This document provides an introduction to the AWS Well-Architected Framework, which consists of five pillars - security, reliability, performance efficiency, cost optimization, and operational excellence. It discusses the recent addition of the operational excellence pillar and updates to the reliability pillar. It also covers new architecture type overlays and available resources like whitepapers, online training, and reference architectures. The session is intended for architects, developers, managers, and IT professionals interested in cloud architecture best practices.
3. Introduction to the AWS Well Architected Framework
We will cover:
• An introduction to the AWS Well Architected Framework
• The recent addition of the operational excellence pillar, and updates to the
reliability pillar
• New architecture type overlays for Serverless, NoSQL, gaming, SAP, and
streaming workloads
This session is suited for:
• Enterprise and solutions architects
• System and application developers
• Development managers
• IT professionals
• IT Leaders and anybody interested in the emerging area of DevOps
5. AWS Reference Serverless Micro Service Architectures
aws.amazon.com/serverless/
AWS Serverless Multi-Tier
Architectures
Using Amazon API Gateway and AWS Lambda
November 2015
6. AWS Foundation Services
Compute Storage Database Networking
AWS Global
Infrastructure
Regions
Availability Zones
Edge Locations
Client-side Data Encryption
Server-side Data
Encryption
Network Traffic Protection
Platform, Applications, Identity & Access Management
Operating System, Network & Firewall Configuration
Customer content
Customers
Shared Responsibility between AWS and our customers
Customers are
responsible for their
security IN the Cloud
AWS is responsible
for the security OF
the Cloud
12. Why would I want to apply the AWS Well-Architected Framework?
Build and
deploy faster
Lower or
mitigate risks
Make informed
decisions
Learn AWS
best practices
15. General Design Principles
Stop guessing your capacity needs
Test systems at production scale
Automate to make architectural experimentation easier
Allow for evolutionary architectures
Build data-driven architectures
Improve through game days
17. Design Principles for Security
Apply security at all layers
Enable traceability
Implement a principle of least privilege
Focus on securing your system
Automate security best practices
21. Key Services for Security AWS IAM
Areas Key Services
Identity and Access
Management
Detective Controls
Infrastructure Protection
Data Protection
Incident Response
Elastic Load
Balancing
Amazon EBS Amazon S3 Amazon RDS
AWS Key
Management Service
MFA Token
Amazon VPC
AWS CloudTrail AWS Config Amazon CloudWatch
AWS IAM
AWS IAM AWS CloudFormation
22. Customer story: Automation
Financial Services Organization
Situation:
• They had a process for
getting credentials
from their InfoSec
team took too long so
they hardcoded them
into their applications
Behavior:
• SA team created a
proof of concept and
demoed to customer
Impact:
• implemented an
automated solution for
IAM user/group/role
creation to address a
Well Architected critical
issue.
24. Design Principles for Reliability
Test recovery procedures
Automatically recover from failure
Scale horizontally to increase aggregate system availability
Stop guessing capacity
Manage change in automation
25. Key Services for Reliability
Areas Key Services
Foundations
Change management
Failure management
AWS IAM Amazon VPC
AWS CloudTrail AWS Config
AWS CloudFormation
Amazon CloudWatch
26. Customer story: Governance
Retailing
Situation:
• Customer has been
building serverless
architectures
Behavior:
• We ran a Well-
Architected review on
their architecture
Impact:
• They want to use the
Well-Architected
framework and reviews
as a gating
mechanisms for future
production workloads
28. Design Principles for Performance Efficiency
Democratize advanced technologies
Go global in minutes
Use serverless architectures
Experiment more often
Mechanical sympathy
30. Customer story: Understanding
Aeronautics
Situation:
• Reviewed 3 customer
facing architectures, took
months to get the right
people in the room
Behavior:
• Got their team together
for the first time to agree
on what had actually
been implemented
• Cohesive view of whole
architecture
• Report with replay and
recommendations
Impact:
• Learnings on AWS,
issues identified with
recommendations
• Earned trust and better
understanding of the
customer
• WA review part of
approval process
32. Design Principles for Cost Optimization
Adopt a consumption model
Benefit from economies of scale
Stop spending money on data center operations
Analyze and attribute expenditure
Use managed services to reduce cost of ownership
33. Key Services for Cost Optimization
Areas Key Services
Cost-effective resources
Matched supply and demand
Expenditure awareness
Optimizing over time
Amazon CloudWatch
Auto Scaling
Amazon SNS
Reserved Instances AWS Trusted Advisor
AWS Blog & What’s New
Cost Allocation Tags
34. Customer story: Maturity
SaaS company
Situation:
• Existing SaaS
architecture
deployed in Classic
EC2
Behavior:
• Used Well-
Architected to plan
the migration to
VPC, including
multi-AZ, and
capacity planning
Impact:
• Migrated to a
mature architecture
36. Topics explored in Operations Excellence Pillar
• What best practices for cloud operations are you using?
• How are you doing configuration management for your workload?
• How are you evolving your workload while minimizing the impact of
change?
• How do you monitor your workload to ensure it is operating as expected?
• How do you respond to unplanned operational events?
• How is escalation managed when responding to unplanned operational
events?
37. Design Principles for Operational Excellence
Perform Operations with Code
Align Operations Processes to Business Objectives
Make Regular, Small, Incremental Changes
Test for Responses to Unexpected Events
Learn from Operational Events and Failures
Keep Operations Procedures Current
39. Benefits of Well-Architected
Think Cloud-Natively
Consistent Approach to
Reviewing Architecture
Understand
Potential Impact
Visibility of Risks
40. Preparing for Well Architected Review
• Complete the Online Training
• Perform Customer Self Assessment
• Evaluate Automated Assessment Tools
• Certified APN Partner Led Assessment
• AWS Account Team Engagement & Review
• Work with AWS SA on any Remediation Plans