AWS Support Plans and Trusted Advisor

In this lesson, we'll explore two critical AWS services that help you optimize your cloud operations: AWS Support Plans and AWS Trusted Advisor. You've already learned about core AWS services, security, monitoring, and cost management - now we'll see how these tools help you get the most value from AWS while maintaining best practices.

Learning Goals:

• Understand the four AWS Support Plans and their key features
• Learn how to choose the right support plan for your needs
• Master AWS Trusted Advisor's optimization capabilities
• Implement Trusted Advisor checks programmatically

AWS Support Plans Overview

AWS offers four tiers of support to meet different organizational needs:

Basic Support (Free)

• 24/7 customer service
• Access to AWS documentation and whitepapers
• Support forums
• Health status alerts

Developer Support ($29/month or 3% of monthly usage)

• Business-hours email access to Cloud Support Associates
• General guidance within 24 hours
• Limited technical support

Business Support (Starts at $100/month or 10% of monthly usage for first $10K)

• 24/7 phone, email, and chat support
• Response times based on severity
• Trusted Advisor access (full set of checks)
• Infrastructure Event Management (additional fee)

Enterprise Support (Starts at $15K/month)

• 15-minute response time for business-critical issues
• Technical Account Manager (TAM)
• Concierge Support Team
• Well-Architected and Operations reviews

tip

Most growing businesses start with Business Support once they have production workloads. The full Trusted Advisor access alone often pays for the plan through cost optimization findings.

Choosing the Right Support Plan

Here's a practical decision framework:

support_plan_selector.py

def recommend_support_plan(company_size, aws_spend, production_critical):
    if company_size == "individual" or aws_spend < 100:
        return "Basic"
    elif company_size == "startup" and aws_spend < 1000:
        return "Developer"
    elif production_critical and aws_spend > 1000:
        return "Business"
    elif aws_spend > 10000 or company_size == "enterprise":
        return "Enterprise"
    else:
        return "Business"

# Example usage
print(recommend_support_plan("startup", 500, True))  # Output: Developer
print(recommend_support_plan("medium", 5000, True))  # Output: Business

AWS Trusted Advisor Deep Dive

Trusted Advisor analyzes your AWS environment and provides real-time guidance to help provision resources following AWS best practices.

Core Check Categories

Cost Optimization

• Idle Load Balancers
• Unassociated Elastic IP Addresses
• Low Utilization EC2 Instances

Performance

• High Utilization EC2 Instances
• CloudFront Content Delivery Optimization

Security

• Security Groups - Specific Ports Unrestricted
• IAM Use (root access, MFA)
• S3 Bucket Permissions

Fault Tolerance

• EBS Snapshots
• RDS Backups
• Availability Zone Balance

Service Limits

• Monitoring approaching service limits

Accessing Trusted Advisor Programmatically

Python (boto3)

trusted_advisor_checks.py

import boto3
import json

def get_trusted_advisor_checks():
    """Retrieve Trusted Advisor check results"""
    support = boto3.client('support', region_name='us-east-1')
    
    try:
        # Get available checks
        checks = support.describe_trusted_advisor_checks(language='en')
        
        # Get check results for cost optimization category
        cost_checks = [
            check for check in checks['checks'] 
            if check['category'] == 'cost_optimizing'
        ]
        
        for check in cost_checks[:3]:  # Show first 3 cost checks
            result = support.describe_trusted_advisor_check_result(
                checkId=check['id']
            )
            print(f"Check: {check['name']}")
            print(f"Status: {result['result']['status']}")
            print("---")
            
    except Exception as e:
        print(f"Error: {e}. Ensure you have Business or Enterprise support.")

get_trusted_advisor_checks()

AWS CLI

trusted_advisor_cli.sh

#!/bin/bash

# List available Trusted Advisor checks
aws support describe-trusted-advisor-checks --language en --region us-east-1

# Get specific check result (replace CHECK_ID with actual ID)
# aws support describe-trusted-advisor-check-result --check-id CHECK_ID --region us-east-1

# Note: Requires Business or Enterprise support plan

Implementing Trusted Advisor Recommendations

Let's create a script that automatically acts on Trusted Advisor findings:

cost_optimizer.py

import boto3

class CostOptimizer:
    def __init__(self):
        self.ec2 = boto3.client('ec2')
        self.support = boto3.client('support', region_name='us-east-1')
    
    def find_idle_load_balancers(self):
        """Identify and report idle load balancers"""
        elb = boto3.client('elbv2')
        load_balancers = elb.describe_load_balancers()
        
        idle_lbs = []
        for lb in load_balancers['LoadBalancers']:
            # Check if LB has targets (simplified check)
            target_groups = elb.describe_target_groups(
                LoadBalancerArn=lb['LoadBalancerArn']
            )
            if not target_groups['TargetGroups']:
                idle_lbs.append(lb['LoadBalancerArn'])
        
        return idle_lbs
    
    def cleanup_unused_eips(self):
        """Release unassociated Elastic IPs"""
        addresses = self.ec2.describe_addresses()
        released_count = 0
        
        for address in addresses['Addresses']:
            if 'AssociationId' not in address:
                print(f"Releasing unassociated EIP: {address['PublicIp']}")
                self.ec2.release_address(AllocationId=address['AllocationId'])
                released_count += 1
        
        return released_count

# Usage example
optimizer = CostOptimizer()
idle_lbs = optimizer.find_idle_load_balancers()
print(f"Found {len(idle_lbs)} idle load balancers")

released_ips = optimizer.cleanup_unused_eips()
print(f"Released {released_ips} unassociated Elastic IPs")

warning

Always test automation scripts in a non-production environment first. Some Trusted Advisor recommendations might have dependencies you haven't considered.

Common Pitfalls

• Underestimating Support Needs: Choosing a lower-tier plan than needed can lead to extended downtime during critical issues
• Ignoring Service Limits: Trusted Advisor shows approaching limits, but you need to proactively request increases
• Cost Optimization Blind Spots: Trusted Advisor doesn't catch all cost issues - regularly review Cost Explorer and budgets
• Security Group Over-permission: Trusted Advisor flags open ports, but you need to regularly review and tighten rules
• Assuming Automation Replaces Reviews: Automated fixes should complement, not replace, regular architectural reviews

Summary

AWS Support Plans provide tiered technical assistance while Trusted Advisor offers automated best practice guidance. Business and Enterprise support unlock full Trusted Advisor capabilities, which can pay for themselves through cost optimization findings. Implement programmatic checks and automate remediation where safe, but maintain human oversight for critical decisions.

Quiz

AWS Support Plans & Trusted Advisor Fundamentals

Which AWS Support Plan provides 24/7 phone support and full Trusted Advisor access?

Question 1/5