On the EC2 Dashboard, click on Instances in the left-hand menu to see a list of all instances in the account.
Select an instance to view its details, including Instance type, AMI, Security groups, Key pair, Status, and Monitoring.
AMI (Amazon Machine Images):
Click on AMIs in the left-hand menu to view the list of available AMIs in your account. AMIs define the operating system, application server, and applications required for your instances.
Security Groups:
Navigate to Security Groups to explore the configurations that control the inbound and outbound traffic to your instances.
3. Exploring the AWS Well-Architected Framework Pillars
Select an instance and click on the Monitoring tab to view real-time metrics, such as CPU utilization, Disk read/write, Network in/out. Continuous monitoring of these metrics helps identify performance issues and ensures smooth operation.
Auto Scaling:
In the left-hand menu, select Auto Scaling Groups to check if Auto Scaling is configured for your instances. Auto Scaling helps maintain application availability by automatically adjusting the number of instances based on traffic demands.
Instance Status Checks:
Under Instance State in the Description tab, view Status checks to ensure the instance’s health. Regularly reviewing status checks ensures that instances are running as expected.
Tags:
In the Tags section of each instance, check if instances are properly tagged (e.g., Environment: Production). Proper tagging improves resource organization, aiding in operational efficiency.
Go to the Security groups section and review the Inbound and Outbound rules. Check that only the necessary ports are open, using the principle of least privilege to restrict access. For example, only open SSH (port 22) to specific IP addresses rather than allowing public access.
Key Pairs:
In the Key Pairs section, review the key pairs used for SSH access to instances. Ensure that key pairs are managed securely and that unused keys are rotated or deleted to prevent unauthorized access.
IAM Roles:
Under the Description tab for each instance, look for IAM role assignments. Verify that instances use IAM roles to grant the necessary permissions for accessing other AWS services, following the principle of least privilege.
AMI Security:
Go to the AMIs section and check if the AMIs used for launching instances are up to date with the latest security patches. Using updated AMIs reduces the attack surface of your instances.
In the Auto Scaling Groups section, check if Auto Scaling is configured to ensure instances can automatically adjust based on demand. Auto Scaling, combined with Elastic Load Balancers (ELB), enhances the reliability of your application by distributing traffic across healthy instances.
Instance Status and Recovery:
Under the Monitoring tab for each instance, review the Instance status checks to identify potential hardware or software issues. Regular monitoring ensures that issues are detected and addressed promptly.
Snapshots and Backups:
Navigate to Snapshots in the left-hand menu to review backups of EBS volumes. Regular snapshots support data recovery in case of failure, enhancing the overall reliability of your infrastructure.
Under the Instances section, review the Instance type (e.g., t2.micro, m5.large). Ensure that the selected instance type aligns with the workload's requirements to avoid over-provisioning. Consider using Spot Instances or Savings Plans for non-critical, flexible workloads to reduce costs.
Reserved Instances:
Go to the Reserved Instances section in the left-hand menu to see if any Reserved Instances are purchased. Using Reserved Instances for long-running workloads can lead to significant cost savings.
Monitor Usage:
In the Monitoring tab for each instance, observe metrics like CPU utilization. If instances consistently show low utilization, consider downsizing to a smaller instance type or consolidating workloads.
EBS Volumes:
Click on Elastic Block Store (EBS) > Volumes to view the list of attached storage volumes. Check the volume types (e.g., gp2, io1) and size. Ensure that volumes are appropriately sized and use cost-effective storage options based on performance requirements.
Under the Instances section, review the Instance type and CPU utilization metrics. Adjust instance sizes to match the performance needs of your applications, enhancing efficiency without over-provisioning resources.
Placement Groups:
Check if Placement groups are used for instances that require high network throughput and low latency, such as clustered computing applications. Proper use of placement groups can optimize network performance.
Elastic Load Balancers (ELB):
If your instances are part of an Auto Scaling Group, ensure that an Elastic Load Balancer is configured to distribute incoming traffic efficiently, balancing the load across available instances.
Enhanced Networking:
Under the Networking section for each instance, verify if Enhanced networking is enabled (e.g., using Elastic Network Adapter). Enhanced networking provides higher bandwidth, lower latency, and lower jitter, improving the network performance of instances.
Log in to the AWS Management Console of securitytooling account.
AWS Config and Security Hub:
If AWS Config and Security Hub are enabled, review compliance findings related to EC2 configurations. This includes checking if security groups have overly permissive rules or if instances are missing critical patches.
CloudWatch Metrics:
Use CloudWatch to monitor custom metrics for EC2 instances, such as CPU, memory, and network utilization, which provide additional insights into performance and resource utilization.