AWS compute-optimizer documentation change
Summary
Added NAT Gateway to idle resource recommendations, updated analysis criteria for EBS volumes and NAT Gateway, and provided specific guidance for NAT Gateway verification.
Security assessment
The changes focus on expanding cost optimization recommendations to include NAT Gateway. While identifying idle resources can indirectly improve security posture by reducing attack surfaces, there is no explicit mention of addressing vulnerabilities or security incidents.
Diff
diff --git a/compute-optimizer/latest/ug/view-idle-recommendations.md b/compute-optimizer/latest/ug/view-idle-recommendations.md index 36b75cb7e..5746fc06e 100644 --- a//compute-optimizer/latest/ug/view-idle-recommendations.md +++ b//compute-optimizer/latest/ug/view-idle-recommendations.md @@ -20,0 +21,2 @@ Compute Optimizer helps you identify idle resources that can be deleted or stopp + * Amazon NAT Gateway + @@ -28 +30 @@ The recommendations are refreshed daily. These recommendations are generated by -For EBS volumes we analyze the attachment status over a 32-day lookback period. +For EBS volumes and NAT Gateway we analyze the attachment status over a 32-day lookback period. @@ -70,0 +73 @@ Amazon Aurora and RDS databases | Database connections, read/write IOPS, and CP +Amazon NAT Gateway | Active connection count, Packets in from source, Packets in from destination | The NAT Gateway is in available state, is not associated with any AWS Route Tables, and has no active connection, no Packets in from both source and destination over the lookback period. | Verify whether you need this NAT Gateway. Check if it's part of a disaster recovery setup or serves as a backup in your network architecture.