Well Arch Framework Flashcards
The pillars of the AWS Well-Architected Framework
— operational excellence — security — reliability, — performance efficiency — cost optimization
General Design Principles
- Stop guessing your capacity needs
- Test systems at production scale
- Automate to make architectural experimentation easier
- Allow for evolutionary architectures
- Drive architectures using data
________________ allows you to use programming languages or a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts. This gives you a single source of truth for your AWS and third party resource
AWS CloudFormation
Provides a common language for you to model and provision AWS and third party application resources in your cloud environment.
Components of Security Pillar
— Identify and Access management (IAM): Authorized and Authentication using user/group/role/access policy
— Detective Control: Capture, Analyze logs. Audit controls
— Infrastructure protection: firewalls and gateways
— Data Protection: Classification, Encryption (rest and transit), Backup, Recovery as needed
— Incidence Response
Security Design Principles
— Implement security at all layers — Enable traceability - Logging — least privilege principle — Focus on securing your system (App/OS/Data), let AWS secure the rest — Automate security best practice
Reliability Pillar
— Recover from infra and service failure — Dynamically acquire resources to meet demand — Apply best practices: **** Foundations **** Change Management **** Failure Management — Anticipate and prevent failure
Reliability Design Principles
— Test recovery procedure
— Auto recover (using alarms and lambda fnc)
— Scale horizontally
— Stop guessing capacity
— Manage change in automation - Arch & Infra change should be made using automation
Performance Efficiency Pillars
— Select sols: Best tool for the job
— Review : Constantly innovate services
— Monitor : Watch performance to remediate issues. using Cloud watch, Kenisis, SQS, Lambda etc.
— Consider trade-off
Performance Design Principles
— Democratize Advance tech : Let AWS do it instead of internal IT
— Global in mins
— Use Server-less Arch - Lower server mgmt, lower txn costs by consolidating IT spend to provision and manage
— Mechanical Sympathy - Use the best tech for the job
Cost Optimization Pillar
— Use cost effective resources (most optimal services, resources etc.)
— Match supply with demand - Using AWS’s Elastic feature
— Expenditure awareness (drill on current and project future cost)
— Optimize Arch over time looking at data
Cost Optimization Design Principles
— Adopt consumption model
— Measure overall efficiency
— Reduce spending on DC (data centers) ops
— Analyze and attribute expense (identify ROI using detailed cost analysis)
— Use managed services
Ops Excellence Pillar
— Manage and automate change
— Respond to events
— Define standards
How to achieve fault tolerance?
Build in redundancies of apps components
_________ Ability of system to remain operational even when some components of system fail
Fault Tolerant
High Availability Tools
— Elastic Load Balancers (ELB):
Distribute traffic -> send metric to CloudWatch
Triggers - High latency/Over utilization
— Elastic IP addresses:
Static IP, Mask failure by using same IP addresses using different resources
— Route 53: DNS for simple, latency etc. based routing
— Auto Scaling: Terminate/launch resources based on triggers/schedule
— Amazon CloudWatch: Stats gathering system, tracks metrics, used for trigger AutoScaling
