It can be challenging to optimize AWS resources across cost, performance, security and fault-tolerance, much less do it automatically. AWS Trusted Advisor is an online resource to help you do just that, by providing real time guidance to help you provision your resources following AWS best practices. In this session, we will go over how to safely automate these best practices using Amazon CloudWatch events and AWS Lambda along with samples for you to use.
AWS Personal Health Dashboard (PHD) provides alerts and remediation guidance when AWS is experiencing events that may impact your AWS environment. The AWS Health API, the underlying service powering PHD integrates with Amazon CloudWatch Events, enabling you to trigger AWS Lambda functions to define automated remediation actions. We will also introduce you to AWS Health tools, a community-based source of tools to automate remediation actions and customize Health alerts.
Come join us to see how you can implement automation of AWS best practice recommendations from Trusted Advisor and remediation from the AWS Health API on your AWS resources.
2. What to expect from this session:
• Learn about AWS Trusted Advisor best practices
• Get familiar with AWS Health and the Personal Health
Dashboard (PHD)
• Learn how to automate remediation actions and
customize Health alerts using AWS Lambda and
Amazon Cloudwatch events
6. So what is Trusted Advisor?
AWS Trusted Advisor (TA) provides best practices (or
checks) in four categories: cost optimization, security,
fault tolerance, and performance improvement.
Red (action recommended)
Yellow (investigation recommended)
Green (no problem detected)
7. AWS Trusted Advisor
Over 50 million recommendations
provided to AWS customers
resulted in $500M+ in cost savings
for users of Trusted Advisor
9. “We estimate an average 33 percent monthly savings on our total AWS spend.”
- Amit Vora, CTO for Hungama
How did Trusted Advisor help Hungama? It highlighted the
three following things:
• Underutilized EC2 Instances
• Amazon EC2 Reserved Instances
• Underutilized Amazon EBS Volumes
Case study – Hungama Digital Media
10. Let’s look at an example:
Low Utilization Amazon EC2 Instances
Warns when EC2 instances appear to be underused.
Alert Criteria
Yellow: An instance had 10% or less daily average CPU
utilization and 5 MB or less network I/O on at least 4 of the
previous 14 days.
Recommended Action
Consider stopping or terminating instances that have low
utilization.
12. Using Trusted Advisor as a web service
Poll a Trusted Advisor check for status changes
Request a Trusted Advisor check result
describeTrustedAdvisorCheckResult(checkResultRequest);
DescribeTrustedAdvisorCheckRefreshStatusesResult
.withCheckIds(java.util.Arrays.asList(checkId)));
14. With (not so) great automation come great risks
Production databases/instances could be considered idle.
- Low traffic period.
- Different system resource (e.g., memory) might be in
use.
15. Automation setup – safety first!
Tag resources subject to TA optimization
actions.
Create an IAM policy and role for the
Lambda function to use.
Setup up a Cloudwatch event rule to trigger
the Lambda function.
Setup the Lambda function to take actions
recommended by Trusted Advisor.
20. AWS Step Functions
AWS Step Functions
makes it easy to
coordinate the
components of
distributed applications
and microservices
using visual workflows.
22. Examples available in Github
https://github.com/aws/Trusted-Advisor-Tools
Trusted Advisor Best Practices
https://aws.amazon.com/premiumsupport/trustedadvisor/best-practices/
23. AWS Health and Personal Health
Dashboard (PHD)
AWS service health, notifications, and automation
24. PHD
Amazon
CloudWatch
Events
AWS Health and Personal Health Dashboard
Visibility and transparency
into your resources
Custom notifications and
automated actions
Remediation guidance
and knowledge articles
26. Increased transparency and visibility:
- Service Health Dashboard too generic
- Increased transparency into underlying infrastructure
- Remediation guidance for faster time-to-resolution
- AWS Health API for easy integration
- Custom notifications with predictable delivery
- Automated actions for auto-remediation
28. AWS Services and
resources you use
Personal Health
Dashboard
• describe-events
• describe-event-details
• describe-affected-entities
• …
API
• Set Rules to extract events of
interest
• Set Targets for rules (Amazon
SNS, Amazon SQS, AWS
Lambda, Amazon Kinesis)
Push notifications
through
CloudWatch
Events
Health
Service
In-house or
third-party
monitoring
and event
management
systems
29. Getting started with the Personal Health Dashboard
- From AWS Service Health Dashboard
- From AWS website
- From AWS Management Console navigation bar alert
30. Tools
• Automated actions in response to AWS Health events
• Open source, community driven
• Customized alerts in response to AWS Health events
32. AWS Health Slack Notifier
This tool can be used to post alerts to a Slack channel
when AWS Health events are generated by using AWS
Lambda and Amazon CloudWatch Events.
38. Stop or terminate EC2 instances with Instance
Store Drive Performance Degraded event:
The AWS Health AWS EC2 INSTANCE STORE DRIVE PERFORMANCE
DEGRADED event highlights that EC2 has detected a performance degradation of
one or more physical storage drives that backs the instance store volumes
41. AWS Health Issue: Amazon Cloudwatch event
trigger AWS CodePipeline disable stage
transition using AWS Lambda
You can automatically stop a deployment when an Amazon
EC2 issue occurs by disabling the stage transition in AWS
Code Pipeline in response to an AWS Health Issue
CloudWatch event.
47. Amazon EC2 Systems Manager
A set of capabilities that...
...enable automated configuration...
...and ongoing management of systems at scale...
...across all of your Windows and Linux workloads...
...running in Amazon EC2 or on-premises…
...at no charge; only pay for AWS resources you manage
48. Amazon EC2 Systems Manager
Run Command State Manager Inventory Maintenance Window
Patch Manager Automation Parameter Store
49. Conclusion
You can leverage AWS Trusted Advisor and AWS Health to
automate best practices and operational health.
The samples in the following open-source repos make it
easy:
https://github.com/aws/aws-health-tools
https://github.com/aws/Trusted-Advisor-Tools/