Starting with AWS is a straightforward process that's accessible to anyone. However, IT departments can unintentionally overlook crucial aspects while configuring their AWS cloud environments. These oversights can result in longer maintenance times or create severe security and financial vulnerabilities.
As an AWS consultancy with years of experience under our belts, we offer a no cost, no obligation 6-point AWS inspection designed to help small and medium sized businesses. The 6-points we evaluate a business on are:
- Security
- Cost
- Reliability
- Performance
- Operations
- Sustainability
What do we find when we conduct these inspections? All kinds of things. Here are some of the most common:
Point 1: Security
The first step in any inspection is a security audit. Spending too much is bad, but being hacked is even worse.
- Improper Security Group setup
- IAM roles left open
- Improper VPN design and exposed databases
- Services setup to use the root user
Point 2: Cost
- No billing alerts set up, which means no cost controls
- Poor cost optimization.
- Using the wrong AWS services causing overspending
Point 3: Performance
- Using the wrong AWS services causing performance issues
- Not understanding how to do logging/auditing to properly assess performance
- Not understanding good industry benchmarks for performance
Point 4: Reliability
- Backups non-existent or not tested
- Lack of 24/7 monitoring
- Using the wrong AWS services causing reliability issues
- Not understanding how to do logging/auditing to determine how reliable a service is
Point 5: Operations
- Building it by hand in the console instead of using Infrastructure as Code (IaC).
- Using a 3rd party CDN and CloudFront in line with one another
- Not using some sort of CICD pipeline
Point 6: Sustainability
- All overspending on the cloud isn’t just a cost issue, but creates unnecessary environmental impacts
- Old physical hardware uses electricity much less efficiently than cloud resources
A well-architected foundation
The Metal Toad 6-point inspection is built on the AWS Well-Architected Framework with small and medium-sized businesses in mind. That’s why security comes first, followed by cost. The AWS Well-Architected Framework is designed to evaluate the advantages and disadvantages of choices made during the development of AWS systems, but can also be used successfully as a foundation to assess an environment that is already set up. The framework makes sure we are bringing architectural best practices for creating and managing secure, dependable, efficient, budget-friendly, and sustainable workloads within the AWS Cloud. At its core, we firmly believe that employing well-architected systems considerably enhances the probability of achieving business success, and conducting a full-fledged AWS Well-Architected review is also an option, even for a small business.
For more information see our post on the Top 10 things IT departments miss when setting up AWS themselves.