AWS Architecting & Ecosystem Flashcards
Well Architected Framework General Guiding Principles
• Stop guessing your capacity needs
• Test systems at production scale
• Automate to make architectural experimentation easier
• Allow for evolutionary architectures
• Design based on changing requirements
• Drive architectures using data
• Improve through game days
• Simulate applications for flash sale day
AWS Cloud Best Practices – Design Principles
• Scalability: vertical & horizontal
• Disposable Resources: servers should be disposable & easily configured
• Automation: Serverless, Infrastructure as a Service, Auto Scaling…
• Loose Coupling: Monolith are applications that do more and more over time, become bigger
- Break it down into smaller, loosely coupled components
• Services, not Servers:
Don’t use just EC2, Use managed services, databases, serverless, etc
Well Architected Framework 6 Pillars
• 1) Operational Excellence
• 2) Security
• 3) Reliability
• 4) Performance Efficiency
• 5) Cost Optimization
• 6) Sustainability
Operational Excellence
Includes the ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures
Design Principles:
• Perform operations as code - Infrastructure as code
• Annotate documentation - Automate the creation of annotated documentation
after every build
• Make frequent, small, reversible changes - So that in case of any failure, you can reverse it
• Refine operations procedures frequently
Anticipate failure
• Learn from all operational failures
Operational Excellence -
AWS Services
• Prepare: CloudFormation - Config
• Operate: CloudFormation - Config - CloudTrail - CloudWatch - X-Ray
• Evolve: CloudFormation - CodeBuild - CodeCommit - CodeDeploy - CodePipeline
Security
Includes the ability to protect information,systems, and assets while delivering business value through risk assessments and mitigation strategies
Design Principles:
• Implement a strong identity foundation - IAM
• Enable traceability - Integrate logs and metrics
• Apply security at all layers - edge network, VPC, subnet, load balancer, every instance, O.S
• Automate security best practices
• Protect data in transit and at rest - Encryption, tokenization, and access control
• Keep people away from data
• Prepare for security events - Run incident response simulations
• Shared Responsibility Model
Security - AWS Services
• Identity and Access Management: IAM - AWS-STST - MFA token - Organizations
• Detective Controls: Config - CloudTrail - CloudWatch
• Infrastructure Protection: CloudFront - VPC - Shield - WAF - Inspector
• Data Protection: KMS - S3 - ELB - EBS - RDS
• Incident Response: IAM - CloudFormation - CloudWatch Events
Reliability
Ability of a system to recover from infrastructure or service disruptions, dynamically acquire computing resources to meet demand, and mitigate disruptions such as misconfigurations or transient network issues
Design Principles
• Test recovery procedures - Use automation to simulate different failures or to recreate scenarios
• Automatically recover from failure
• Scale horizontally to increase aggregate system availability
• Stop guessing capacity
• Manage change in automation
Reliability - AWS Services
• Foundations: IAM - VPC - Service Quotas - Trusted Advisor
• Change Management: Auto Scaling - CloudWatch - CloudTrail - Config
• Failure Management: Backups - CloudFormation - S3 - S3 Glacier - Route 53
Performance Efficiency
Includes the ability to use computing resources efficiently to meet system requirements, and to maintain that efficiency as demand changes and technologies evolve
Design Principles
• Democratize advanced technologies
• Go global in minutes
• Use serverless architectures
• Experiment more often
• Mechanical sympathy - Be aware of all AWS services
Performance Efficiency
- AWS Services
• Selection: Auto Scaling - Lambda - EBS - S3 - RDS
• Review: CloudFormation
• Monitoring: CloudWatch - Lambda
• Tradeoffs: RDS - ElastiCache - Snowball - CloudFront
Cost Optimization
Includes the ability to run systems to deliver business value at the lowest price point
Design Principles;
• Adopt a consumption mode - Pay only for what you use
• Measure overall efficiency - Use CloudWatch
• Stop spending money on data center operations
• Analyze and attribute expenditure - Accurate identification of system usage and costs, helps measure return on investment (ROI) - Make sure to use tags
• Use managed and application level services to reduce cost of ownership
Cost Optimization -
AWS Services
• Expenditure Awareness: Budgets - Cost and Usage Report - Cost Explorer - Reserved Instance Reporting
• Cost-Effective Resources: Spot Instance - Reserved Instance - S3 Glacier
• Matching supply and demand: Auto Scaling - Lambda
• Optimizing Over Time: Trusted Advisor - Cost and Usage Report
Sustainability
The sustainability pillar focuses on minimizing the environmental impacts of running cloud workloads.
Design Principles
• Understand your impact – establish performance indicators, evaluate improvements
• Establish sustainability goals – Set long-term goals for each workload
• Maximize utilization – Right size each workload
• Anticipate and adopt new, more efficient hardware and software offerings
• Use managed services
• Reduce the downstream impact of your cloud workloads
AWS Well-Architected Tool
Free tool to review your architectures against the 6 pillars Well-Architected Framework and adopt architectural best practices
