Optimize Your AWS Resource Usage with Trusted Advisor

Ensure your services are being used in an optimal manner.

Anyone who has ever spent any time working with Amazon Web Service (AWS) knows that it's a complex environment. AWS provides layers upon layers of services, which, if not configured correctly, can result in operational inefficiency and unnecessary costs. Fortunately, AWS provides a tool called the Trusted Advisor that can help you make sure your AWS services are being used in an optimal manner.

Personally, I think that the Trusted Advisor is an excellent tool. It can help administrators make their AWS resources run more smoothly, it can improve security and it has the potential to save AWS subscribers a lot of money in the process.

By default, AWS subscribers only receive a subset of the Trusted Advisor's functionality. This core functionality can be used for providing security checks and for seeing how resource usage compares to service limits that may have been set. If you want to take advantage of the tool's full functionality, you have to sign up for a business or enterprise support plan. In case you're wondering, the full Trusted Advisor benefits package includes access to numerous cost and performance checks that you can't get otherwise, plus automated notifications, and programmatic access. You can find all of the details online.

So with that said, let's take a look at how the Trusted Advisor works. You can launch the Trusted Advisor by clicking on the Trusted Advisor link within the list of AWS Services (it's found in the Management Tools section). Upon doing so, you'll be taken to the Trusted Advisor dashboard, which you can see in Figure 1.

[Click on image for larger view.] Figure 1. The Trusted Advisor dashboard.

As you look at Figure 1, you can see that the upper portion of the dashboard contains a series of icons for things such as Cost Optimization, Performance and Security. Normally, a series of icons beneath each one of these categories reflects the current state. For example, in Figure 1 you can see a green checkmark icon corresponding to the Security category. The number four next to this icon indicates that there have been four successful security checks, and that no action is needed for these particular items.

You can also see a red exclamation point icon with the number two, shown in the Security section. This is the dashboard's way of telling you that there are two security items that need attention. You can see an example of one of these items at the bottom of the figure. In this case, there are specific ports that are unrestricted.

One of the things that you probably notice is that most of the status icons are black and have the number zero next to them. In some cases, this is simply because there's nothing to report. In the case of the Security category, for instance, there are no warnings to report, so the triangle icon with the exclamation point in the middle is shown in black. Had security warnings existed, this icon would've been shown in yellow.

In other cases, icons are shown in black because I don't have an enterprise or business subscription. For example, a basic AWS subscription doesn't provide any cost optimization data, so the cost optimization icons are shown in black.

If you're curious as to what the dashboard might look like if you have a business or enterprise support plan, then check out Figure 2. This figure is actually a screen capture taken from the AWS documentation, but I wanted to include it, because it shows what you might expect to see in a production environment. Notice how the Cost Optimization section actually tells you how much money you could save each month, and provides guidance on how to achieve those savings.

[Click on image for larger view.] Figure 2. This is what Trusted Advisor looks like when all of its features are enabled.

One of the other things that you'll probably notice about Figure 1 is the console tree in the upper-left portion of the dashboard. Clicking on items such as Performance or Security provide you with a more granular view of those particular categories. You can see the Security screen in Figure 3.

[Click on image for larger view.] Figure 3. This is what the Security page looks like.

For the most part, the individual category pages show the same basic information as the dashboard screen. The main advantage to examining categories individually is that you can reduce the clutter by looking only at issues related to specific categories.

As you work with the Trusted Advisor, there will probably be some issues that you want to resolve. Any of the issues that are reported can be expanded simply by clicking on the black triangle icon on the left side of the issue. For example, in Figure 3, I've expanded the issue shown at the bottom of the screen. In doing so, AWS provides helpful information on how to resolve the issue. Once you've resolved an issue, you should click the refresh button in the upper-right portion of the interface. This will allow AWS to recheck the issue, and confirm its resolution.

About the Author

Brien Posey is a 22-time Microsoft MVP with decades of IT experience. As a freelance writer, Posey has written thousands of articles and contributed to several dozen books on a wide variety of IT topics. Prior to going freelance, Posey was a CIO for a national chain of hospitals and health care facilities. He has also served as a network administrator for some of the country's largest insurance companies and for the Department of Defense at Fort Knox. In addition to his continued work in IT, Posey has spent the last several years actively training as a commercial scientist-astronaut candidate in preparation to fly on a mission to study polar mesospheric clouds from space. You can follow his spaceflight training on his Web site.


Subscribe on YouTube