DEV Community

Cover image for AWS Best Practices & Tips
Anurag Vishwakarma
Anurag Vishwakarma

Posted on

AWS Best Practices & Tips

✅ Subscribe to Newsletter 👨🏻‍💻


  • Disable SSH access to all servers
  • Treat servers like cattle, not pets - automate everything and don't rely on custom configurations
  • Don't assign static or elastic IPs to servers
  • Automate all possible processes with scripts and infrastructure-as-code
  • Require IAM accounts for all users instead of using root credentials
  • Keep application state off of servers as much as possible


  • Prefer EC2 roles over assigning IAM users to servers
  • Assign IAM permissions to groups, not individual users
  • Set up automated security auditing across all services
  • Use CloudTrail to keep an API audit log of all activity


  • Use "-" instead of "." in bucket names for SSL certificate compatibility
  • Avoid filesystem mounts and direct EC2 access to S3
  • Putting CloudFront CDN in front of S3 can improve performance
  • Add random strings to the beginning of object keys for anonymity
  • Restrict public access to buckets and objects


  • Tag all resources for identification and organization
  • Use termination protection for non-auto-scaling instances
  • Launch instances within a VPC for network control
  • Use reserved instances to save money for steady-state workloads
  • Lock down security groups to only necessary ports and sources
  • Don't keep unassociated Elastic IPs which incur charges


  • Use CloudWatch for metrics and CloudTrail for API logs
  • Leverage the free metrics provided by AWS services
  • Send custom application logs and metrics to CloudWatch
  • Enable detailed monitoring for granular CloudWatch data

Auto Scaling

  • Scale down on insufficient data, not just on alarms
  • Use ELB health checks over EC2 checks for accurate auto-scaling
  • Only use the same AZs that the attached ELBs are configured with
  • Avoid multiple scaling triggers in the same group


  • Terminate SSL on the ELB, not on instances
  • Pre-warm ELBs before big traffic spikes when possible


  • Set up event subscriptions to respond to RDS events


  • Set up granular billing alerts to avoid unexpected costs

Route 53

  • Use alias records to route to AWS resources


  • Specify an S3 location for Hive query results


  • Horizontally scale systems when possible
  • Be aware of service limits before deploying
  • Decide on a resource naming convention early
  • Validate if AWS is appropriate for a workload
  • Distribute resources across AZs for high-availability
  • Delete unused resources to minimize costs
  • Decide on key management from the start

AWS Best Practices

Source & Credit:

✅ Subscribe to Newsletter 👨🏻‍💻

Top comments (0)