Receive regular updates and notifications about your environment’s health.

Core Checks

Cost Optimization

  • Identify idle or underutilized EC2 instances, EBS volumes, and load balancers.
  • Recommend reserved instance purchases for cost savings.

Performance

  • Monitor high-utilization EC2 instances and recommend scaling or upgrading.
  • Evaluate Auto Scaling configurations for efficiency.

Security

  • Highlight open access permissions in security groups.
  • Identify exposed IAM access keys.
  • Ensure MFA (Multi-Factor Authentication) is enabled for root accounts.

Fault Tolerance

  • Detect Amazon RDS backups not configured.
  • Identify instances running on single Availability Zones.

Service Limits

  • Track usage against AWS service limits to avoid disruptions.
  • Recommend actions to stay within limits or request increases.

Accessing Trusted Advisor

AWS Management Console

  1. Log in to the AWS Management Console.
  2. Navigate to Trusted Advisor from the “AWS Management & Governance” section.
  3. Select a category to view specific checks and recommendations.

API and SDK Access

  • Use the AWS Support API to programmatically retrieve Trusted Advisor check results.

Available Checks Based on Support Plan

Category Free Tier Business & Enterprise
Cost Optimization Basic Full
Performance Limited Full
Security Limited Full
Fault Tolerance Limited Full
Service Limits Basic Full

Common Use Cases

  1. Cost Reduction

  2. Identify unused resources like idle EC2 instances and unused EBS volumes to reduce costs.

  3. Improved Security

  4. Address misconfigured security groups or unused IAM credentials to strengthen security.

  5. Enhanced Performance

  6. Ensure application performance by scaling under-provisioned resources.

  7. Avoiding Downtime

  8. Proactively monitor service limits to avoid disruptions caused by exceeded quotas.

Best Practices

  1. Regular Monitoring

  2. Set up a schedule to review Trusted Advisor recommendations regularly.

  3. Integrate with Automation Tools

  4. Use AWS Lambda or other automation tools to act on Trusted Advisor findings.

  5. Enable Notifications

  6. Set up CloudWatch alarms to notify you about critical checks.

  7. Leverage AWS Organizations

  8. Use Trusted Advisor for centralized management in multi-account setups.

Limitations

  1. Some advanced checks require Business or Enterprise Support plans.
  2. Trusted Advisor does not provide deep analytics for custom applications.

For more details, visit the AWS Trusted Advisor Documentation.