Which of the following is not a category recommendation given by the aws trusted advisor?
Show Hello and welcome to this lecture where I am going to be looking at AWS Trusted Advisor, explaining what it is and the different components that make up this service. Trusted Advisor plays an integral part in helping you to optimize your infrastructure across a number of key areas, allowing you to make decisions upon recommendations made by the service which follow and best practices that have been honed over the years by AWS. The service itself can be found within the AWS Management Console under the Management & Governance category, alongside services such as Amazon CloudWatch, Control Tower and Systems Manager. The main function of Trusted Advisor is to recommend improvements across your AWS account to help optimize and streamline your environment based on these AWS best practices. These recommendations cover 5 distinct categories:
Within each of these 5 categories, Trusted Advisor has a list of control points and checks to see how your account, resources and architecture is implemented to determine if you’re aligned with best practice. So it essentially acts as an automatic auditor across your account, which can save you money, increase the efficiency of your resources, maintain a tighter and more secure environment, help to ensure your resources remain operational should a failure occur and that you remain in line with your service limitations, allowing you to request an increase where possible. Between the 5 different categories and at the time of writing this course, there are over 115 different checks. Please note, that the number of these checks are constantly changing, so for the most up to date figures, please review the following link: https://aws.amazon.com/premiumsupport/technology/trusted-advisor/best-practice-checklist/ Although there are a lot of these checks that Trusted Advisor can perform, not all of them are freely available to anyone with an AWS account. The list of checks that you have access to is very dependent on the support agreement with hold with AWS. The full power and potential of AWS Trusted Advisor is only available if you have a Business or Enterprise Support Plan with AWS. Without either of these plans then you will only have access to 6 core checks in the security category and all the Service Limits The 6 checks within security are as follows:
At the time of writing this course, here are the available service limit checks. Now if you compare this to the full list of checks here: https://aws.amazon.com/premiumsupport/technology/trusted-advisor/best-practice-checklist/ ….that are included with Business and Enterprise support plans, you will see that the full checklist can provide a huge wealth of valuable information to help you optimise your infrastructure. In addition to these extra checks that these support plans offer, you will also get the additional benefit of being able to administer certain functions of Trusted Advisor, such as:
There are also a number of features that everyone has access to, including those outside of the Enterprise and Business support plans, these being:
For a full list of IAM permissions using the trustedadvisor namespace please see the following AWS reference: https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html
Before I finish this lecture I just want to give a high level overview of how Trusted Advisor works in a few simple steps:
AWS Trusted Advisor uses a service-linked IAM role to access you resources, named AWSTrustedAdvisorServiceRolePolicy. This is a predefined role created by AWS and allows the services to call other services on your behalf. The policy summary of this role is as shown here and helps to define which AWS services that Trusted Advisor communicates with. Please be aware that this list will change over time, so for an updated list please refer to the role within IAM to determine which services AWSTrustedAdvisorServiceRolePolicy has access to. About the Author Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation. To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance. Stuart is a member of the AWS Community Builders Program for his contributions towards AWS. He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape. In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community. Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages. Which of the following are categories of AWS Trusted Advisor?Trusted Advisor implements over 200 checks in five categories: cost optimization, performance, security, fault tolerance, and service limits.
Which recommendations are included in the AWS Trusted Advisor checks?AWS Trusted Advisor check reference. Amazon EBS Public Snapshots.. Amazon RDS Public Snapshots.. Amazon S3 Bucket Permissions.. IAM Use.. MFA on Root Account.. Security Groups – Specific Ports Unrestricted.. What are the five categories found in the AWS Trusted Advisor utility?One of those services is AWS Trusted Advisor, which provides real-time best practice guidance to help provision, monitor, and maintain AWS resources. These best practice recommendations span five categories: cost optimization, performance, security, fault tolerance, and service limits.
What are the four groups of checks conducted by AWS Trusted Advisor?Trusted Advisor provides checks across 4 other categories including Security, Performance, Fault Tolerance and Service Limits.
|