Getting visibility into your Amazon Web Services (AWS) Elastic Compute Cloud (EC2) instances is a challenge. Site24x7 enables you to enhance your visibility into AWS EC2 instances, consolidating all information in a unified location. You can replace the isolated monitoring approach for EC2 instances by combining instance metadata with system-level metrics. This allows for effective monitoring of your dynamic AWS EC2 environment.
Guidance Report recommendation
Implementing Site24x7's Guidance Report recommendations will elevate your EC2 security to a higher level and safeguard against cyberattacks and unauthorized actions by seamlessly integrating with Amazon Inspector.
You can analyze and receive alerts for security findings from Inspector at every resource level in EC2. These findings are grouped based on their severity, aiding in proactive security management.
Site24x7's Guidance Report for AWS conducts an analysis of configuration and resource usage across various AWS services. It then provides actionable suggestions aimed at enhancing cost-efficiency and removing fault tolerance—all to optimize performance within your AWS account.
There are 227 best practice checks in the Guidance Report that have been systematically categorized according to the specific AWS service they pertain to.
Top Guidance Report recommendations for AWS EC2
1. Underutilized EC2 instance
This examines the resource utilization of EC2 instances, marking them as underutilized if their CPU usage has been below 2% over the previous 48 hours. In AWS EC2, the billing is done based on the instance type and the duration of usage.
By detecting and stopping instances with low utilization, you can potentially reduce cost overruns. This recommendations also presents the current Instance Type and suggests an alternative instance type (Recommended Instance Type) to which you could downgrade, thereby achieving more effective cost reduction.
2. Unrestricted access on specific ports
This check scans through the security group of monitored EC2 instances to identify rules permitting unrestricted entry on specific ports. Unrestricted access of this kind can pave the way for potential DDoS attacks or the infiltration of harmful traffic to your application.
For example, by exposing only TCP ports 80 and 443 to the internet, you can curtail potential entry points for attackers, thereby reducing vulnerabilities.
3. EC2 instance termination protection
This is one of the high-priority checks and sets up the EC2 instances to determine if termination protection has been activated. Termination protection is an approach that defends against inadvertent deletion of your instances.
It further guarantees that Auto Scaling policies do not eliminate a particular EC2 instance during the scaling-in process. By default, termination protection for EC2 instances is turned off. Enabling this feature acts as a precautionary measure to mitigate the risk of unforeseen instance terminations.
4. High instance utilization
An EC2 instance is categorized as overutilized when it fulfills the subsequent conditions:
- The average daily CPU usage of the EC2 instance surpasses 90% over the past 7 days.
- The average daily memory utilization also crosses 90% over the past 7 days.
This check evaluates the performance metrics of Amazon EC2 and detects instances demonstrating substantial resource usage. The Guidance Report recommendations suggest that you have the option to either modify the instance size or include the instance in an Auto Scaling group.
5. EC2 system status check failed
This assessment is related to the accessibility of the system. The System Status checks are automatically executed by Amazon EC2. They are designed to oversee the dependable functionality of the AWS physical framework that accommodates your EC2 instance.
If you instance consistently goes through system check failures, the Guidance Report recommends that you consider either substituting the instance or transitioning to an instance type from the latest generation.
The Guidance Report recommendations are primarily aimed to enhance visibility into AWS services and help you get the most out of your cloud investment. These recommendations are just a slice out of 227 best practices recommendations that Site24x7 has under its belt. Learn more about AWS Monitoring, and get all of our best practices recommendations by referring to our documentation.