Skip to content
/ Trusted-Advisor-Remediator Public
forked from benlec/Trusted-Advisor-Remediator

The sample functions provided help to automate AWS Trusted Advisor best practices using Amazon Cloudwatch events and AWS Lambda.

License

Apache-2.0 license
0 stars 114 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

joflacam/Trusted-Advisor-Remediator

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

112 Commits
.github
.github
 
 
AmazonEBSPublicSnapshots
AmazonEBSPublicSnapshots
 
 
AmazonEBSSnapshots
AmazonEBSSnapshots
 
 
AmazonRDSIdleDBInstances
AmazonRDSIdleDBInstances
 
 
AmazonRDSPublicSnapshots
AmazonRDSPublicSnapshots
 
 
ExposedAccessKeys
ExposedAccessKeys
 
 
HighUtilizationEC2Instances
HighUtilizationEC2Instances
 
 
LowUtilizationEC2Instances
LowUtilizationEC2Instances
 
 
S3BucketVersioning
S3BucketVersioning
 
 
SecurityGroupsSpecificPortsUnrestricted
SecurityGroupsSpecificPortsUnrestricted
 
 
UnassociatedElasticIPAddresses
UnassociatedElasticIPAddresses
 
 
images
images
 
 
.gitignore
.gitignore
 
 
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Trusted Advisor Tools

Overview

AWS Trusted Advisor provides real time guidance to help users provision their resources following AWS best practices. You can now create configurable, rule-based events for automated actions based on AWS Trusted Advisor’s library of best-practice checks using Amazon CloudWatch Events. The sample functions provided help to automate Trusted Advisor best practices using Amazon Cloudwatch events and AWS Lambda or SSM Automation.

Logic

Architecture

Setup and Usage

Setup and usage instructions are present for each tool in its respective directory:

Check Type Check Name Comment
Cost Optimization Underutilized Amazon EBS Volumes
Cost Optimization Low Utilization Amazon EC2 Instances
Cost Optimization Unassociated Elastic IP Addresses
Cost Optimization Idle Load Balancers
Cost Optimization Amazon RDS Idle DB Instances
Cost Optimization Underutilized Amazon Redshift Clusters
Cost Optimization Amazon EC2 Reserved Instances Optimization
Cost Optimization Amazon EC2 Reserved Instance Lease Expiration
Cost Optimization Amazon Route 53 Latency Resource Record Sets
Fault Tolerance Amazon EBS Snapshots
Fault Tolerance Amazon RDS Backups
Fault Tolerance Amazon EC2 Availability Zone Balance
Fault Tolerance EC2Config Service for EC2 Windows Instances
Fault Tolerance PV Driver Version for EC2 Windows Instances
Fault Tolerance Amazon S3 Bucket Logging
Fault Tolerance Amazon S3 Bucket Versioning
Fault Tolerance Auto Scaling Group Health Check
Fault Tolerance ELB Connection Draining
Fault Tolerance Amazon RDS Multi-AZ
Fault Tolerance VPN Tunnel Redundancy
Fault Tolerance ELB Cross-Zone Load Balancing
Fault Tolerance Load Balancer Optimization 
Fault Tolerance ENA Driver Version for EC2 Windows Instances
Fault Tolerance NVMe Driver Version for EC2 Windows Instances
Fault Tolerance Amazon Route 53 Name Server Delegations
Fault Tolerance AWS Direct Connect Location Redundancy
Fault Tolerance AWS Direct Connect Virtual Interface Redundancy
Fault Tolerance Amazon Route 53 Deleted Health Checks
Fault Tolerance Amazon Route 53 Failover Resource Record Sets
Fault Tolerance Amazon Aurora DB Instance Accessibility
Fault Tolerance AWS Direct Connect Connection Redundancy
Fault Tolerance Auto Scaling Group Resources
Fault Tolerance Amazon Route 53 High TTL Resource Record Sets
Performance CloudFront Alternate Domain Names
Performance Large Number of EC2 Security Group Rules Applied to an Instance
Performance Large Number of Rules in an EC2 Security Group
Performance Amazon Route 53 Alias Resource Record Sets
Performance Service Limits
Performance CloudFront Header Forwarding and Cache Hit Ratio
Performance Amazon EBS Provisioned IOPS (SSD) Volume Attachment Configuration
Performance CloudFront Content Delivery Optimization
Performance Overutilized Amazon EBS Magnetic Volumes
Performance High Utilization Amazon EC2 Instances
Performance Amazon EC2 to EBS Throughput Optimization
Security Security Groups - Unrestricted Access
Security AWS CloudTrail Logging
Security Security Groups - Specific Ports Unrestricted
Security IAM Access Key Rotation
Security IAM Password Policy
Security Amazon S3 Bucket Permissions
Security ELB Listener Security
Security CloudFront SSL Certificate on the Origin Server
Security ELB Security Groups
Security Amazon Route 53 MX Resource Record Sets and Sender Policy Framework
Security IAM Use
Security MFA on Root Account
Security Exposed Access Keys
Security Amazon RDS Security Group Access Risk
Security Amazon EBS Public Snapshots
Security Amazon RDS Public Snapshots
Security CloudFront Custom SSL Certificates in the IAM Certificate Store

More information about Trusted Advisor is available here: https://aws.amazon.com/premiumsupport/trustedadvisor/

About

The sample functions provided help to automate AWS Trusted Advisor best practices using Amazon Cloudwatch events and AWS Lambda.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 69.4%
  • JavaScript 30.6%