ACCT.12 Monitor for and resolve AWS Trusted Advisor high-risk items

AWS Trusted Advisor scans your AWS infrastructure for high-risk or high-impact issues related to security, performance, cost, and reliability. It provides detailed information about affected resources and remediation recommendations. For more information about checks and descriptions, see AWS Trusted Advisor check reference in the AWS Support documentation. Access to Trusted Advisor checks varies by AWS Support plan.

Basic Support provides access to the following:

Checks in the Service Limits category
Selected checks in the Security and Fault Tolerance categories, including:
- Amazon Elastic Block Store (Amazon EBS) public snapshots
- Amazon Relational Database Service (Amazon RDS) public snapshots
- Amazon S3 bucket permissions
- MFA for the root user
- Security groups that have specific ports unrestricted
- AWS Security Token Service (AWS STS) global endpoint usage across AWS Regions

Full access to all Trusted Advisor checks requires one of the following paid support plans:

AWS Business Support+
AWS Enterprise Support
AWS Unified Operations

Review Trusted Advisor findings regularly and remediate issues as they are identified. If you have AWS Business Support+, AWS Enterprise Support, or AWS Unified Operations, you can subscribe to a weekly findings email. For more information, Set up notification preferences in the AWS Support documentation.

To view Trusted Advisor findings

See View check categories in the AWS Support documentation.
Start by reviewing action recommended issues, which are marked in red.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

ACCT.11 Enable IAM Access Analyzer

ACCT.13 Use short-lived credentials for access to your AWS resources