AWS Architecting & Ecosystem Flashcards
Well Architected Framework General Guiding Principles
• Stop guessing your capacity needs
• Test systems at production scale
• Automate to make architectural experimentation easier
• Allow for evolutionary architectures
• Design based on changing requirements
• Drive architectures using data
• Improve through game days
• Simulate applications for flash sale day
AWS Cloud Best Practices – Design Principles
• Scalability: vertical & horizontal
• Disposable Resources: servers should be disposable & easily configured
• Automation: Serverless, Infrastructure as a Service, Auto Scaling…
• Loose Coupling: Monolith are applications that do more and more over time, become bigger
- Break it down into smaller, loosely coupled components
• Services, not Servers:
Don’t use just EC2, Use managed services, databases, serverless, etc
Well Architected Framework 6 Pillars
• 1) Operational Excellence
• 2) Security
• 3) Reliability
• 4) Performance Efficiency
• 5) Cost Optimization
• 6) Sustainability
Operational Excellence
Includes the ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures
Design Principles:
• Perform operations as code - Infrastructure as code
• Annotate documentation - Automate the creation of annotated documentation
after every build
• Make frequent, small, reversible changes - So that in case of any failure, you can reverse it
• Refine operations procedures frequently
Anticipate failure
• Learn from all operational failures
Operational Excellence -
AWS Services
• Prepare: CloudFormation - Config
• Operate: CloudFormation - Config - CloudTrail - CloudWatch - X-Ray
• Evolve: CloudFormation - CodeBuild - CodeCommit - CodeDeploy - CodePipeline
Security
Includes the ability to protect information,systems, and assets while delivering business value through risk assessments and mitigation strategies
Design Principles:
• Implement a strong identity foundation - IAM
• Enable traceability - Integrate logs and metrics
• Apply security at all layers - edge network, VPC, subnet, load balancer, every instance, O.S
• Automate security best practices
• Protect data in transit and at rest - Encryption, tokenization, and access control
• Keep people away from data
• Prepare for security events - Run incident response simulations
• Shared Responsibility Model
Security - AWS Services
• Identity and Access Management: IAM - AWS-STST - MFA token - Organizations
• Detective Controls: Config - CloudTrail - CloudWatch
• Infrastructure Protection: CloudFront - VPC - Shield - WAF - Inspector
• Data Protection: KMS - S3 - ELB - EBS - RDS
• Incident Response: IAM - CloudFormation - CloudWatch Events
Reliability
Ability of a system to recover from infrastructure or service disruptions, dynamically acquire computing resources to meet demand, and mitigate disruptions such as misconfigurations or transient network issues
Design Principles
• Test recovery procedures - Use automation to simulate different failures or to recreate scenarios
• Automatically recover from failure
• Scale horizontally to increase aggregate system availability
• Stop guessing capacity
• Manage change in automation
Reliability - AWS Services
• Foundations: IAM - VPC - Service Quotas - Trusted Advisor
• Change Management: Auto Scaling - CloudWatch - CloudTrail - Config
• Failure Management: Backups - CloudFormation - S3 - S3 Glacier - Route 53
Performance Efficiency
Includes the ability to use computing resources efficiently to meet system requirements, and to maintain that efficiency as demand changes and technologies evolve
Design Principles
• Democratize advanced technologies
• Go global in minutes
• Use serverless architectures
• Experiment more often
• Mechanical sympathy - Be aware of all AWS services
Performance Efficiency
- AWS Services
• Selection: Auto Scaling - Lambda - EBS - S3 - RDS
• Review: CloudFormation
• Monitoring: CloudWatch - Lambda
• Tradeoffs: RDS - ElastiCache - Snowball - CloudFront
Cost Optimization
Includes the ability to run systems to deliver business value at the lowest price point
Design Principles;
• Adopt a consumption mode - Pay only for what you use
• Measure overall efficiency - Use CloudWatch
• Stop spending money on data center operations
• Analyze and attribute expenditure - Accurate identification of system usage and costs, helps measure return on investment (ROI) - Make sure to use tags
• Use managed and application level services to reduce cost of ownership
Cost Optimization -
AWS Services
• Expenditure Awareness: Budgets - Cost and Usage Report - Cost Explorer - Reserved Instance Reporting
• Cost-Effective Resources: Spot Instance - Reserved Instance - S3 Glacier
• Matching supply and demand: Auto Scaling - Lambda
• Optimizing Over Time: Trusted Advisor - Cost and Usage Report
Sustainability
The sustainability pillar focuses on minimizing the environmental impacts of running cloud workloads.
Design Principles
• Understand your impact – establish performance indicators, evaluate improvements
• Establish sustainability goals – Set long-term goals for each workload
• Maximize utilization – Right size each workload
• Anticipate and adopt new, more efficient hardware and software offerings
• Use managed services
• Reduce the downstream impact of your cloud workloads
AWS Well-Architected Tool
Free tool to review your architectures against the 6 pillars Well-Architected Framework and adopt architectural best practices
AWS Right Sizing
Is the process of matching instance types and sizes to your workload performance and capacity requirements at the lowest possible cost
• Scaling up is easy so always start small
AWS Ecosystem – Free resources
• AWS Blogs
• AWS Forums (community)
• AWS Whitepapers & Guides
• AWS Quick Starts
• AWS Solutions
AWS Ecosystem - AWS Support
DEVELOPER
• Business hours email access to Cloud Support Associates
• General guidance: < 24 business hours
• System impaired: < 12 business hours
BUSINESS
• 24x7 phone, email, and chat access to Cloud Support Engineers
• Production system impaired: < 4 hours
• Production system down: < 1 hour
ENTERPRISE
• Access to a Technical Account Manager (TAM)
• Concierge Support Team (for billing and account best practices)
• Business-critical system down: < 15 minutes
AWS Professional Services
• The AWS Professional Services organization is a global team of experts
Shares a collection of offerings to help you achieve specific outcomes related to enterprise cloud adoption. Each offering delivers a set of activities, best practices, and documentation reflecting our experience supporting hundreds of customers in their journey to the AWS Cloud.
AWS Partner Network = APN
• APN Technology Partners: providing hardware, connectivity, and software
• APN Consulting Partners: professional services firm to help build on AWS
• APN Training Partners: find who can help you learn AWS
• AWS Competency Program: AWS Competencies are granted to APN Partners who have demonstrated technical proficiency and proven customer success in specialized solution areas.
• AWS Navigate Program: help Partners become better Partners
AWS Knowledge Center
Contains the most frequent & common questions and requests
