blog post cover

AWS Well-Architected: How to Get Started

Table of contents

AWS Well-Architected is a framework that prescribes a set of best practices for designing resilient, cost-effective, and high-performing systems on AWS. The Framework helps you evaluate your architecture and make ongoing changes to optimize performance, reduce cost, and mitigate risk.

It is divided into six pillars: Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability. Sounds a bit complicated? Don't worry; we're going to give you an idea of what it takes to get started with it.

What is the AWS Well-Architected Framework?

AWS Well-Architected Framework defines a set of best practices or principles that help you design your cloud architectures and choose the right cloud services. The principles are based on feedback and learnings from industry experts at AWS who have architected hundreds of enterprise applications on AWS. 

“Good intentions never work; you need good mechanisms to make anything happen.” — Jeff Bezos.

For small organizations, large enterprises, and everything in between, the AWS Well-Architected Framework gives you the tools to effectively design, deploy and operate your applications on AWS. It provides a set of questions to help figure out if an architecture meets cloud best practices and expectations from modern cloud-based systems. Subsequently, the Framework points out the specific remediation methods to achieve the required qualities. 

Rundown to go: The Framework focuses on six principles, foundational questions, and general design principles to design and operate cloud workloads securely, efficiently, cost-effectively, and reliably. 

What AWS Well-Architected Offers

  • The AWS Well-Architected Framework ensures a consistent approach for partners and customers to evaluate architectures and implement designs that will scale over time.
  • It includes a set of architectural best practices for designing and running workloads on the AWS Cloud.
  • It helps to review some of the most common failure scenarios that we see across customers and provide prescriptive guidance on how these can be avoided.
  • The AWS Well-Architected Framework helps you learn how to make sound architecture decisions early in the life cycle.

What it includes:

The AWS Well-Architected consists of domain-specific lenses, labs, and the AWS Well-Architected Tool.

AWS Well-Architected Framework Checklist

Amazon compares creating a software system with constructing a building. A substantial building rests upon a solid foundation. If not, it can easily be undermined by structural problems. Likewise, strong software systems require foundational pillars to be efficient, stable, and functional. 

Here are the six foundational pillars of the AWS Well-Architected Framework:

1. Operational Excellence

The Operational Excellence pillar refers to a business's ability to run, monitor, and support workloads efficiently by continuously developing supporting processes and procedures with operational insights so that it can deliver value.

Best practice areas for operational excellence in the cloud: organization, prepare, operate, and evolve.

Design principles:

  • Operate as code
  • Make small, reversible changes frequently
  • Improve operation procedures frequently
  • Anticipate failure
  • Learn from operational failures 
  • Eliminate direct/manual access to data process
  • Prepare incident management policy

2. Security

The Security pillar focuses on six best practice areas for cloud security, including Identity and Access Management, Security, Detection, Data Protection, Infrastructure Protection, and Incident Response.

It is recommended to implement these practices before you architect any workload. In that respect, the Security pillar is a business's ability to ensure the protection of data, systems, and assets. It covers security assessments, best practices, and design principles.

Design principles:

  • Security
  • Identity and Access Management
  • Detection
  • Data Protection
  • Infrastructure Protection
  • Incident Response

3. Reliability

The Reliability pillar involves designing and implementing reliable workloads on AWS that can function and operate as intended; correctly and consistently. The workload architecture should also be able to scale on-demand, detect, prevent, and mitigate failures. The cloud reliability area consists of four best practice areas; Foundations, Workload Architecture, Failure Management, and Change Management.

Design principles:

  • Automate failure recovery
  • Test recovery procedures
  • Scale horizontally to increase aggregate workload availability
  • Stop guessing capacity
  • Manage change in automation

4. Performance Efficiency 

The Performance Efficiency pillar of AWS Well-Architected Framework encompasses the ability to use computing resources effectively to align with system requirements and maintain efficiency as the business and technology evolves or changes on demand.

The best practice areas for performance efficiency cover Selection, Review, Monitoring, and Trade-offs.

Design principles:

  • Democratize advanced technologies
  • Go global in minutes
  • Use serverless architectures
  • Experiment more often
  • Consider mechanical sympathy

5. Cost Optimization

The Cost Optimization pillar relies on a business's ability to run systems by decreasing costs and delivering value at the lowest possible cost.

Recommended best practice areas cost optimization in the cloud include practicing cloud financial management, expenditure and usage awareness, cost-effective resources, managing demand and supply resources, and optimizing over time.

Design Principles:

  • Implement Cloud Financial Management
  • Adopt a consumption model
  • Measure overall efficiency
  • Stop spending money on undifferentiated heavy lifting
  • Analyze and attribute expenditure

6. Sustainability

The Sustainability pillar of the AWS Well-Architected focuses on energy reduction of a workload and environmental impacts like energy consumption and the ability to reduce resource usage. AWS-recommended best practice areas for sustainability are region selection, user behavior patterns, hardware patterns, development and deployment process, software and architecture patterns, and data patterns.

Design principles:

  • Understand your impact
  • Establish sustainability goals
  • Reduce the downstream impact of your cloud workloads
  • Maximize utilization
  • Use managed services
  • Anticipate and adopt new, more efficient hardware and software offerings

Benefits of the AWS Well-Architected Framework

The Framework provides guidance to help you:

  • Review existing architectures;
  • Identify trade-offs in design decisions;
  • Define and share best practices for your organization;
  • Identify risk patterns by benchmarking against industry best practices;
  • Reduce business risk by identifying gaps in your ability to recover from failures or disruptions; and
  • Improve solutions by guiding how to design for scalability, performance, high availability, fault tolerance, security, and cost

Automate Your Evaluation for Well-Architected

The AWS Well-Architected Framework is meant to give you a target in mind when designing your next system. If you use the Framework as a yardstick, you'll avoid making common mistakes that will end up costing you time and money down the road. You'll also be able to spot problems before they arise, saving you even more of your resources. 

Resmo query screen

Where well-architected might be lacking, though, is in providing a continuous evaluation; instead, it encourages developers to think in terms of design principles. On that end, a mediator tool that would help you continuously ask the framework questions and alert you on rule breach can provide the most efficient solution. Resmo, continuous visibility and security solution for cloud and SaaS, is designed to help you gain insight into your cloud stack security. 

With Resmo, you can use pre-set conformance queries for AWS, run custom ones, and set up rules and notifications for any rule breach. It’s the security and visibility automation you need for resilient, secure, and high-performing systems on AWS through a single platform.

Continue Reading

next article

17 Best SIEM Tools to Try in 2024

Sign up for our Newsletter