AWS resource analyse with AWS Trusted Advisor
Today from small start-up companies to enterprise level companies are started using cloud computing . The main goal for most of the organization is reduce cost and using cloud benefits . By putting your on-premise resources into cloud its not 100% cost benefit.Again there are many factors behind this . The below 3 are very important factors
1. How you are architecture the new environment in AWS.If the design is well , definitely you can reduce the cost.
2. How you use the AWS resource effectively to run your business.
3. Security
Now lets look into the point 2 and 3 . So how can we ensure application using the resource effectively or you are using the correct AWS resouces to run your application and save cost.Beside the cost obviously the performance of application is very important.For production live environment most of the time we can not sacrifice the performance for cost saving . At the same time over provision of the resources is not good practice. Yes you are getting performance but you are paying more.
Regarding security you have to keep update the necessary settings to make the environment is secure
Now this could be the big task how to compare or get confirm I am using the correct AWS resouces to run the applications and environment is secure.There are many third party tools Cloud Health,Cloud Chekr ,Marketplace products and AWS native service “Trusted Advisor” available.
AWS Trusted Advisor
Inspects your AWS environment and makes recommendations when opportunities exist to save money, improve system performance and reliability, or help close security gaps. The concern factor is important Trusted Advisor checks are only available to customers with Business Support and Enterprise Support, though some are available to all AWS customers
For each check, you can review a detailed description of the recommended best practice, a set of alert criteria, guidelines for action, and a list of useful resources on the topic.
- Cost Optimization
- Fault Tolerance
- Service Limits
- Security
- Performance
Seven Trusted Advisor checks are available to all AWS customers to help improve security and performance: Service Limits, S3 Bucket Permissions, Security Groups – Specific Ports Unrestricted, IAM Use, MFA on Root Account, EBS Public Snapshots, and RDS Public Snapshots.
The status of the check is shown by using color coding on the dashboard page
- Red: action recommended
- Yellow: investigation recommended
- Green: no problem detected
Each time you visit the AWS Trusted Advisor console, any checks that haven’t been refreshed in the last 24 hours are automatically refreshed, which can take a few minutes. If you make changes to your infrastructure based on Trusted Advisor’s recommendations, you can refresh the checks again manually by choosing the refresh arrows in the upper-right corner of the dashboard. If you’d like to refresh a specific check, choose the refresh arrows next to the name of that check.
You can use the AWS Trusted Advisor console, or you can automate report retrieval by using the AWS Support API (available for Business Support or Enterprise Support customers), the AWS SDKs, or the AWS Command Line Interface
The advantage is you can download the report in many supported format with all details .
For Example you can view the cost optimization option like below
In Security section you can get mostly all related with Security group ,IAM user ,roles ,Route 53 etc . Few are available for all the customers.
For more detailed information please refer the useful AWS link.
https://aws.amazon.com/premiumsupport/trustedadvisor/best-practices/
Summary
Obviously its good choice to use customers who having a Business or Enterprise support plan. They can easily get all in one suit with no additional pay . No need to plan for any additional tool specially for this. Since its support API can integrate with other tools and modification is easily possible Moreover you can get live support from AWS .
For medium and small customers still they can use few of free services and can by other products like cloudhealth,cloudcheckr ,WORKX etc . Infact these tools can provide additional many features like Monitoring,Assert management ,cost and security management and so many features. The advantage here is you can manage other cloud platform also in one place.