5 Pillars of AWS Well-Architected Framework

What is the AWS Well-Architected Framework?

The AWS Well-Architected Framework is a set of best practices that guide you in building resilient and agile applications on the cloud.

This framework includes the five key pillars: security, reliability, performance efficiency, cost optimization, and operational excellence.

Additionally, there is a serverless-specific lens to the Well-Architected framework, which more specifically looks at key serverless scenarios/use cases such as RESTful microservices, Alexa skills, mobile backends, stream processing, and web applications, and how they can implement best practices to be Well-Architected.

1. Operational Excellence

This pillar outlines that developers and operations teams should seek business insights and customer insights to create applications that effectively support production workloads. This means understanding the risks, possible changes, and goals that drive day-to-day business operations.

Each team member should understand the criticality of their role in managing workloads, the entire workload’s behavior, and what development decisions will make operations successful.

This pillar also maintains that workloads should be designed to:

• Easily display information on their working statistics
• Enable mechanisms that aid quick feedback, recovery, and refactoring

2. Security

The security pillar emphasizes setting mechanisms that help protect systems, data, and assets. Fundamentally, Well-Architected security revolves around seven design principles:

• Enforce logging and monitoring for traceability
• Use multiple security controls to ensure security at all application layers
• Automate security best practices
• Protect data both within storage and in-transit
• Adopt an incident management policy
• Implement a strong foundation of security

Adopting an Identity and Access Management (IAM) policy is critical to ensuring that only the right users can access permitted resources. An IAM policy administers security by implementing an authentication and authorization layer.

Additionally, it is also crucial to implement multi-layered security and control methodologies that enforce infrastructure-wide protection. Enact data protection for application users with a variety of mechanisms such as:

• Versioning
• Logging
• Resilient storage
• Keys
• Regional isolation

Of course, implementing end-to-end security goes much deeper than implementing a user authentication layer. As a result, it is strongly advised to create detection controls and event notifications that help identify and stop security incidents at an early stage.

You can also choose to leverage the benefits of available AWS tools that provide incident response mechanisms, such as:

• AWS Events
• AWS CloudFormation
• Logging services

3. Reliability

A Well-Architected Framework defines mechanisms that help an application handle workloads accurately and consistently. The architecture of the system should be able to prevent and respond to breakdowns automatically.

The design principles for a reliable system include:

• Automate recovery
• Distribute workloads and requests to eliminate single point of failure
• Use only the capacity you need for your production workload
• Test incidents and recovery procedures
• Manage automation changes

Plan your infrastructure foundations properly in order to handle both current and future workloads. This implies that you should define design and architecture decisions upfront by anticipating workload behavior. While doing so, you’ll also want to leverage Service Limits and Resource Quotas to guide the deployment of multi-environment workloads.

Once services are deployed and live, the framework should allow efficient performance and availability monitoring to avoid downtimes or performance failures.

To further ensure your app’s reliability, the framework strongly recommends regularly:

• Tracking KPIs
• Backing up data
• Testing your recovery processes

4. Cost Optimization

An organization should aim to deliver optimum and resilient business solutions at the least cost to the user. Some design principles that guide the Cost Optimization pillar include:

• Integrate Cloud Financial Management into the organization’s overall business objectives
• Pay only for resources your application requires
• Always monitor your application’s efficiency (output vs cost)
• Outsource managed services and operating systems to AWS

Cloud Financial Management tools like AWS QuickSight, Cost & Usage Report (CUR), and Cost Explorer offer significant advantages to monitor an organization’s cloud costs. These tools also build discipline while creating an organization-wide awareness on cloud expenditure and usage.

A key takeaway of this best practice also advises using only resources that are appropriate for cost-effective workload handling. An organization should consistently evolve its cost optimization policy to take advantage of new services and features within the cloud landscape to reduce costs.

5. Performance Efficiency

This pillar guides the effective use of computing resources to meet system and business requirements. Some of the design principles guiding performance efficiency are:

• Delegate complex tasks to third-party vendors who have the required skills to implement advanced technology easily
• Deploy multi-regional workloads to reduce latency and lower deployment costs
• Test and experiment often to take advantage of virtual resources
• Utilize serverless functions whenever possible

When selecting infrastructure and architecture for your application, take a data-driven approach while exploring multiple options available before settling for the most efficient. This exercise is not a one-time task. Combine multiple approaches and keep reviewing the latest technologies to find an optimum solution.

Lastly, implement policies and procedures to monitor workloads’ performance that flags issues before they impact usability.

Conclusion

I hope this newsletter has helped you to understand the five pillars of AWS Well-Architected framework. It is high time we get to know about AWS.

Subscribe to Saturday with Codes as we will be add Every Monday Code Reviews to our discord server.