Assessing an AWS Legacy Environment

Source: Dev.to

Introduction

You’ve inherited an AWS account with unknown history. The previous builder left 18 months ago, and the promised documentation is missing. Leadership wants to know if the environment can be modernized, but you need a clear picture first.

Assessment Goals

Answer three simple questions:

1. What are we running?
2. How much is it costing us?
3. What’s about to explode?

No lengthy reports or fancy diagrams—just the facts.

Quick Console Walkthrough

1. EC2 – Count instances, check their state, and verify they have meaningful tags (instead of just i-0a1b2c3d4e5f).
2. RDS – List databases, note engine versions (look for outdated releases).
3. Lambda – Count functions and try to understand their purpose.
4. Tags – If resources lack tags, you’ll have a hard time identifying their role.

Cost Optimization

Open Cost Explorer and review the most recent bill. Look for obvious waste:

• EC2 instances running 24/7 when they could be stopped at night.
• Large data‑transfer charges (e.g., terabytes being downloaded to a laptop).
• NAT Gateways that cost more than the applications they support.

Common Low‑Hanging Fruit

• Unattached EBS volumes – you’re paying for “ghost” storage.
• Idle Load Balancers – still cost ~$16 /month each.
• Unused Elastic IPs – $3.60 /month per address adds up quickly.

Security Checks

You don’t need to be a security expert; just verify a few basics:

• SSH exposure – any security groups allowing 0.0.0.0/0 on port 22?
• Public S3 buckets – they should be private unless explicitly required.
• Root account usage – ensure it isn’t being used for day‑to‑day tasks.
• Access key rotation – if keys have never been rotated, that’s a red flag.

AWS tools such as Trusted Advisor and Security Hub can help surface these issues, but a manual console review often reveals the same red flags.

Mapping Dependencies

Understanding how components talk to each other is the hard part. Start simple:

1. Users → Load Balancer
2. Load Balancer → Application servers
3. Application servers → Database
4. Optional: S3 bucket, Lambda functions, etc.

How to Discover Connections

• Review source code (if available).
• Inspect CloudWatch logs for traffic patterns.
• Talk to the team—junior developers often know the hidden wiring.
• Sketch a quick diagram on a whiteboard: boxes and arrows, no need for polish.

Red Flags to Watch

• EC2 instances running since 2019 with unknown purpose.
• Databases on end‑of‑life engines (e.g., MySQL 5.6).
• Manual deployments via SSH.
• Missing or untested backups.
• All resources confined to a single Availability Zone.

Cost‑Intensive Practices

• Over‑provisioned instances running continuously.
• Self‑managed databases when RDS would be cheaper and easier.
• Lack of auto‑scaling, leading to paying for unused capacity.

Prioritize remediation based on “what will bite us first.”

Establish a Performance Baseline

Before making changes, capture current metrics:

• Page load times.
• Error rates.
• CPU / memory utilization.
• Database query latency.

These numbers become the receipts you’ll need to prove the value of modernization later.

Documentation Checklist

Create a concise document (Google Doc, Notion, etc.) containing:

• Inventory – list of resources and their costs.
• Security issues – ranked by severity.
• Dependency map – simple diagram.
• Technical debt – prioritized list.
• Performance baseline – the metrics captured above.

No 100‑slide PowerPoint, just the essentials.

Collaboration

• Verify everything; the existing wiki is likely outdated.
• Involve developers, operations staff, and the on‑call engineer.
• Their insights will reveal hidden “bodies” buried in the environment.

Timeline

• Assessment: 1–2 days, not months.
• Counting resources may be tedious, but it’s essential.

Next Steps

Now that you know what’s running, you can plan:

• Which workloads to migrate first?
• Which resources to retire?
• What can stay untouched because it works fine?

For now, open the AWS Console and start clicking. You’ll soon see the true state of the environment—and finally have the information you need to move forward.