Lalit's Cloud & DevOps notes

Trusted Advisor

3 min read

AWS Trusted Advisor — A service that provides real-time guidance to help you provision your resources following AWS best practices.

Overview

Trusted Advisor analyzes your AWS environment and provides recommendations for cost optimization, security, performance, and more.

Key Insight: Trusted Advisor is like an AWS expert that continuously reviews your account and suggests improvements — helping you save money, improve security, and follow best practices.

Core Trusted Advisor Concepts

ConceptDescriptionKey Point
CheckSpecific analysis of your AWS resourcesCategorized by type
RecommendationActionable advice from a checkPriority levels
StatusCurrent state (warning, error, OK)Indicates urgency
RefreshUpdate check resultsManual or scheduled

Trusted Advisor Categories

1. Cost Optimization

CheckDescription
Idle EC2 InstancesEC2 running with low CPU utilization
Unattached EBS VolumesEBS volumes not attached to any instance
Elastic IPsUnattached Elastic IPs (costing money)
Load Balancer OptimizationUnderutilized load balancers
Reserved Instance CoverageOpportunities for RIs
Cost Optimization Hub (2025)16 new checks from Cost Optimization Hub

2. Security

CheckDescription
Security Groups - Open PortsPorts open to 0.0.0.0/0
IAM UseMFA on root account, IAM users
Bucket PermissionsS3 buckets with open access
CloudTrail LoggingCloudTrail enabled or not

3. Performance

CheckDescription
Over-utilized EC2Instances near CPU/memory limits
Load Balancer OptimizationConfigure optimal settings
Auto ScalingScaling group recommendations

4. Fault Tolerance

CheckDescription
EBS SnapshotsEBS volumes without snapshots
AZ BalanceResources not distributed across AZs
Auto ScalingAuto scaling group availability

5. Service Limits

CheckDescription
Usage Near LimitApproaching service quota limits
Limit IncreaseRequest limit increases easily

How Trusted Advisor Works

flowchart TD
    subgraph Resources["Your AWS Resources"]
        EC2["EC2"]
        S3["S3"]
        IAM["IAM"]
        RDS["RDS"]
    end

    Checks["Trusted Advisor checks resources"]
    Categorize["Categorize findings<br/>Cost | Security | Performance | Fault Tolerance | Service Limits"]
    Recommend["Generate actionable recommendations"]
    Priority["Assign priority level<br/>Low | Medium | High"]

    EC2 --> Checks
    S3 --> Checks
    IAM --> Checks
    RDS --> Checks

    Checks --> Categorize --> Recommend
    Recommend --> Priority

Priority Levels

LevelColorMeaning
High Priority🔴 RedCritical issues (security risks, major savings)
Medium Priority🟡 YellowIssues that should be addressed
Low Priority⚪ NoneNice to have improvements

Key Features

FeatureCoreBusinessEnterprise
Core Checks777
Total Checks7100+200+
Refresh Interval3 daysOn-demandOn-demand
API Access
Notification Support

Core Checks = Available to all AWS accounts at no cost.

Use Cases

Use CaseDescription
Cost ReductionFind idle resources, buy RIs, optimize services
Security HardeningClose open ports, enable MFA, secure S3
PerformanceRight-size instances, optimize load balancers
ComplianceEnsure resources follow best practices
Capacity PlanningMonitor service limits, avoid throttling

Pricing

Support PlanPriceChecks Included
Basic SupportFree7 core checks only
Business Support$29/month minimum100+ checks, notifications
Enterprise SupportTiered pricing200+ checks, API access, dedicated TAM

Recent Enhancement (June 2025): Integration with Cost Optimization Hub — 16 new checks for cost optimization.

⚠️ Pricing Disclaimer: AWS Support pricing is subject to change. Always verify current pricing at the official AWS Support pricing page.

Trusted Advisor vs Other AWS Services

ServiceFocusComplementarity
Trusted AdvisorBest practice recommendationsGeneral guidance
ConfigConfiguration complianceSpecific rules
Security HubSecurity findingsSecurity-specific
Compute OptimizerRight-sizing recommendationsEC2/EBS specific

TL;DR

  • Trusted Advisor = AWS best practice recommendations
  • Categories = Cost Optimization, Security, Performance, Fault Tolerance, Service Limits
  • Core Checks = 7 checks available to everyone (free)
  • Enhanced Checks = 100+ checks with Business/Enterprise support
  • Pricing = Core free; Enhanced requires Business ($29/month) or Enterprise support
  • Recent Update = Cost Optimization Hub integration with 16 new checks (June 2025)
  • Use Cases = Cost reduction, security hardening, performance optimization

Resources

AWS Trusted Advisor Documentation Complete Trusted Advisor user guide.

Trusted Advisor Console View your recommendations.

Trusted Advisor Change Log Recent updates and new checks.

AWS Support Plans | Support plan pricing and benefits.

Graph View

Backlinks