Amazon Web Services is a great cloud platform for small companies and startups, as well as large enterprises. AWS has an amazing array of services that cover all the infrastructure requirements for running all types of computational work. AWS is also extremely scalable and configurable, making it the right type of environment for small and new companies that don’t quite know the dimensions of their future growth and the attendant increase in their IT infrastructure requirements.
While AWS offers a superb and economical Infrastructure-as-a-Service (IaaS) platform that lets you provision vast amounts of infrastructure components and services at the click of a button, many users, especially those who are new to AWS, often don’t understand how to harness AWS’s capabilities to capture the maximum benefit for their organizations.
They also aren’t aware of the security and cost implications of running applications and storing data in the AWS cloud. Often, companies are surprised to find that their costs are much higher than they had originally envisaged, because they were unaware of how AWS billing works.
This guide summarizes the common pitfalls when you work with AWS, and how to work proactively so as to prevent major issues when you’re ramping up your usage of AWS services. For more information about getting started with AWS, be sure to check out Cloud Academy’s AWS Fundamentals Learning Path.
1. Reduce Your Exposure to Outages
AWS is extremely reliable, but it’s not perfect –there have been well publicized outages where companies found that one of the Amazon data centers on which they happened to be storing their data experienced a major network issue, resulting in lost business and goodwill.
By using a simple strategy of spreading your workload across multiple data centers within an AWS region through AWS’s Availability Zones, you reduce your risk of outages. Not only that, you also get to load balance your workload across multiple servers.
Use horizontal partitioning to implement redundancy at each tier of an application. This involves running a minimum of two instances of each application tier. In order to make horizontal planning even more robust, you must place the redundant instances in different availability zones to avoid application failures and downtime due to data center failures, which are all but inevitable over the long run.
2. Avoid Problems through Efficient Monitoring
It’s always better to catch problems before they develop into full-blown crises. A lot of new AWS users don’t take advantage of AWS’s CloudWatch service. CloudWatch can monitor various AWS resources such as EC2 instances, EBS volumes, and others. CloudWatch doesn’t cost you a thing for certain types of monitoring, while it’s pretty inexpensive for others.
Treat monitoring as important as application design, and integrate rigorous monitoring into your application right from the outset. Proactively avoiding disasters is far better than constantly fighting fires!
3. Set Up Proper Alerts
You can set up alerts to you via E-mail, SMS, and HTTP with the Simple Notification Service (SNS). You can also hook CloudWatch up with SNS so that you can get all alerts from CloudWatch delivered directly to you.
In order to use SNS, you must create the service within your AWS account, so it can start sending you notifications.
4. Prevent Waste through a Continuous Utilization Review
It’s amazing how many AWS users fail to stay on top of their resource usage. Many users end up underusing and even not taking advantage of the AWS resources they paid for. AWS keeps billing you for the resources that you’ve requested from it, regardless of whether you’re fully using those resources or not.
Here are some strategies to prevent wasting your AWS resources and cutting your spending on AWS services:
- Use AWS EC2 reserved instances to cut the computing costs of your applications.
- Diligently review your AWS bills to ensure that you’re unwittingly “using,” and hence getting billed for resources or applications you aren’t aware of.
- During application design, take care that you can add or remove resources from these applications so as to maintain a high resource utilization rate.
- Use either AWS’s Trusted Advisor service or a commercial resource utilization and cost tracking service to help you control your AWS costs.
5. Avoid Over-Provisioning of Resources by Taking Advantage of Elasticity
It’s extremely easy to add AWS instances and other components of the AWS infrastructure such as load balancers. Every piece of infrastructure you add on adds to your bill. It’s smarter to take advantage of AWS’s built-in elasticity features such as auto-scaling.
In order to reduce the workload of your operations groups, use AWS’s Auto Scaling groups so Amazon takes care of dynamically scaling your resource pools.
Remember that organizations waste fully 80 percent of the processing capacity available through their pool of EC instances. You end up paying for the unused capacity, of course. EC2 is the largest component of total AWS spending for the vast majority of AWS users. Therefore, it helps to pay close attention to how you’re using EC2 instances and ensure that you optimize your usage of these resources.
6. Adopt the Most Suitable EC2 Pricing Model
As mentioned earlier, EC2 is in most cases the largest component of your total AWS expenses. EC2 has different pricing models: On-demand, reserved, and spot pricing.
Reserved instances are cheaper than on-demand instances, and instances acquired through spot pricing are the cheapest. Roughly three quarters of EC2 usage is through on-demand instances, with spot-price based instances forming less than 10% of the total instances in use. You can save more than 50-60 percent of total EC2 billing volume through smart planning.
Most companies are leery of committing to reserved instances. However, if you’re planning to use a set of EC2 instances for longer than 3 months, you’re better off reserving the instances. Spot instances are where AWS lets you bid for its unused resources. You can reduce total costs significantly through the spot pricing model, especially to take care of spikes in business demand. There’s no real drawback to a spot pricing oriented strategy since you can always get the regular on-demand instances if you can’t successfully bid for the spot instances.
7. Don’t Ignore the Services in the “Other” Category
Typically, the services listed under the “Other “category in the AWS itemized bills account for anywhere between 15-20% of the total spending on AWS services. While this seems small compared to what companies usually spend on the EC2 service (typically about 60-65 percent), these services, which include SQS and SNS, can add up to a sizable amount at the end of the user,
You must monitor your usage of the services in the “Other” category with the same diligence with which you track EC2 instance usage.
8. Don’t Leave the Lights On
New users are often beguiled by the ease with which they can commission new instances in AWS. A byproduct of this is the fact that often organizations don’t keep track of how many instances they’ve started up and how many unneeded instances are running, adding to the AWS bill.
AWS is fully transparent regarding its charges. However, AWS has so many services that it’s hard to keep track of all the resources you’ve contracted for. Make sure you have a system in place that checks for unused instances and ensures that they’re turned off when your applications finish using the instances.
9. Don’t Overdo the EBS Snapshots
Newcomers are often leery about losing their data in the cloud environment and hence create too many EBS (Elastic Block Store) snapshots. Over a period of time, the accumulated snapshots, while they do very little to protect your data, do add significantly to your storage costs.
Create a sensible EBS snapshot strategy at the outset, and ensure you create only a moderate amount of them. While we’re on the topic of EBS, it may be worth noting that about a sixth of all EBS volumes aren’t attached to instances – but you do keep paying for the unattached volumes!
10. Secure your AWS System
Regardless of how good your applications are, you’re extremely vulnerable in the cloud without an iron-clad security strategy. You can start off with a strong security strategy by making sure your system is patched with all available updates so you’re protected against known security vulnerabilities.
Tighten access to your AWS account, so as to protect your AWS resources from accidental or intentional damage. You must also ensure that you control all network traffic to and from your Amazon EC2 instances. Make sure you take advantage of Amazon’s Private VPN (Virtual Private Network) capability to create subnets in your network so that unauthorized outsiders can’t break into your systems from the internet.
That’s it! Follow these 10 basic steps when you start out with AWS in order to fully realize the potential of your investment in AWS as your cloud platform of choice.
By following the simple guidelines presented here, you minimize your spending on AWS services. You’ll also be on your way to securing your network from intruders as well as security bugs. Finally, your system will be pretty much immune to outages due to various types of system failures.
AWS Security: Bastion Host, NAT instances and VPC Peering
Effective security requires close control over your data and resources. Bastion hosts, NAT instances, and VPC peering can help you secure your AWS infrastructure. Welcome to part four of my AWS Security overview. In part three, we looked at network security at the subnet level. This ti...
Top 13 Amazon Virtual Private Cloud (VPC) Best Practices
Amazon Virtual Private Cloud (VPC) brings a host of advantages to the table, including static private IP addresses, Elastic Network Interfaces, secure bastion host setup, DHCP options, Advanced Network Access Control, predictable internal IP ranges, VPN connectivity, movement of interna...
Big Changes to the AWS Certification Exams
With AWS re:Invent 2019 just around the corner, we can expect some early announcements to trickle through with upcoming features and services. However, AWS has just announced some big changes to their certification exams. So what’s changing and what’s new? There is a brand NEW ...
New on Cloud Academy: ITIL® 4, Microsoft 365 Tenant, Jenkins, TOGAF® 9.1, and more
At Cloud Academy, we're always striving to make improvements to our training platform. Based on your feedback, we released some new features to help make it easier for you to continue studying. These new features allow you to: Remove content from “Continue Studying” section Disc...
AWS Security Groups: Instance Level Security
Instance security requires that you fully understand AWS security groups, along with patching responsibility, key pairs, and various tenancy options. As a precursor to this post, you should have a thorough understanding of the AWS Shared Responsibility Model before moving onto discussi...
Cloud Migration Risks & Benefits
If you’re like most businesses, you already have at least one workload running in the cloud. However, that doesn’t mean that cloud migration is right for everyone. While cloud environments are generally scalable, reliable, and highly available, those won’t be the only considerations dri...
Real-Time Application Monitoring with Amazon Kinesis
Amazon Kinesis is a real-time data streaming service that makes it easy to collect, process, and analyze data so you can get quick insights and react as fast as possible to new information. With Amazon Kinesis you can ingest real-time data such as application logs, website clickstre...
Google Cloud Functions vs. AWS Lambda: The Fight for Serverless Cloud Domination
Serverless computing: What is it and why is it important? A quick background The general concept of serverless computing was introduced to the market by Amazon Web Services (AWS) around 2014 with the release of AWS Lambda. As we know, cloud computing has made it possible for users to ...
Google Vision vs. Amazon Rekognition: A Vendor-Neutral Comparison
Google Cloud Vision and Amazon Rekognition offer a broad spectrum of solutions, some of which are comparable in terms of functional details, quality, performance, and costs. This post is a fact-based comparative analysis on Google Vision vs. Amazon Rekognition and will focus on the tech...
New on Cloud Academy: CISSP, AWS, Azure, & DevOps Labs, Python for Beginners, and more…
As Hurricane Dorian intensifies, it looks like Floridians across the entire state might have to hunker down for another big one. If you've gone through a hurricane, you know that preparing for one is no joke. You'll need a survival kit with plenty of water, flashlights, batteries, and n...
Amazon Route 53: Why You Should Consider DNS Migration
What Amazon Route 53 brings to the DNS table Amazon Route 53 is a highly available and scalable Domain Name System (DNS) service offered by AWS. It is named by the TCP or UDP port 53, which is where DNS server requests are addressed. Like any DNS service, Route 53 handles domain regist...
How to Unlock Complimentary Access to Cloud Academy
Are you looking to get trained or certified on AWS, Azure, Google Cloud Platform, DevOps, Cloud Security, Python, Java, or another technical skill? Then you'll want to mark your calendars for August 23, 2019. Starting Friday at 12:00 a.m. PDT (3:00 a.m. EDT), Cloud Academy is offering c...