Usecase Universe

A collective of use cases for DevOps teams

Browse a variety of 200+ predefined templates to automate all your AWS actions

AWS Best Practices

24 Times Used
22 MAY 2019
RDS DB instances MultiAZ alteration.

This workflow enables the MultiAZ for RDS DB instances and then after a delay of 1 hour it forces it to fail over. Again after 1 hour of delay it disables the MultiAZ feature for the RDS DB instances and then sends a report

Delete a particular folder on EBS volume.

Takes the EBS volumes in your AWS account and deletes a particular folder inside it. This practice helps you to remove unused data from the EBS volume to increase the proper utilization of volume and store more useful data without increasing the volume unnecessarily.

Daily/Weekly reports of Lambda's Duration

Monitors metrics to make sure your Lambdas are running as they should. It helps in finding anomalies and improve Lambda Function performance.

Copy or move logs data to S3 and delete the log folder.

This template moves the logs present in the log folder of EC2 machine and transfers them into a specified S3 Bucket. This practice helps you to store as much logs as you want in the S3 bucket without worrying about the disk sapce in the machine.

Send report of security group which allows DNS(TCP port 53 and UDP port 53 ) access from public IP.

It is AWS best practice to remove entries in security group which allows DNS access from public IP to reduce possibility of breach. Allowing unrestricted DNS access can increase threats such as Denial of Service (DoS) attacks or Distributed Denial of Service (DDoS) attacks.

Send report of security groups that allow http access from public IP.

It is AWS best practice to get aware of security groups which allows HTTP access from public IP to reduce possibility of breach. Allowing unrestricted HTTP access can increase threats like hacking, denial-of-service (DoS) attacks and loss of data.

Notify if any of the EC2 Instances are running in EC2-Classic

Running instances in EC2-VPC instead of EC2-Classic provides better flexibility and control over security, traffic routing and availability.

Send report of Security Groups which allows MongoDB(TCP port 27017) access from public IP.

It is AWS best practice to remove entries in Security Groups which allows MongoDB access from public IP to reduce possibility of breach. Allowing unrestricted MongoDB access can increase threats like hacking, denial-of-service (DoS) attacks and loss of data.

ACM Certificates with Wildcard Domain Names

Reports all the ACM Certificates which have Wildcard Domain Names.

Daily/weekly reports of Lambda Function DeadLetterErrors

Logs Lambda Function DeadLetterErrors over the last 7 days.

Expired ACM Certificates

Having expired ACM certificates lying around is not a AWS best practice and can potentially affect your application, in case they are picked during deployment.

Notify If number of EC2 Instances are more than 50

This workflow periodically finds if number of instances in your account are more than the limit set by you (default limit is 50) and sends a Email or Slack notification.