AWS’ Well-Architected Framework: Your Blueprint for Cloud Success

Operational Excellence: ability to run and monitor systems to deliver business value.

  • Design Principles:

    + Perform operations as code.
    + Annotate documentation.
    + Make frequent, small, reversible changes.
    + Refine operations procedures frequently.
    + Learn from all operational failures.
  • Best Practices: Key AWS Services

    + Prepare: Use AWS Config rules to create standards for workloads.
    + Operate: Use Amazon CloudWatch to monitor operational health of a workload.
    + Evolve: Use Amazon ElasticSearch Service(ES) to analyze log data to gain actionable insights.

Security: ability to protect information, systems, and assets.

  • Design Principles:

    + Implement a strong identity foundation.
    + Enable traceability.
    + Apply security at all layers.
    + Automate security best practices.
    + Protect data in transit and at rest.
    + Keep people away from data.
    + Prepare for security events.
  • Best Practices: Key AWS Services

    + Identity and Access Management: Use IAM to securely control access to AWS Services and resources.
    + Detective Controls: Use AWS CloudTrail to record AWS APIs. Use Amazon GuardDuty to monitor malicious or unauthorized behavior.
    + Infrastructure Protection: 
        + Use Amazon VPC to run AWS services in a virtual network.
        + Use AWS Shield for DDoS mitigation.
        + Use AWS WAF as a web application firewall.
    + Data Protection: Use encryption capabilities to protect data in transit and at rest.
        + Use Amazon Macie to automatically discover, classify and protect sensitive data.
        + Use AWS KMS to create and control keys used for encryption.
    + Incident Response: CloudWatch events can be used to trigger automated responses.

Reliability: ability of a system to recover from infrastructure or service disruptions.

  • Design Principles:

    + Test recovery procedures.
    + Automatically recover from failure.
    + Scale horizontally to increase aggregate system availability.
    + Stop guessing capacity.
    + Manage change in automation.
  • Best Practices: Key AWS Services

    + Foundations: Use IAM, VPC, WAF, AWS Shield and Amazon GuardDuty to safeguard web applications.
    + Change Management:
        + Use AWS Config to record configuration changes.
        + Use Amazon AutoScaling to automate demand management for a deployed workload.
        + Use Amazon CloudWatch to aggregate log files from resources.
    + Failure Management:
        + User Amazon CloudFormation for using templates to create AWS resources.
        + Use Amazon S3 to keep backups.

Performance Efficiency: ability to use computing resources efficiently.

  • Design Principles:

    + Democratize advanced technologies.
    + Go global in minutes.
    + Use serverless architecture.
    + Experiment more often.
    + Mechanical sympathy.
  • Best Practices: AWS provides different services in compute, storage, network, monitoring and database domains.

Cost Optimization: ability to run systems to deliver business value at the lowest price point.

  • Design Principles:

    + Adopt a consumption model
    + Measure overall efficiency
    + Stop sending money on data center operations.
    + Analyze and attribute expenditure.
    + Use managed and application level services to reduce cost of ownership.
  • Best Practices: Key AWS Services

    + Expenditure Awareness:
        + Use AWS Cost Explorer to view and track usage in detail.
        + Use AWS Budgets to notify for usage or spend exceeding actual or forecasted budgeted amounts.
    + Cost-Effective Resources: Use CloudWatch or Trusted Advisor to help correct size of resources.
    + Matching supply and demand: Use AutoScaling to add or remove resources to match demand without overspending.
    + Optimizing over time.

Reference : AWS_Well-Architected_Framework