Trusted Advisor is often seen as a simple checklist, but its real power lies in its ability to surface subtle architectural debt that, when addressed, yields disproportionately large cost savings and performance gains.
Let’s see it in action. Imagine you’ve just logged into your AWS Management Console and navigated to the Trusted Advisor service. You’re greeted with a dashboard that categorizes checks into several key areas: Cost Optimization, Performance, Security, Fault Tolerance, and Service Limits.
Here’s a common scenario: Under "Cost Optimization," you might see a warning like "Underutilized EBS Volumes."
[
{
"id": "1H2Vp6f8R7tX9j0sL1mN3oP4qR5sT6uV",
"name": "Underutilized EBS Volumes",
"description": "Identify Amazon Elastic Block Store (EBS) volumes that are not being used by any running EC2 instances.",
"status": "warning",
"category": "Cost Optimization",
"timestamp": "2023-10-27T10:30:00Z",
"resources": [
{
"id": "vol-0a1b2c3d4e5f67890",
"region": "us-east-1",
"details": "EBS volume vol-0a1b2c3d4e5f67890 in us-east-1 has not been attached to a running EC2 instance for the past 30 days."
},
{
"id": "vol-0987654321fedcba0",
"region": "us-west-2",
"details": "EBS volume vol-0987654321fedcba0 in us-west-2 has not been attached to a running EC2 instance for the past 60 days."
}
]
}
]
This isn’t just about finding unused disks; it’s about understanding what happens when resources linger without purpose. Unattached EBS volumes, even if not actively writing data, incur storage charges. Over time, these small, seemingly insignificant costs can accumulate into substantial waste. Trusted Advisor flags these by analyzing EBS volume attachment status against running EC2 instances and looking at recent activity metrics.
The mental model here is that AWS bills for provisioned resources, not necessarily used resources. Trusted Advisor acts as your vigilant auditor, surfacing the gap between what you’ve provisioned and what’s actively contributing to your workloads.
Common Causes for Underutilized EBS Volumes and Their Fixes:
-
Orphaned Volumes after Instance Termination: When an EC2 instance is terminated, its root EBS volume is often set to be deleted by default. However, any additional EBS volumes attached to that instance might be configured to persist. If they aren’t manually detached and deleted, they become orphaned.
- Diagnosis: Navigate to the EC2 console, select "Volumes" under "Elastic Block Store," and filter for volumes that are "available" (not attached). Cross-reference their
CreateTimewith your instance termination history. - Fix: Select the orphaned volume and choose "Actions" -> "Delete Volume."
- Why it works: Deleting the volume immediately stops any associated storage charges.
- Diagnosis: Navigate to the EC2 console, select "Volumes" under "Elastic Block Store," and filter for volumes that are "available" (not attached). Cross-reference their
-
Staging or Temporary Volumes Not Cleaned Up: Developers might attach volumes for temporary data staging during testing or development. If these aren’t properly detached and deleted after the task is complete, they remain.
- Diagnosis: Examine the
CreateTimeandIops(if applicable) of unattached volumes. If a volume has been unattached for an extended period and has zero IOPS, it’s a strong candidate for deletion. - Fix: Detach (if somehow still considered attached but not in use) and then delete the volume.
- Why it works: Removes the persistent storage cost for a resource that served its temporary purpose.
- Diagnosis: Examine the
-
Misconfigured Snapshots or Backups: Sometimes, volumes are kept around because users believe they are part of a critical backup strategy, but the actual backups are managed via snapshots. The volume itself is then redundant.
- Diagnosis: Check if EBS snapshots exist for the volume in question. You can find this by selecting a volume, looking at the "Snapshots" tab (or searching for snapshots by Volume ID).
- Fix: If a recent, valid snapshot exists and your backup policy is covered by snapshots, delete the unattached EBS volume.
- Why it works: Leverages the more cost-effective snapshot storage while eliminating the cost of the provisioned EBS volume.
-
Development/Testing Environments Decommissioned Incompletely: Entire development or testing stacks might be torn down, but individual EBS volumes associated with them might be overlooked.
- Diagnosis: Correlate unattached volumes with known decommissioned environments. Look for volumes whose naming conventions or creation times align with those environments.
- Fix: Delete the identified orphaned volumes.
- Why it works: Cleans up resources from defunct projects, directly reducing monthly bills.
-
Volumes Detached for Troubleshooting and Forgotten: During a performance issue or troubleshooting session, a volume might be detached to isolate a problem or attach it elsewhere. If the re-attachment or cleanup step is missed, it becomes an orphaned resource.
- Diagnosis: Review your incident logs or change management records for any recent volume detachments that weren’t followed by a re-attachment or explicit deletion.
- Fix: Either re-attach the volume to its intended instance or delete it if it’s no longer needed.
- Why it works: Restores the volume to an active state or removes its cost if its purpose has concluded.
-
Incorrectly Configured Auto Scaling Group or EC2 Instance Termination Policies: While less common for EBS volumes directly, misconfigurations in how instances are terminated can sometimes leave volumes behind if specific termination logic isn’t in place for non-root volumes.
- Diagnosis: Review Auto Scaling Group termination policies and any custom scripts or Lambda functions that manage EC2 instance termination.
- Fix: Adjust termination policies or scripts to ensure associated EBS volumes are either detached and deleted or managed according to your strategy.
- Why it works: Ensures that automated processes clean up resources consistently, preventing manual oversight.
Beyond cost optimization, Trusted Advisor also offers valuable insights into performance bottlenecks and security vulnerabilities. For instance, it might flag "EC2 instances underutilized" or "Security Group - ports open to the internet." Each of these checks, when acted upon, contributes to a more robust, secure, and cost-efficient AWS environment.
The next thing you’ll likely encounter after cleaning up these low-hanging fruit is Trusted Advisor surfacing recommendations for Reserved Instances or Savings Plans, prompting a shift from on-demand to a more predictable cost model for consistent workloads.