Menu
AWS GovCloud (US)
User Guide

AWS Trusted Advisor

The following list details the differences for using this service in the AWS GovCloud (US) Region compared to other AWS regions:

  • Email notifications are not yet enabled in Trusted Advisor in the AWS GovCloud (US) Region.

  • All 23 checks are available to all AWS GovCloud (US) customers today.

The following table lists the Trusted Advisor checks that are available in the AWS GovCloud (US) Region and the required support level:

Category Check

Enabled in

AWS GovCloud (US)

Support Level
Cost Optimization Unassociated Elastic IP Address Yes Business and Enterprise
Security Security Groups - Specific Ports Unrestricted Yes Basic
Security Groups - Unrestricted Access Yes Business and Enterprise
Amazon S3 Bucket Permissions Yes Business and Enterprise
IAM Password Policy Yes Business and Enterprise
AWS CloudTrail Logging Yes Business and Enterprise
ELB Listener Security Yes Business and Enterprise
ELB Security Groups Yes Business and Enterprise
Fault Tolerance Amazon EBS Snapshots Yes Business and Enterprise
Amazon EC2 Availability Zone Balance Yes Business and Enterprise
Load Balancer Optimization Yes Business and Enterprise
VPN Tunnel Redundancy Yes Business and Enterprise
Auto Scaling Group Resources Yes Business and Enterprise
Auto Scaling Group Health Check Yes Business and Enterprise
Amazon S3 Bucket Logging Yes Business and Enterprise
ELB Connection Draining Yes Business and Enterprise
ELB Cross-Zone Load Balancing Yes Business and Enterprise
Performance High Utilization Amazon EC2 Instances Yes Business and Enterprise
Service Limits Yes Basic
Amazon EBS Provisioned IOPS (SSD) Volume Attachment Configuration Yes Business and Enterprise
Large Number of Rules in an EC2 Security Group Yes Business and Enterprise
Large Number of EC2 Security Group Rules Applied to an Instance Yes Business and Enterprise
Overutilized Amazon EBS Magnetic Volumes Yes Business and Enterprise

The following table lists the Trusted Advisor checks that are not available in the AWS GovCloud (US) Region:

Category Check

Enabled in

AWS GovCloud (US)

Support Level
Cost Optimization Amazon EC2 Reserved Instance Optimization No Business and Enterprise
Low Utilization Amazon EC2 Instances No Business and Enterprise
Idle Load Balancers No Business and Enterprise
Underutilized Amazon EBS Volumes No Business and Enterprise
Amazon RDS Idle DB Instances No Business and Enterprise
Security IAM Use No Basic
MFA on Root Account No Basic
Amazon RDS Security Group Access Risk No Business and Enterprise
Amazon Route 53 MX Resource Record Sets and Sender Policy Framework No Business and Enterprise
Fault Tolerance Amazon RDS Backups No Business and Enterprise
Amazon RDS Multi-AZ No Business and Enterprise
Amazon Route 53 Name Server Delegations No Business and Enterprise
Amazon Route 53 High TTL Resource Record Sets No Business and Enterprise
Amazon Route 53 Failover Resource Record Sets No Business and Enterprise
Amazon Route 53 Deleted Health Checks No Business and Enterprise
Performance Amazon Route 53 Alias Resource Record Sets No Business and Enterprise
Amazon CloudFront Content Delivery Optimization No Business and Enterprise
Amazon Route 53 Latency Resource Record Sets No Business and Enterprise

For more information about Trusted Advisor, see Meet AWS Trusted Advisor.

ITAR Boundary

The ITAR boundary defines where customers are allowed to store ITAR-regulated data for this service in the AWS GovCloud (US) Region. You must comply with the boundaries in order to maintain ITAR compliance. If you do not have any ITAR-regulated data in the AWS GovCloud (US) Region, this section does not apply to you. The following information identifies the ITAR boundary for this service:

ITAR-Regulated Data Permitted ITAR-Regulated Data Not Permitted
  • Not applicable

  • Not applicable

On this page: