AWS Well-Architected Framework

Guide designed to help you build the most secure, high-performing, resilient, and efficient architectures. Contains best practices and tips.

It has 6 pillars → Each one has set of principles + best practices.
Well-Architected Tool → Tool that provides a consistent process for measuring your architecture against AWS best practices (the framework).

1. Operational Excellence

Focus → Ability to run + monitor systems to deliver business value and continuously improve processes.

Design Principles:

Perform operations as code → Limits human error.
Annotate documentation → Automate documentation after every build.
Make frequent, small, reversible changes → Design workloads to be able to handle component updates and make changes in small increments.
Refine operations procedure frequently → Look for opportunities to improve procedures.
Anticipate failure → Identify potential sources of failure to remove or mitigate them and test failure scenarios.
Learn from all operational events and failures → Share events with others within business.

Best practice areas:

Focus → Ability to protect information, systems, and assets while delivering business value through risk assessment and mitigation strategies.

Design Principles:

Implement a strong identity foundation → Principle of least privilege and enforce separation of duties with proper identification for each one.
Enable traceability → Monitor, alert, and audit actions and changes of your system in real time. Integrate logs to apply automatic actions
Apply security at all layers → Defense in-depth and apply security controls at each level of architecture.
Automate security best practices → Automate security measures to scale more rapidly.
Protect data in transit and at rest → Classify data at different levels and use techniques to protect it.
Keep people away from data → Reduce risk of loss/modification of data due to human error.
Prepare for security events → Have an incident management process that aligns with organizational requirements. Run simulations to be more prepared.

Best practice areas:

Focus → Prevent and quickly recover from failures to meet business and customer demand.

Design Principles:

Test recovery procedures → Test how systems fail and validate procedures.
Automatically recover from failure → Monitor systems for key performance indicators and trigger automatic recovery.
Scale horizontally to increase aggregate system availability → Replace large resource with multiple smaller and distribute requests among smaller resources to reduce SPOF.
Stop guessing capacity → Monitor demand and system usage and automate addition/removal of resources to satisfy demand.
Manage change in automation → Use automation to make changes in infrastructure and make changes to automation.

Best practice areas:

Focus → Use IT and computing resources efficiently to meet system requirements and maintain efficiency as demand and technologies evolve.

Design Principles:

Democratize advanced technologies → Consume new technologies to focus on applications instead of provisioning.
Go global in minutes → Deploy systems in multiple regions for better latency and experience.
Use serverless architectures → Remove operational burden of servers, can reduce costs.
Experiment more often → Perform comparative testings of different technologies.
Have mechanical sympathy → Use the best technology approach that aligns with what you are trying to achieve.

Best practice areas:

Focus → Run systems to deliver business value at the lowest price point.

Design Principles:

Adopt a consumption model → Pay only for what is required and used.
Measure overall efficiency → Measure business output of the workload and its associated costs.
Stop spending money on data center operations → AWS does this, you focus on projects and operations.
Analyze and attribute expenditure → It is easy in the cloud to separate costs per workload, can measure ROI.
Use managed and application-level services to reduce cost of ownership → Reduce operational burden for simple tasks.

Best practice areas: