Disclaimer: Opinions expressed are solely my own and do not express the views or opinions of my employer.
In my role as an AWS Solutions Architect I have started to compile a list of things I wish I knew two hours, days, weeks, or months ago. Tidbits of knowledge that would have made my life easier or reduced my workload. Following on to Rich Adam’s AWS Tips, Tricks, and Techniques, which were very helpful, I thought I’d start my own page.
Always Apply a Role to an Instance
Role’s can only be applied at the time an instance is created. So that one-off server that doesn’t need delegated role permissions today may need it tomorrow. And the only way to apply a role is to stop the instance, create an AMI from it, and then redeploy.
Best to create a role tied to an empty policy. If permissions are needed, the policy can be changed and the permissions will become available to the server. I create roles that are named for a specific server or stack, and name the policies in a similar manner.
Run the Trusted Advisor Weekly
Based on your support level you may get 4 or 40+ items. No matter, they can point out things such as snapshots or unused volumes that can be cleaned up for savings. You are only billed for what you consume, best to keep that at a reasonable level!