AWS Well-Architected Framework: Enhancing Cloud Architecture

The AWS Well-Architected Framework is a collection of best practices that allow customers to evaluate and improve the design, implementation, and operations of their workloads in the cloud.?

In 2012, the first version of the framework was published, leading to the 2015 release of the?guidance?whitepaper. We added the operational excellence pillar in 2016. The?pillar-specific whitepapers?and?AWS Well-Architected Lenses?were released in 2017, and, the following year, the?AWS Well-Architected Tool?was launched.?

In 2020, the content for the Well-Architected Framework received a?major update, as well as more lenses, and API integration with the AWS Well-Architected Tool. The sixth pillar, Sustainability, was added in 2021. In 2022, dedicated pages were introduced for each consolidated best practice across all six pillars, with several best practices updated with improved prescriptive guidance.?

The AWS reference architecture is comprised of core questions based on the experiences of thousands of customers. The purpose of AWS's well-designed structure is simple: allow customers to compare the AWS architecture to best practices and rectify problems.??

The Amazon Solutions Architect outlines the six pillars that underpin the best practices described in the AWS reference architecture. Each reinforces the fundamentals upon which technology is based.??

1. Operational Excellence??

Simply put, operational excellence refers to an improved ability to operate systems and monitor processes in order to deliver company value. It also considers the ongoing improvement of supporting processes and procedures. ? Three actions round out the concept of operations excellence in a well-designed AWS framework: Prepare, run, and develop.??

Prepare:?The preparation step requires you to understand your workload. Once you've done this, you'll be able to design and create procedures to support your business.??

Operate:?In this step, you define metrics and measure operational results against them. This will help you to understand your operational health and identify where you need to improve.??

Evolve:?Depending on your operational health, the next step towards achieving operational excellence lies in “evolution.” In this step, you often apply small, incremental changes based on your previous efforts.??

? The operational excellence pillar determines the six design principles for an AWS architecture diagram: ? ? Use infrastructure as code, such as Terraform or CloudFormation, and manage activities using pipelines in your repositories. ? ? Annotate documents for each application, including HLD and LLD documents. ? ? Make minor, reversible modifications. ? ? Predict potential failure points. ? ? Develop and document results, including failures.??

2. Security??

This feature discusses the ability to protect systems, information, and assets through risk assessment and mitigation to secure corporate value. An AWS architecture's security pillars include identity and access management, detective controls, infrastructure protection, data protection, and incident response.??

Identity and access management:?Identity and access management is crucial to data and information security because it guarantees that only authorized and authenticated individuals have access to your information and resources in the manner that you want and approve.??

Infrastructure protection:?Encompassing a range of methodologies, infrastructure protection ensures that your systems and services are safe from unwanted, unauthorized access and protected from potential vulnerabilities.??

Data protection:?Data protection encompasses data classification, encryption, data protection at rest and in transit, data recovery, and other techniques to prevent data theft or loss.?

Event log and response:?Even with rigorous management and security in place, you are not fully safe. Event response management guarantees that if a security event occurs, it does not disrupt your team's ability to function efficiently. Furthermore, it helps to mitigate the impact of this incident.??

The design principles derived from the security pillar in an AWS architecture diagram are as follows:??

• Build a strong identity foundation and define access rules??
• Enable multiple layers of security??
• Create traceability??
• Automate security??
• Protect data in transit and at rest??
• Prepare for security incidents??

3. Cost Optimization??

For any firm, cost optimization can have a significant impact on its results. This pillar in AWS' well-designed checklist serves as the foundation for deleting any apps that incur extra expenditures or insufficient resources, benefiting the business.??

As a result of best practices provided by the Amazon Solutions Architect, firms can establish procedures without worrying about resources with the help of the well-designed AWS architecture. It assists companies in doing this by utilizing cost-effective resources, aligning supply and demand, investing wisely, and continuously optimizing over time.??

?

Using cost-effective resources: Includes right-sizing, suitable procurement, managed services, careful geographical selection, and purchasing alternatives that meet your company's demands.??

Matching Supply and Demand: Moving to the cloud offers a significant advantage: you just pay for what you use. When IT service supply matches demand, there is no need to overprovision your resources.??

Spend awareness: You need to identify your cost drivers and set benchmarks to optimize spending. When you properly link resource costs to systems, individual businesses, or product owners, the cost can be significantly reduced (and wasted). Accurate cost attribution enables you to identify profitable business units and products, allowing you to allocate resources wisely.??

Centrally manage billing:?Centrally manage your billing using AWS organization. Thus, you can see how much usage is made by which department or AWS account, and you can get more detailed usage reports with AWS tags.??

This pillar serves as a well-designed AWS framework tool to achieve the following design principles:??

• Create a consumption model??
• Measure overall cost-efficiency??
• Don't waste money and resources on data center operations??

• Analyze and allocate spending to profitable business units??
• Reduce the cost of ownership??

4. Reliability??

The reliability pillar includes apps that help a system recover from outages, make computing resources accessible to meet service demand, and resolve AWS architecture misconfigurations or transitory network difficulties.??

? The definition of reliability revolves around serviceability. Service availability is reduced whenever an application is not working normally (whether due to planned or unforeseen outages).??

It is also crucial to evaluate the cost of availability in this pillar. Designing apps with increased availability incurs more expenditure. That is why, before you begin designing an application, you must first examine and identify your specific usability requirements. Thus, the design concepts obtained from the security pillar are as follows:??

? Test recovery methods during outages??

? Improve system availability??

? Calculate the cost of creating high-availability applications??

? Estimate and scale capacity??

? Remove elements that cause system failure from a single point.??

5. Performance Efficiency??

This pillar focuses on the effective use of computing resources to fulfill business needs. It also develops applications for maintaining efficiency as your organization grows, demands increase, and technology advances.??

The four major components of performance efficiency in an AWS architecture diagram are as follows:??

Review: When you first implement an AWS architecture solution, you have few options, but with time, it gets easier to adapt and experiment with new features. You may track your progress by comparing the outcomes of previous and new architectures. Visualization tools, for example, can help you detect performance concerns, hotspots, and low-usage areas.??

Choice: The optimum solution for your organization is determined by the type of workload. This ideal solution is typically request-response and event-driven (extraction, pipeline, etc.).??

Monitoring: After establishing your architecture, you must regularly monitor it for performance and take remedial action when issues develop. Corrective action must be implemented immediately so that problems can be resolved before your customers become aware of them.??

Balance:?An AWS Solutions Architect partner always considers tradeoffs. You can build a business resilience framework to meet your business needs and deliver higher performance.??

Therefore, the design principles derived from the security pillar are as follows:??

• Experiment often??

• Have performance metrics in place??
• Focus on globalization as you evolve??
• Use serverless architectures (or migrate from virtual servers to container infrastructure)???

6. Sustainability??

The discipline of sustainability is concerned with the long-term environmental, economic, and societal consequences of your business actions. Sustainable development, according to the United Nations World Commission on Environment and Development, is "development that meets the needs of the present without compromising the ability of future generations to meet their own needs." Your company or group may have a negative environmental impact, such as direct or indirect carbon emissions, non-recyclable waste, and damage to common resources such as clean water.?

In developing cloud workloads, it is important to understand the implications of the services used, measure their effects over the whole lifespan, and apply design principles and best practices to minimize these impacts. This document focuses on environmental implications, including energy usage and efficiency, because they are crucial levers for architects to inform direct action to reduce resource usage.?

AWS Well-Architected Tool: What Is It???

AWS provides the Well-Architected Tool for free, which you can easily access from the AWS console. You can review the Well-Architected Framework after defining your workloads in the tool and answering the questions in each pillar, which will be able to show you potential risks and recommendations for your infrastructure.??

How to Use the AWS Well-Architected Tool??

• Navigate to the AWS Well-Architected Tool web page and click “define workload.” This will take you to a form where you can fill out your workload basics, such as industry type, region, and environment.???

• Next, choose a lens according to your workloads.??

• The AWS Well-Architected Tool will then guide you through a systematic workload review of your added infrastructure. Further ahead, you get to prioritize among the pillars according to your needs. This makes the recommendations stronger on the pillars that matter the most to your app. You can see the number of the pillars’ questions according to the selected lens below.?

• After completing your first review, you can generate a written report in PDF based on your selection of workloads and priorities selected in terms of pillars like security, performance, etc.??
• Based on this AWS Well-Architected Framework PDF report, you can head back to your workloads tab and click on an improvement plan to see recommendations for further adjustments to your workloads.??

?Key takeaways?

Commencis, an AWS Advanced Partner, conducts periodic AWS Well-Architected Framework reviews for its customers. Commencis' offering enables its customers to use AWS services more efficiently, securely, and cost-effectively. Following an inquiry, Commencis creates a report in compliance with the AWS Well-Architected Framework principles and then aids its customers in taking action based on the study's suggestions.?

References

1. AWS Well-Architected
2. AWS Well-Architected Framework

?