AWS Cloud Practitioner Certification

19. AWS Well-Architected Framework

AWS Well-Architected Framework helps cloud architects build the most secure, high-performing, resilient, and efficient infrastructure possible for their applications. Below we will go through each pillar’s design principals and Best Practices

AWS Cloud Best Practices – Design Principles

• Scalability: vertical & horizontal
• Disposable Resources: servers should be disposable & easily configured
• Automation: Serverless, Infrastructure as a Service, Auto Scaling…
• Loose Coupling:
  • Monolith are applications that do more and more over time, become bigger
  • Break it down into smaller, loosely coupled components
  • A change or a failure in one component should not cascade to other components
• Services, not Servers:
  • Don’t use just EC2
  • Use managed services, databases, serverless, etc !

The 5 Pillars of the AWS Well-Architected Framework (OpExcellence PerEff CostOpo Reli Security)

1. Operational Excellence
2. Performance efficiency
3. Cost optimisation
4. Reliability
5. Security

• They are not something to balance, or trade-offs, they’re a synergy

https://aws.amazon.com/blogs/apn/the-5-pillars-of-the-aws-well-architected-framework/

Operational Excellence – The Operational Excellence pillar includes the ability to support development and run workloads effectively, gain insight into their operation, and continuously improve supporting processes and procedures to delivery business value.

There are five design principles for operational excellence in the cloud:

1. Perform operations as code – Infrastructure as code
2. Make frequent, small, reversible changes – So that in case of any failure, you can reverse it
3. Refine operations procedures frequently – And ensure that team members are familiar with it
4. Anticipate failure
5. Learn from all operational failures
6. Annotate documentation

Best Practices For Operational Efficiency

Everything continues to change—your business context, business priorities, customer needs, etc. It’s important to design operations to support evolution over time in response to change and to incorporate lessons learned through their performance.

Performance efficiency – The Performance Efficiency pillar includes the ability to use computing resources efficiently to meet system requirements, and to maintain that efficiency as demand changes and technologies evolve.

There are five design principles for performance efficiency in the cloud:

1. Democratize advanced technologies -Advance technologies become services and hence you can focus more on product development
2. Use serverless architectures – Avoid burden of managing servers
3. Go global in minutes – Easy deployment in multiple regions
4. Experiment more often – Easy to carry out comparative testing
5. Mechanical sympathy – Be aware of all AWS services

Best Practices for Peformace Efficiency in AWS

1. Take a data-driven approach to building a high-performance architecture. Gather data on all aspects of the architecture, from the high-level design to the selection and configuration of resource types.
2. Make trade-offs in your architecture to improve performance, such as using compression or caching, or relaxing consistency requirements

Cost Optimisation – The Cost Optimisation pillar includes the ability to run systems to deliver business value at the lowest price point

There are five design principles for cost optimisation in the cloud:

1. Stop spending money on on data centre operations/undifferentiated heavy lifting – AWS does the infrastructure part and enables customer to focus on organisation projects
2. Analyse and attribute expenditure– Accurate identification of system usage and costs, helps measure return on investment (ROI) – Make sure to use tags
3. Adopt a consumption model – Pay only for what you use
4. Implement cloud financial management CFM -set of best practices review white-paper .
   1. Use managed and application level services to reduce cost of ownership – As managed services operate at cloud scale, they can offer a lower cost per transaction or service
5. Measure overall efficiency – Use CloudWatch

Best Practices for Cost optimisation

• As with the other pillars, there are trade-offs to consider. For example, do you want to optimize for speed to market or for cost? I
• Using the appropriate services, resources, and configurations for your workloads is key to cost savings

Reliability – The Reliability pillar encompasses the ability of a workload to perform its intended function correctly and consistently when it’s expected to

There are five design principles for reliability in the cloud:

1. Automatically recover from failure – Anticipate and remediate failures before they occur
2. Test recovery procedures – Use automation to simulate different failures or to recreate scenarios that led to failures before
3. Scale horizontally to increase aggregate workload availability – Distribute requests across multiple, smaller resources to ensure that they don’t share a common point of failure
4. Stop guessing capacity – Maintain the optimal level to satisfy demand without over or under provisioning – Use Auto Scaling
5. Manage change, in automation – Use automation to make changes to infrastructure

Best Practices

1. To achieve reliability, you must start with the foundations—The workload architecture of the distributed system must be designed to prevent and mitigate failures. The workload must handle changes in demand or requirements, and it must be designed to detect failure and automatically heal itself.
2. Before architecting any system, foundational requirements that influence reliability should be in place. For example, you must have sufficient network bandwidth to your data center.
3. it is the responsibility of AWS to satisfy the requirement for sufficient networking and compute capacity, while you are free to change resource size and allocation, such as the size of storage devices, on demand.

Security – The Security pillar includes the ability to protect data, systems, and assets to take advantage of cloud technologies to improve your security. 

There are seven design principles for security in the cloud:

1. Implement a strong identity foundation – Centralize privilege management and reduce (or even eliminate) reliance on long-term credentials – Principle of least privilege – IAM
2. Enable traceability – Integrate logs and metrics with systems to automatically respond and take action
3. Apply security at all layers – Like edge network, VPC, subnet, load balancer, every instance, operating system, and application
4. Automate security best practices
5. Protect data in transit and at rest – Encryption, tokenization, and access control
6. Keep people away from data – Reduce or eliminate the need for direct access or manual processing of data-
7. Prepare for security events – Run incident response simulations and use tools with automation to increase your speed for detection, investigation, and recovery

Best Practices for cloud security

1. You should have a well-defined and practiced process for responding to security incidents. 

AWS Security Pillars

Click to access AWS-Security-Pillar.pdf

AWS Best Practcies

Click to access AWS_Cloud_Best_Practices.pdf

AWS Well-Architected Tool

• • Free tool to review your architectures against the 5 pillars Well-Architected Framework and adopt architectural best practices
• • How does it work?
  • • Select your workload and answer questions
  • • Review your answers against the 5 pillars
  • • Obtain advice: get videos and documentations, generate a report, see the results in a dashboard
• • Let’s have a look: https://console.aws.amazon.com/wellarchitected

AWS Professional Services & Partner Network

The AWS Professional Services organization is a global team of experts
• They work alongside your team and a chosen member of the APN
• APN = AWS Partner Network
• APN Technology Partners: providing hardware, connectivity, and software
• APN Consulting Partners: professional services firm to help build on AWS
• APN Training Partners: find who can help you learn AWS
• AWS Competency Program: AWS Competencies are granted to APN
Partners who have demonstrated technical proficiency and proven
customer success in specialized solution areas.
• AWS Navigate Program: help Partners become better Partners

cheapest support plan AWS provides to their customers with 24 hours phone support

1. Business – 24×7 phone, email, and chat access to Cloud Support Engineers
2. Enterprise – 24×7 phone, email, and chat access to Cloud Support Engineers
3. Basic – Email support only for Billing and Account
4. Developer – Business hours email access to Cloud Support Associates