The Main Pillars of an AWS Well-Architected Framework
Developing a cloud-native business application, most often comes with different challenges related to scaling, costing, efficiency, infrastructure, etc. To successfully overcome these challenges, Amazon has provided guidelines for all the essential areas of cloud-native development. These guidelines are called the well-architected framework.
Amazon, being the pioneer in cloud technology, has valuable experience in providing its services to many tech giants. Based on their experience and lessons learned, they have developed the well-architected framework, which is a collection of design principles and best practices to ensure that the product one develops contains all the traits required for a successful application.
In this article, we will discuss the AWS well-architected framework in detail — exploring the core values of all the pillars of the framework. We will also cover the best practices related to each pillar.
AWS Well-Architected Framework Pillars
Find below the core pillars of the well-architected framework.
Security is important to protect both the data and the infrastructure. Some of the core values of the security pillar are:
- Manager user and role permissions to access data, services, and servers
- Keep the data confidential and maintain the integrity of the data
- Implement processes to detect any anomaly related to security
To ensure the above values, some of the best practices include the following:
- Implement a centralized mechanism for user authentication and authorization. One example is AWS IAM.
- Static credentials must be avoided at all costs.
- Implement the principle of least privilege for every user and every cloud service.
- Have a strong system of tracking, logging, and alerting user access. Put security audit controls in place.
- Protect both the data in transit (e.g. SSL, tokenization, etc.) and data in rest (e.g. encryption)
- Apply security on all levels in your architecture. Add security checkpoints at the load balancer, VPC, every instance, service, operating system access, code access, database access, etc. This will ensure that if one checkpoint is breached, the attacker will be caught at the next checkpoint.
Excellence in Operation
This pillar focuses on continued excellence in delivering value to the customer. Some of its core values are:
- Release small and frequent product updates that can be reversed easily. Smaller code PR is one example.
- Optimize and refine the processes frequently
- Anticipate failure and keep the action items ready if failure happens
- Perform operations-as-code
In order to ensure the above values, some of the best practices include the following:
- Design and architect your workload such that it can tolerate frequent updates.
- Changes must be reversible in a quick time without impacting customer experience
- Keep improving your processes. Convene regular meetings like scrum retrospective meetings or “lessons learned” meetings to achieve continued excellence.
- Perform “Pre-mortem” exercises and maintain a “Risk register” to identify potential sources of failure so you can plan the mitigation in advance.
- Define all your applications, infrastructure, and services through code and update them with code only. This will limit human error and enforce consistent responses to all incidents.
The reliability pillar ensures that the application is performing its intended functions and is able to recover from failure to meet demands. Some of the core values of this pillar are:
- Monitoring workloads for KPI’s so you can trigger automation when a performance threshold is triggered.
- Automatic notification, tracking, and recovery from failures
- Automate to simulate different failure scenarios to validate your recovery procedures
- Scale horizontally instead of vertical scaling to reduce single point of failure
Some of the best practices to ensure the above values are the following:
- You need to automate the changes in infrastructure, applications, and the automation itself.
- Set up triggers and alarms based on the health of the server/service and implement horizontal scaling to add more resources when a health check is triggered. E.g. Launch another EC2 server into the cluster if the existing EC2 server’s CPU exceeds 80%.
- Perform stress and load testing on your system to identify and rectify any scaling issues
- Implement an automatic failover strategy. One example is blue-green deployments if you are handling deployments yourself, or you can use serverless components to achieve automatic failover.
- Maintain proper backup of data, including database automatic backups and server disk storage. You need to ensure optimal recovery time objective (RTO) and recovery point objective (RPO) KPI’s.
Efficiency of Performance
This pillar focuses on the right selection of your infrastructure resources like compute, database, storage etc., and ensures that you select the best combination for your requirements. The system should be able to scale according to the needs. Some of the core values of performance efficiency are the following:
- Design a high-performance architecture that considers future needs related to scaling, performance, data, etc.
- Delegate complex tasks to your cloud vendor instead of managing them inhouse. Some workloads require special expertise. For example, the cloud should handle NoSQL databases, machine learning, and database replication.
- Use serverless architecture as much as possible.
- Experiment more often with different configuration options
Find below some of the best practices you can adopt to achieve above-mentioned goals:
- Instead of just one approach, combine different approaches in your implementation. Implement what you do best and delegate the rest to the cloud vendor. For example, it is difficult to maintain on-premise read-only replicas for any RDBMS; you should use a fully managed service like RDS.
- Choose the cloud service which is ideal for your specific business need. Take the example of an IO-intensive workload. You should select IO-intensive SSD storage instead of general-purpose SSD storage. This applies not just to storage but to compute, memory, networking, and other services too.
- Implement a proper monitoring solution to monitor different areas of your application. One example is to use AWS cloud watch to see the logs of different activities and set up alarms based on various metrics.
- Review the latest trends and offering in the cloud world, specifically your cloud vendor. Take advantage of the latest technologies like containers, Kubernetes, new cloud regions, edge locations, etc. Keep evolving your architecture over time.
This pillar focuses on cost reduction, whether it is your infrastructure, servers, or services. The main values of this pillar are:
- Identify overspending
- Control fund allocation
- Select cloud resources that are the best fit for your needs
- Ability to scale without overspending
Let’s discuss some best practices to achieve the above-mentioned values:
- Use the right-sizing approach to ensure that your cost is aligned with your actual demand. For example, instead of provisioning a large server, start with a small server and gradually upgrade it to see the best fit for your needs.
- Use the cost reports, financial insights, and cost dashboards provided by the cloud vendor to keep an eye on detailed costs for different application areas.
- You should stop development and test servers during non-working hours to save cost
- If you are not sure about your expected usage or believe the usage will be volatile, you should take advantage of the pay-as-you-go modal instead of buying reserved servers. Adopting a serverless approach is also recommended in this case.
- Take advantage of ad-hoc cheaper resources for needs that are not mission critical. One example is using AWS spot instances, which are much cheaper.
- Instead of manually provisioning resources, take advantage of automation. That includes dynamic scaling, IaC (Infrastructure as code), etc.
- Regularly review the costs and your services. Keep optimizing your services and costs based on the dynamic needs of your solution.
The focus of the sustainability pillar is on environmental sustainability. It aims to minimize the environmental impact of running cloud-native workloads. Below you’ll find some of its core design principles:
- Set long-term sustainability goals for your workloads and model your ROI
- Preferably use managed services as they reduce the amount of infrastructure required to maintain a broad range of workloads
- Choose the infrastructure and services for your workloads such that it maximizes the efficiency of the underlying hardware and minimizes idle resources.
- Adopt new and efficient hardware/software to maximize your efficiency
Some of the best practices to align with the design principles are:
- Optimize the geographical location of your workloads; e.g. use CDN, edge computing, etc.
- Optimize the code, which takes the most time and resource.
- Use life cycle policies to delete unneeded data. One example is AWS S3 life cycle policies.
- Minimize network traffic between different networks.
- Increase the utilization of your build environment.
Why use the Well-Architected AWS Framework?
Here are the main reason why one should build in line with the AWS well-architected framework.
Learn the best practices for building highly efficient software
The framework provides you with best practices for designing and implementing cloud native systems that are efficient, reliable, cost-effective, secure, and dependable. Developers use these best practices to implement the system to ensure a highly scalable and efficient solution.
You can focus on functional requirements
The framework gives you different recipes to build a highly efficient system that allows you to spend your valuable time on the real thing, which is the development of business requirements. When building a cloud-native application, you do not need to guess or search for various decision-making aspects. AWS has already laid that out for you in an implementable way. This allows you to utilize your resources to generate business value from your system instead of spending time on technical challenges.
The well-architected framework provides you with design values and best practices, so you can track the various aspects of your system and fix any issues proactively. AWS provides different tools, techniques, and checklists to keep an eye on the efficiency of your system. Note that AWS cloud architects continuously refine the framework as they work closely with different customers. By following the updated framework, take advantage of the cumulative wisdom from Amazon and make the best out of the latest cloud resources.
Get AWS Certified
Becoming AWS certified is the best way to understand the well-architected framework. The AWS certifications will ensure that you adopt the skills and knowledge needed to implement the best practices of a well-architected framework. Check out our AWS training courses which will maximize your chances of passing your exam and becoming a successful AWS-certified professional.