Why do a Well Architected Review?
Andrew Potter-Irwin, Technical Solutions Consultant at nubeGO, discusses AWS Well Architected reviews and their importance.
As mentioned on LinkedIn previously, nubeGO are AWS Well-Architected Partners. Having this partnership in place means that we have been confirmed by AWS to have an understanding of the framework itself and how best to review cloud workloads against it.
I would like to go into a bit more detail of what the Framework consists of, the process of reviewing workloads against the framework and the benefits that can be realised from running a review.
The framework consists of five pillars, with a set of questions aligned to each pillar to help gain an understanding of how well a specific architecture matches up with best practices.
The five pillars that make up the Framework are:
Operational Excellence - This pillar dives into how systems running on AWS are monitored and supported. Areas covered include the processes and procedures that are in place, alerting and responding to events and management of changes. A focus on implementing automation to operations is one of the outcomes from this pillar.
Security - The Security pillar is probably the one that takes the most focus when running workload reviews for clients. The protection of key information and systems for clients is of utmost importance, so this pillar, by covering areas including data protection and classification, system access and security event detection, helps clients gain a deep understanding of their security coverage.
Reliability - The ability for systems running in the cloud to be resilient to failure and to recover when required is important for clients to meet business and customer demands. This pillar reviews workloads to see how they can recover from disruptions, scale to meet demand and puts processes and procedures in place.
Performance Efficiency - This pillar focuses on ensuring that resources are being used efficiently when running workloads. The questions cover areas including how resources are selected and sized, as well as monitoring of workload performance.
Cost Optimization - The last pillar covers an area that can be neglected as workloads are moved or created within the cloud. This pillar helps clients to see how they can get a better understanding of where money is being spent on cloud systems with effective reporting and monitoring. Correct resource selection is also considered to ensure that money is being spent effectively.
Before going into detail about the review process, I would like to raise a couple of points for consideration. Firstly, the review process should not be seen as a blaming exercise. Going through the questions can open up many areas of concern and it is important to not use it as a tool to highlight failure. Running workloads in the cloud requires a lot of considerations that might not always be picked up, so the review should be seen as a positive to work together and help improve on the benefits the cloud can bring.
Secondly, while the review can highlight various areas that might require remediation, any actions that are undertaken should be looked at with a wider view. It is quite possible that trade-offs between many areas should be considered. For example, a drive to improve the performance of the platform could leave aspects of security neglected, which can risk the integrity of the workload. By running the review with an experienced partner, those trade-offs can be looked into to ensure that any improvements bring maximum return against business and customer needs.
The review process can take around 4 hours depending on the complexity of the workload and the number of people that need to be involved. It should start with an overview of the platform, the framework itself and the desired outcome from the review.
While the aim of the review is to answer the designated questions, the discussions should be fluid to ensure that everyone involved can be open and honest. Sharing of any designs should be encouraged and where possible, access to AWS should be available to clarify any points.
Once the review has been completed, a report will be generated with a list of high and medium risk items and an improvement plan. nubeGO can then work with you to identify the first areas to address for remediation and the steps required to mitigate. The review should also not be seen as a one-off process. It is recommended to run them every 6 months to highlight where improvements have been made and identify areas that might not have been relevant initially, but are now something to be considered.
Benefits of WAR
Running a review of workloads on AWS can bring a number of benefits to a business. Gaining an understanding of how a workload matches up to best practices can provide confidence that systems are more likely to increase the chances of business success. It can provide evidence to business units including finance and security that considerations are being met to mitigate against risks to the business.
Finally, nubeGO can apply for credits from AWS that go towards helping to remediate any of the issues highlighted by the review. Full details of the terms and conditions on the credit process can be supplied on request.
I hope that the above has gone some way to providing more detail on the framework and how it can help your business. AWS has a wealth of information regarding the framework available from here, but if you would like any guidance or information on how nubeGO can help, including the credit process, then please get in contact.
020 3901 8501