This section provides detail on the AWS management services relevant to the Solution Architect Associate exam. These services are used to help you audit, monitor and evaluate your AWS infrastructure and resources. These management services form a core component of running resilient and performant architectures.
Want more? Try a lab playground or do a Lab Challenge!
Learning Objectives
- Understand the benefits of using AWS CloudWatch and audit logs to manage your infrastructure
- Learn how to record and track API requests using AWS CloudTrail
- Learn what AWS Config is and its components
- Manage your accounts with AWS Organizations, including single sign-on with AWS SSO
- Learn how to carry out logging with CloudWatch, CloudTrail, CloudFront, and VPC Flow Logs
- Understand how to design cost-optimized architectures in AWS
- Learn about AWS data transformation tools such as AWS Glue and data visualization services like Amazon Athena and QuickSight
Before the cloud, companies often had a fixed procurement process. Companies signed contracts upfront and understood how engineering workloads mapped to software and hardware. Because that process was so well understood, the costs associated with it were understood as well - which meant it was easier to track and control costs.
Now, with cloud computing, costs are variable. With variable usage, you gain speed - you can move quicker and procure the hardware and software you need faster. However, it’s now more difficult to understand the costs associated with that procurement. Often, it requires a change in the procurement process, which means application teams and finance teams need to work better together to determine how to improve planning and control costs.
And to do that, these teams need three things:
- They need to track AWS usage and costs, set appropriate budgets and receive alerts if they’re exceeding those budgets
- They need to provide reports to business leaders and engineering managers to better inform future purchasing decisions and
- they not only need to see this information, but they also need to take action and automate responses when they do exceed their budget
This is where AWS Budgets comes into play. AWS Budgets has tools that map to each of these requirements. For tracking AWS usage and costs, or Savings Plan and Reserved Instance coverage, you can create a Budget.
For business reporting, you can use AWS Budgets Reports to disseminate information to the right people. And for taking action, you can use AWS Budgets Actions to automate responses if you go over your budget.
Let's see how each of these tools work together at a high level. You’ll first define your budget, by specifying
- what you want to track, this could be cost - or how much you’re spending, service usage - how much you’re using, or coverage and utilization for Savings plans and Reserved Instances - are you getting the most out of your reservations
- Then you will determine your budget amount,
- and last, provide the scope of what this budget applies to - does it only apply to a particular project or service or does it apply to all resources in your account?
For example, you can specify a cost budget with a $100 monthly spend as your budget amount that applies to all services in your account.
Then you configure an alert, by specifying a threshold. This threshold is where you specify when you want to be notified. For example, you may want to be notified once you spend 80% of your $100 budget. Once that threshold is reached, the alert will notify you through your choice of email, SNS topic or AWS Chatbot notification.
You can optionally also attach a Budget action to this alert. You can configure one of three automated actions:
- you can change IAM permissions,
- change AWS Organizations permissions,
- or stop EC2 or RDS instances.
So going back to the previous example, if your alert threshold is met after you’ve spent 80% of your $100 budget, it will not only notify you but also trigger the action you selected automatically or with your approval.
Finally, to get a full report on all your budgets and their status, you can create a budget report and send it out to leadership or other interested parties. This will give them a high-level overview of the status of all budgets and enable them to plan for the future based on this data.
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.
Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.