ylastic blog

Introducing the Ylastic AWS Account Advisor, a tool for inspecting your AWS environment and identifying opportunities for optimizing your usage of AWS. 

We built it to be very simple and intuitive to use. You pick the checks you want to include in each run of the advisor (this initial release has a total of ten checks), Ylastic runs the checks and gives you a nice list of things that it found. Each advisor run is saved, and at any time you can review past runs.

The checks are broadly divided into four categories:

• Cost Optimization - Opportunities for reducing costs by detecting unused volumes, elastic load balancers, elastic ip addresses and Route 53 zones. These checks will also display an estimated cost saving per month and per year from removing the unused resources.
• Disaster Recovery - Check your ability to recover from system wide failures by detecting volumes that are in-use but not being backed up to snapshots. The advisor will also flag volumes that have snapshots older than several days, as that may be an indication that the backups are getting stale.
• Fault Tolerance - Identifies situations that can impact your ability to recover from the failure of an EC2 availability zone, by checking if your elastic load balancers have distributed allocation of instances, as well as if you have instances distributed in more than one zone.
• Security Audit - Secure access to your resources by detecting security groups that provide public access to sensitive ports or port ranges, as well as S3 buckets that can be listed by anonymous users across the internet.

As you use AWS over time, cruft builds up, and you start having unused resources in your account that are just driving up your costs. One of the cool features of the advisor is to flag these unused resources, and give you an estimate of the savings that you can get if you get rid of them. The screenshot below is from one of our customers that helped us test the advisor. Those elastic IPs, old unused volumes and balancers add up pretty quick :-)

The advisor is a feature available in the Ylastic Plus version. Coming soon, the ability to run the advisor on a schedule, as well as enhancements and additional checks based on feedback from customers that have already been trying this out. 

Enjoy :-)

In the midst of all the recent EC2 excitement, we released an easy to use point and click wizard for creating your IAM policies along with the ability to setup repositories for storing them. This will greatly simplify your workflow when setting up and using IAM policies. Currently you can use S3 buckets as policy repositories, and we are also adding support for other kinds of repositories.

Select your repository and you can create a new IAM policy using the wizard. You create statements and then generate a policy from it.

Select the actions for your policy. We have separated the actions by category for EC2 so it is easy to find what you need :-)

Specify a resource if you like.

Add any optional conditions to apply to this statement.

Click to add this statement. You can add more statements and when you are ready, generate a policy from these statements.

Provide a name for this policy file so we can save it to your repository. That's it! Now this policy will be available to you everywhere in Ylastic that you need access to it.

So if you need to assign this policy to one of your IAM groups or users, click the assign policy button and select it!

SImple and easy to use IAM management :-)

Last week, we added support for two-step verification aka MFA for Ylastic web version. We just rolled out this security feature to all versions of Ylastic mobile - iPhone, Android and Blackberry6. 

All versions of Ylastic now leverage this enhanced security feature. Enjoy!

Ylastic now supports two-step verification aka multi-factor authentication for even more secure sign-ins for your Ylastic accounts. It is an optional security feature that is a snap to set up, manage and use. Two-step verification requires two means of identification for signing in to your Ylastic account:

• Something you know - your password
• Something you must physically possess -  a time-sensitive code generated on your mobile phone

How easy is it to use? Install a free app available for both the iPhone and Android in their respective app stores on your mobile phone for generating the codes.

• iOTP for the iPhone
• DroidOTP for the Android

Set up a profile for Ylastic on your mobile phone using either iOTP or DroidOTP. Generate a secret code using the app (this will be a random string that will be impossible for anyone to guess). 

Enable the two-step verification feature on your Ylastic Settings page. Specify the generated secret code on the settings page along with a four-digit pin.

Provide your password on the initial login screen, and then if two-step verification is enabled for your account, you type in the verification code generated on your phone by providing the pin. No special devices or tokens needed for generating the code. You can even indicate that you do not want be asked for the verification code again for upto two weeks on a computer that you trust. 

Here are some screenshots using iOTP on my iPhone to generate the verification code by typing in my pin.

Type this code in to the verification dialog in Ylastic. That's it ! Check it out and let us know what you think :-)