What is the AWS Well-Architected Framework?
The AWS Well-Architected Framework helps you assess your architecture design against well-established best practices for operating secure, reliable, efficient and cost-effective workloads in the cloud. The framework is based on years of experience and is constituted of six pillars to help you make the right decisions and guide reviews of existing architectures:
- Operational Excellence is the ability to run and support your workloads, continually improve understanding and procedures to deliver business value.
- Security is the ability to protect your systems, safeguard customer confidential information and effectively respond to security incidents.
- Reliability focuses on workloads that consistently deliver the expected business value while mitigating failures and adapting to evolving architectures.
- Performance Efficiency concerns the appropriate allocation of IT resources to build performant workloads that remain efficient as demand grows.
- Cost Optimization focuses on eliminating unnecessary spending while meeting business objectives.
- Sustainability is about helping you minimize the environmental impact of your cloud workloads and reach your organizational green goals.
The Operational Excellence pillar defines a process to help you operate your workloads and improve related procedures to help your business succeed.
It begins with establishing a shared understanding of your workloads and their business value across the organization, then empowering your teams to take action to protect your outcomes and minimize risk. Once you have identified the role each component plays in supporting your business objectives, you need to prepare for incidents and issues by capturing information to enable situational awareness and rapid feedback.
Finally, you can evaluate the fulfillment of customer needs by collecting both business-oriented and operational metrics from your workloads which helps identify areas for improvement and learning opportunities for your teams to gain operational expertise.
The key design principles of Operational Excellence are:
- Perform operations as code
- Make frequent, small, reversible changes
- Refine operations procedures frequently
- Anticipate failure
- Learn from operational failures
This pillar is all about protecting your data and systems in the cloud and outlines best practices to follow. In addition to applying security measures at all layers and enabling traceability, you need to automate your security operations and encrypt data both at rest and in transit.
Defining clear roles and responsibilities for your teams in Identity and Access Management, and assigning granular access policies that follow the least privilege principle is an important step toward a transparent and auditable environment.
Take advantage of robust encryption and AWS services compliant with regulatory frameworks such as PCI DSS and FedRAMP to safeguard your customer information. Relying on AWS to manage and secure the infrastructure and developing runbooks based on APIs provided by services like GuardDuty, Config and Trusted Advisor can vastly improve the speed and effectiveness of incident response.
Reliability is all about the ability of your workloads to deliver your services consistently, this is achieved with four design principles: architecting your application to scale horizontally to increase resiliency, ensuring your recovery procedures are tested and ready when needed, and no more guessing capacity by adopting cloud API-driven automation. It is recommended to have a change management and failure management systems in place which help you track changes to your infrastructure and enable your workloads to recover from failures respectively.
It is crucial that your applications can perform and evolve to meet your customer expectations, to do so, you must choose the optimal resources (compute, storage, database) for your workloads to run efficiently. Performance Efficiency helps you navigate the diverge range of advanced services and technologies offered by AWS to achieve that.
This pillar encourages you to take advantage of the scale and velocity offered by AWS to quickly grow to a global scale, use Serverless technology and experiment more frequently, it is advisable to adopt a data-driven approach to help optimize your AWS architecture when it comes to compute power, network latency and storage capacity. Finally, ensuring continuous monitoring and evaluation helps you find opportunities for improvement and weigh tradeoffs.
Running your workloads to attain business goals and meeting customer expectations securely and efficiently is the main goal of any AWS architecture but the ability to fulfill that at the lowest price point is even better.
Cost Optimization presents a number of guidelines to minimize your spending and maximize your return on investment (ROI) while working with AWS. To begin with, it is helpful to use a financial management system and establish cost awareness within your organization with AWS Budgets which provides proactive notifications and budgeting for your projects. Next, having a clear AWS environment structure divided by teams or departments makes it easier to spot overspending and budgeting issues and rectify in time. Finally, choosing Serverless and managed services for your projects can save you both time and money; Aurora Serverless and EC2 spot instances are great examples of cost-effective solutions.
This pillar helps you understand the environmental impact of running your business and the shared responsibility of your organization towards the planet. AWS is responsible for providing efficient shared global infrastructure powered mostly by renewable energy while customers are responsible for optimizing their workload resource utilization which leads to fewer components.
The main recommendation is to establish your sustainability goals and understand the current impact of your deployments. From there, it is important to right-size your infrastructure and adopt the latest generation instance types to run more efficiently. Finally, choosing a managed service not only alleviates the burden for your team but also allows AWS to pack even more workloads into a smaller number of resources shared by many customers.