Over a million developers have joined DZone.

5 AWS Mistakes You Should Avoid

AWS can be a great tool, but only if you don't make these five mistakes. An AWS Cloud Consultant weighs in on what to shirk, like ignoring Trusted Advisor and not using Auto Scaling Groups.

· DevOps Zone

The DevOps zone is brought to you in partnership with Sonatype Nexus. The Nexus suite helps scale your DevOps delivery with continuous component intelligence integrated into development tools, including Eclipse, IntelliJ, Jenkins, Bamboo, SonarQube and more. Schedule a demo today

For the last several months, I have been working as an AWS Cloud Consultant where I see a lot of small to medium sized AWS deployments. Most of them are typical web applications. I want to share with you the 5 most common mistakes that you better avoid:

  • Managing infrastructure manually
  • Not using Auto Scaling Groups
  • Not analyzing metrics in CloudWatch
  • Ignoring Trusted Advisor
  • Underutilizing virtual machines

If you are interested in how to avoid the mistakes in a typical web application read on.

Typical Web Application

A typical web application consists of at least:

  • Load balancer
  • Scalable web backend
  • Database

and looks like the following figure:

typical web application

This pattern is very common and if yours look different you should have (strong) reasons.

Mistake 1: Managing Infrastructure Manually

If your AWS setup was created by clicking around in the web based management console you are managing infrastructure manually. The biggest problem with this approach: it is not reproducible, it is not documented and you can make a lot of mistakes. Luckily, AWS CloudFormation solves your problem free of charge. Instead of creating all the resources (like EC2 instances, Security Groups, Subnets, ...) manually you describe them in a template. CloudFormation will figure out how to turn this template into a running stack. CloudFormation creates all the resources for you in proper order as shown in the following figure.

Turning a template into a running stack

You can even update templates to apply changes to a running stack. A typical web application can be described in a CloudFormation template easily as shown here.

Our blog contains many CloudFormation examples and I also wrote a book about AWS and CloudFormationThere is no reason why you should manage your infrastructure manually. It's unprofessional! It's a mess!

Mistake 2: Not Using Auto Scaling Groups

The biggest problem with Auto Scaling Groups is that people assume that they are about auto scaling which they are not! Every EC2 instance should be launched inside an Auto Scaling Group. Even if it's a single EC2 instance. The Auto Scaling Group takes care of monitoring the EC2 instance, it acts as a logical group of virtual machines, and it's free.

In the typical web application the web servers will run on virtual machines in an Auto Scaling Group. You can of course use Auto Scaling Groups to scale the number of virtual machines based on the current workload but as precondition you need Auto Scaling Groups. Auto scaling is achieved by setting alarms on metrics like CPU usage (of the logical group) or number of requests the load balancer received. If the alarm threshold is reached you can define an action like increase the number of machines in the Auto Scaling Group.

Mistake 3: Not Analyzing Metrics in CloudWatch

Every AWS service reports interesting metrics to a service called CloudWatch. Virtual machines report CPU usage, network usage, and disk activity. Databases report also memory usage and IOPS usage. Your job is to analyze the data. Look at the following graph showing CPU usage over a day.

CPU usage over a day

Can you see the usage spike? I can tell you that this spike was visible every day. Always the same time. It smells like cronjob and of course it was a cronjob. But this machine was running a web server. So every day the latency increased because of that cronjob. Just run it on a separate virtual machine to solve the problem. It's all in CloudWatch but you need to look at it!

The second step, once you analyzed your metrics is to define alarms on them. Not the other way around!

Mistake 4: Ignoring Trusted Advisor

Do you know Trusted Advisor? It checks your AWS account against best practices defined by AWS. The focus areas are:

  • Cost optimization
  • Performance
  • Security
  • Fault tolerance

If your Trusted Advisor Dashboard looks like the following figure you have a good starting point for improvement.

Trusted Advisor Dashboard

I suggest to care about security first! You can enable a weekly email from Trusted Advisor which tells you what has changed (resolved or new issues) since last week. Activate this in the preferences section. If you pay for AWS support Trusted Advisor becomes even more powerful by adding more checks.

Mistake 5: Underutilizing Virtual Machines

There is no reason - beside manually managed infrastructure - to not decrease the instance size (number of machines or c3.xlarge toc3.large) if you realize that your EC2 instances are underutilized. How do you know if you are underutilized? Check your CloudWatch metrics! It's that easy. If you use Auto Scaling Groups you should also check your auto scaling rules and CloudWatch metrics to scale up later or scale down earlier.


As an AWS Cloud Consultant I see many AWS accounts. During the year I collected mistakes that I saw in each account and aggregated them to provide you my best of. It turned out that the 5 most common mistakes on AWS are:

  • Managing infrastructure manually
  • Not using Auto Scaling Groups
  • Not analyzing metrics in CloudWatch
  • Ignoring Trusted Advisor
  • Underutilizing virtual machines

Now it's your turn to check your infrastructure.

The DevOps zone is brought to you in partnership with Sonatype Nexus. Use the Nexus Suite to automate your software supply chain and ensure you're using the highest quality open source components at every step of the development lifecycle. Get Nexus today

aws,mistakes,best practices,devops

The best of DZone straight to your inbox.

Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}