AWS innovates so quickly that even experienced users can be challenged leveraging and deploying all the AWS services. With new features, instances types, and service (Kinesis, Lambda, Aurora!) available, even experts lose track. That is where CloudCheckr can help. We automatically scan monitor, and review your architecture to see whether you are taking advantage of the newest features, and whether they are being used in the most advantageous way.
We check that Auto Scaling is properly configured, IAM best practices are being followed, and that resources are being properly utilized — along with 400 other configuration and usage items.
From our checks, we grabbed 5 little known – but commonly occurring – AWS usage issues. We have also provided information on why they are important and how you can alleviate the headaches that come with these issues
1. EC2 Instances Encountered Internal Error
EC2 instances can be impacted by internal errors including memory errors, operation system errors, failed EBS volumes, etc.
If an instance is affected by an internal error, it’s recommended that the user investigate the error and take appropriate actions to resolve the problem. This may include terminating the impacted instance and launching a replacement.
2. Auto Scaling Launch Configuration Referencing Invalid Security Group
When enabled, Auto Scaling will automatically scale EC2 capacity up or down, according to pre-defined conditions. During period of high-demand, the number of EC2 instances will increase to meet that demand. When there is little or no demand, the number of instances decreases to help minimize costs.
The Auto Scaling group’s launch configuration dictates the parameters used for launching new EC2 instances. The launch configuration can consist of instance types, security groups, image ID’s, and several other settings.
If the security groups being referenced within the launch configuration have been deleted, the Auto Scaling group will not be able to launch new EC2 instances. A new launch configuration will need to be created using active security groups, and the Auto Scaling group will need to be updated.
3. SES Domains and Email Addresses not Utilizing DKIM Signing
Simple Email Service (SES) is an outbound-only email-sending service, which provides sending statistics and built-in notifications for bounces, complaints, and deliveries.
SES supports DomainKeys Identified Mail (DKIM), which allows senders to sign their email messages and ISPs to use those signatures to verify that those messages are legitimate and have not been modified by a third party in transit. An email message that is sent using DKIM includes a DKIM-Signature, which an ISP can decode to ensure that the message is authentic. Without proper configuration of DKIM, senders risk having their emails blocked.
If DKIM is not setup on your email, it is highly recommended that you immediately configure it to help ensure the proper delivery of all your emails.
4. EC2 Instance Stopped Due to Scheduled Retirement
EC2 provides a virtual computing environment where instances can be launched using a wide variety of operating systems and configuration options. AWS users can run their custom applications on these instances, while maintaining full control over their security access.
AWS can periodically schedule specific events for your instances, including instance retirement. EC2 instances may be scheduled for retirement when there is an unrecoverable issue with the hardware on the underlying host. If an instance is stopped due to scheduled retirement, you simply need to restart the instance. The instance will start again, on new hardware, and function as expected.
5. Running RDS Micro Oracle DB Instances
The Relational Database Service (RDS) provides access to the capabilities of MySQL, Oracle, PostgreSQL, and Microsoft SQL Server database engines while taking care of much of the administrative tasks associated with each. Patches to the databases, as well as backups, are all handled automatically by AWS.
While Amazon offers a t1.micro Oracle DB Instance type, it is not recommended. The system resources on the micro instances do not meet the recommended configuration for Oracle, and no Oracle options are supported on micro instances.
It is recommended that t1.micro Oracle instances be used to test setup and connectivity only.
These are a few of the many issues CloudCheckr identifies and alerts upon on a daily basis. We automate discovery and make it easy to see and understand when something is not being used to its full potential. We also recommend ways to fix it!
If you want to see how easy we can make it for you to optimize your AWS performance, take a free test drive.