AWS Well-Architected Framework helps cloud architects build the most secure, efficient and resilient infrastructure for their applications. This standard provides a consistent approach for AWS Partner Network customers and partners (APN) for architecture assessment and provides guidance for project modification. Thanks to this, we can achieve compliance with the best practices as part of Well-Architected Whitepaper recommendations. All this is used to obtain infrastructure that meets business requirements.
Creating a cloud infrastructure must have appropriate foundations and assumptions to avoid potential problems in the future. Good architecture will allow not only better performance, safety, but also better cost optimization. The best cloud design patterns in Amazon Web Services define the AWS Well-Architected Framework, a collection of five pillars, defined in 2012 by Amazon Web Services. As Hostersi, we are a certified partner of AWS Well-Architected Partner Program.
What do you gain by opting for AWS Well-Architected review?
- A reliable review of the current infrastructure along with the proposed improvements
- Better knowledge about your infrastructure and business needs
- Awareness of risks and threats, directions and paths of their reduction
- You counteract technological risks even before they appear
- Care and support of cloud experts who hold the AWS Certified Solution Architect Professional certification
- The ability to show off to your customers a safe and well-designed solution that ensures the reliability of the services you provide
Benefits of building infrastructures, in accordance with AWS Well-Architected
5 pillars of AWS Well-Architected Framework, or what includes review / audit
Operational excellence (the most important business pillar, monitoring and operation of infrastructure)
- business priorities,
- performance measurement and other KPI,
- shift management,
- disaster recovery plan,
- continuous improvement and refinement,
- trend analysis,
- measurement of parameters and their analysis in time,
- escalation paths,
- SLA measuring,
- code management,
- automation of platform creation and management,
- the existence of dev/stage/prod environments,
- alerts, logs and metrics,
- emergency solution tests,
- automatic change testing,
- deployment of applications,
- the documentation.
Security (protection of resources, data and systems, risk analysis)
- access management policy,
- access restrictions, roles, IAM, MFA, etc..,
- auditing of accesses,
- training and raising people’s awareness,
- logging, automatic catching of events,
- classification and tagging of data,
- network traffic protection, VPC, IPS/IDS protection,
- device protection, anti-virus, penetration tests,
- encryption of data stored on media,
- encryption of transmitted data,
- WAF, antyDDOS.
Reliability (high availability, disaster recovery, scaling, fault tolerance and configuration errors)
- change management,
- recovery time after a failure,
- high availability,
- establishing and testing the SLA,
- plan disaster recovery,
- limit analysis,
- separation of production and test accounts,
- CDN and caching,
- monitoring parameters,
- backup copies of security,
- performance and load testing,
- resistance tests.
Efficiency (resource management, readiness to accept the load, management of the amount of resources)
- selection of resources,
- selection of solutions for data storage,
- choosing the right database,
- a plan for continuous improvement,
- periodic analysis of business priorities for optimization,
- performance tests,
- load analysis,
- serverless, containerization,
- efficient network and DNS configuration,
- use SaaS as widely as possible.
Cost optimization (selection of resources, elimination of unnecessary services and resources, reduction of costs, optimization of resources and architecture)
- tagging and inventorying of resources,
- resource life cycles,
- cost alerts,
- the cost explorer,
- the division into accounts,
- removal of unused resources, disks,
- use measurement,
- optimizations (resource reservations, spot instances),
- fast implementation of new services.
What is the AWS Well-Architected review made by Hostersi?
Review is an activity performed to obtain knowledge, measurement and improvement of cloud architecture based on business and technical activity of the company. Its aim is to get a clear understanding of the client’s needs, the essence of his infrastructure and its readiness for load variability and security.
Review also allows you to get to know the best architectural practices in designing solutions in the cloud. Review together with the client is carried out by our trained Cloud Architects, holding AWS Certified Architect Architect Professional certification and competences gained during exclusive training for selected persons by AWS. Review is made using the AWS Well-Architected Tool standardized by Amazon Web Services, following the AWS procedure and using the knowledge and experience of Hosters based on hundreds of cloud infrastructures.
The effect of review is to provide by Hostersi with a report of suggested changes to be implemented in existing infrastructures to make them even more efficient, secure and cost-optimized. The final decision regarding the implementation of changes is always taken by the client. There is no obligation to introduce all changes, it is possible to accept selected risks and implement selected recommendations. Implementation of changes suggested in review is confirmation of compliance with the best Well-Architected Framework patterns. Maintaining such a state of infrastructure is a continuous process and requires periodic verification of assumptions and procedures, which can be achieved by regularly reviewing and review from time to time.