1. What is a Trusted Advisor?
AWS Trusted Advisor is an online tool that inspects your AWS environment and provides real-time recommendations to help you follow AWS best practices across five categories: cost optimization, performance, security, fault tolerance, and service limits.
Core Concept
Trusted Advisor = automated best practice checker. It scans your account and recommends improvements across 5 pillars. Think of it as a consultant who continuously reviews your AWS setup and tells you what to fix. Some checks are free for all accounts; full checks require a Business/Enterprise Support plan.
2. Five Pillars
3. Free vs Full Checks
Important Warning
Full Trusted Advisor checks require a Business or Enterprise Support plan. Basic and Developer support plans only get the 7 core security checks + service limits. This is a common exam question: "How to get all Trusted Advisor checks?" = upgrade to Business or Enterprise Support.
4. Trusted Advisor Automation
Trusted Advisor Automation (Business/Enterprise only):
Trusted Advisor Check: "Low Utilization EC2 Instances"
→ EventBridge Rule (match TA check result)
→ Lambda Function
→ Stop idle instances automatically
→ Send notification to cost team via SNS
Trusted Advisor Check: "Security Groups - Unrestricted Access"
→ EventBridge Rule
→ Lambda
→ Automatically remove 0.0.0.0/0 from SG
→ Alert security team5. Trusted Advisor vs Other Services
Exam Tip
Trusted Advisor: "Best practice recommendations" = Trusted Advisor. 5 pillars: Cost, Performance, Security, Fault Tolerance, Service Limits. Free = 7 core checks only. Full = Business/Enterprise Support. "Detect idle EC2" = TA Cost Optimization. "Open SG warning" = TA Security. "Approaching service quota" = TA Service Limits. Automate with EventBridge (Business/Enterprise only).