Are you Well - Architected?

The Well-Architected Framework is AWS’s best-practice model to help cloud architects build the most secure, high-performing, resilient, and efficient infrastructure possible for their applications.

A Well-Architected Review consists of assessing a specific, business-critical workload against the five pillars of the WA Framework, including operational excellence, security, reliability, performance efficiency, and cost optimisation.

 

                                            The five pillars of Well-Architected Framework

This framework consists of a set of questions and principles across declared five pillars and helps clients clarify the advantages and disadvantages of different decisions made while developing their applications on AWS.

Operational Excellence

This pillar is combination of processes, continuous improvement, and monitoring system that delivers business value and continuously improve supporting processes and procedures.

Design Principles

Perform operations as code: Define same engineering discipline that will be used for application code, entire workload & infrastructure
Annotate documentation: Automate documentation on every build which can be used by systems and humans
Make frequent, small, reversible changes: Design infrastructure components to apply changes in small size increments on a regular interval
Refine operations procedures often: As operations procedures are designed, we should keep checking and evaluating the process for the latest updates
Anticipate failure: Perform tests with pre-defined failure scenarios to understand its impact. Execute such tests on a regular interval to check the infrastructure with simulated events
Learn from all operational failures: Keep track of all failures and events

 

Security

Security pillar centers on protecting information, systems, and assets along with delivering business needs.

Design Principles

Implement a strong identity foundation: Implement least privilege and enforce authorized access to AWS resources. Design central privilege management and reduce risk of long-term credentials
Enable traceability & Security Events: Monitor, alert, audit, incident response of actions and changes in environment real-time. Run incident response simulations and use automation tools upsurge speed for detection, investigation, and recovery
Apply security at all layers: Apply security to all layers e.g. Network, database, OS, EC2, and applications. Prevent application and infrastructure by human and machine attacks.
Automate security best practices: Create secure architectures, including implementation of controls that are defined, software-based security mechanisms and managed as code in version-controlled templates.
Safeguard data in transit and at rest: Categorize data into sensitivity levels and mechanisms, such as encryption, tokenization, and access control.
Keep people away from data: Create mechanisms and tools to reduce or eliminate need to direct access or manual processing of data to reduce risk of loss due to human error.

Reliability

Reliability pillar ensures that given system is architected to meet operational thresholds, during a specific period of time, meet increased workload demands, and recover from failures with minimal disruption or no disruption.

Design Principles

Test Recovery Process: Use automation to simulate different failures or to recreate scenarios that led to failures. This reduces the risk of components that are not been tested before failing.
Automatic recovery from failure: Enable the system monitoring by KPIs, triggering automation when a threshold is reached. Enable automatic notification and tracking for failures, and automated recovery processes that repair the failure.
Scale horizontally to increase aggregate system availability: Replace one large resource with multiple small resources to reduce the impact of a single failure on the overall system.
Stop guessing capacity: Monitor demand and system utilization and automate the addition or removal of resources to maintain the optimal level.
Manage change in automation: Changes to infrastructure should be done via automation.

Performance Efficiency

Performance Efficiency focuses on ensuring a system/workload delivers maximum performance for a set of AWS resources utilized (instances, storage, database, and locality)

Design Principles

Democratize advanced technologies: Use managed services (like SQL/NoSQL databases, media transcoding, storage, and machine learning) that can save time and monitoring hassle and team can focus on development, resource provisioning, and management
Go global in minutes: Deploy system in multiple AWS regions around the world to achieve lower latency and a better experience for customers at minimal cost
Use serverless architectures: Reduce overhead of running and maintaining servers and use the available AWS option to host and monitor infrastructure
Experiment more often: With virtual and automated system and deployment, it is very easy to test system and infrastructure with different types of instances, storage, or configurations

Cost Optimization

Cost optimization focuses on achieving lowest price for a system/workload. Optimize the cost while considering the account needs without ignoring factors like security, reliability, and performance.

Design Principles

Adopt a consumption model: Pay only for the computing resources you consume and increase or decrease usage depending on business requirements are not with elaborate forecasting
Measure overall efficiency: Measure business output of the system and workload, and understand achieved gains from increasing output and reducing cost
Adopt managed services & stop spending money on data center operations: Managed services remove the operational burden of maintaining servers for tasks like sending the email or managing databases, so team can focus on your customers and business projects rather than on IT infrastructure
Analyze and attribute expenditure: Identify the usage and cost of systems, which allows transparent attribution of IT costs to revenue streams and individual business owners

Using AWS well-architected framework and following above-discussed practices, Cosmic Tech helps design stable, reliable, and efficient cloud solutions fulfilling business needs and value. We offer cloud solutions for connected app development, cloud computing platform architecture design, cloud migration, SaaS services, DevOps, service orchestration and cloud solution modernization.

Close Menu