DEV Community: Sebastian Torres

Cost Optimization Pillar - Best Practice Areas

Sebastian Torres — Sat, 23 Apr 2022 20:05:19 +0000

Practice Cloud Financial Management

Why is the Practice Cloud Financial Management best practice area important?

Cloud Financial Management enables long-term success by building capability across your organization. It implements organizational-wide knowledge building programs, resources, and processes.

Expenditure and Usage Awareness

Why is the Expenditure and Usage Awareness best practice area important?

Many businesses are composed of multiple systems run by various teams. Drive efficiency by attributing resource costs to the individual organization or product owners. Accurate attribution helps you to know which products are truly profitable for more informed decisions about where to allocate budget.

Cost-Effective Resources

Why is the Cost-Effective Resources best practice area important?

Using the appropiate resources and configurations for your workload is key to cost savings. For example, a reporting process might take 5 hours to run on a smaller server but 1 hour to run on a larger server that is twice as expensive. Both servers give you the same outcome, but the smaller server incurs more cost over time.

Manage Demand and Supply Resources

Why is the Manage Demand and Supply Resources best practice area important?

When you move to the cloud, you pay only for what you need. You can supply resources to match the workload demand at the time they are needed -eliminating the need for costly and wasteful over-provisioning.- You can also modify the demand using a throttle, buffer, or queue to smooth the demand and serve it with fewer resources.

Optimize over Time

Why is the Optimize over Time best practice area important?

As AWS releases new services and features, it is a best practice to reassess your existing architectural decisions to ensure they continue to be the most cost-effective. As your requirements change, be aggressive in decommissioning resources and entire services or systems that you no longer require -this avoids orphaned resources.

AWS Well-Architected Framework - Cost Optimization Pillar

Sebastian Torres — Sat, 23 Apr 2022 19:30:20 +0000

What Is the Cost Optimization Pillar?

The Cost Optimization pillar includes the ability to run systems to deliver business at the lowest price point.

Why is Cost Optimization important to improving my architecture?

Building and operating cost-efficient workloads helps achieve business outcomes at the lowest price point. It minimizes wasteful architecture re-work, and allows greater investment in new business opportunities or technology.

What are the design principles of Cost Optimization?

There are five design principles for Cost Optimization in the cloud.

Implement Cloud Financial Management

To achieve financial success and accelerate business value realization in the cloud, you need to invest in Cloud Financial Management. Your organization needs to dedicate time and resources to build capability in this new domain of technology and usage management. Similar to your Security or Operational Excellence capability, you need to build capability through knowledge building, programs, resources, and processes to become a cost-efficient organization.

Adopt a consumption model

Pay only for the computing resources that you consume. Increase or decrease usage depending on business requirements, rather than using elaborate forecasting.

Measure overall efficiency

Measure the business output of the workload and the costs associated with delivering it. Use this measure to know from increasing output or functionality and reducing costs.

Stop spending money on undifferentiated heavy lifting

Focus on your customers and business projects by allowing AWS to perform data-center operations like racking, powering servers, and removing the operational burden of managing systems and applications with managed services.

Analize and attribute expenditure

The cloud makes it easier to accurately identify the usage and cost of systems, so you can transparently attribute IT costs to individual workload owners. This gives workload owners an opportunity to optimize their resources and reduce costs.

What are the best practice areas of Cost Optimization?

Practice Cloud Financial Management
Expenditure and Usage Awareness
Cost-effective Resources
Manage Demand and Supply Resources
Optimize over time

Performance Efficiency Pillar - Best Practice Areas

Sebastian Torres — Sat, 23 Apr 2022 19:07:57 +0000

Selection

Why is the Selection best practice important?

The optimal solution for a particular workload varies, and solutions often combine multiple approaches. AWS Well-Architecture workloads will enable different features, and use multiple solutions to improve performance. The selection best practice area focuses on architecture, compute, storage, database, and network best practices.

Architecture: Your architecture will likely combine a number of different architectural approaches, and the implementation of your architecture will use services that are specific to the optimization of your architecture's performance.
Compute: Selecting compute resources that meet requirements, performance needs, and provide great efficiency of cost and effort will help you accomplish more with the same number of resources.
Storage: Cloud storage is a critical component of cloud computing, holding the information used by your workload.
Database: By picking the best database to solve a specific problem (or a group of problems), you can break away from restrictive one-size-fits-all monolithic databases and focus on building applications to meet the performance needs of your customers.
Network: Since the network is between all workload components, it can have great impacts -both positive and negative- on workload performance and behaviour.

Review

Why is the Review best practice area important?

Cloud technologies are rapidly evolving, and you must ensure that workload components are using the latest technologies and approaches to continually improve performance. You must continually evaluate and consider changes to your workload components to ensure you are meeting performance and cost objectives. New technologies, such as machine learning and artificial intelligence (AI), can allow you to re-imagine customer experiences and innovate across all of your business workloads.

Monitoring

Why is the Monitoring best practice area important?

After you implement your workload, you must monitor its performance so that you can remediate any issues before they impact your customers. Monitoring metrics should be used to raise alarms when thresholds are breached.

Trade-offs

Why is Trade-offs important?

When you architect solutions, think about Trade-offs to ensure an optimal approach. Depending on your situation, you could trade consistency, durability, and space for time or latency to deliver higher performance.

AWS Well-Architected Framework - Performance Efficiency Pillar

Sebastian Torres — Sat, 23 Apr 2022 18:35:17 +0000

What Is the Performance Efficiency Pillar?

The Performance Efficiency pillar focuses on the efficient use of computing resources to meet requirments, and how to maintain efficiency as demand changes and technologies evolve.

Why is Performance Efficiency important to improving my architecture?

Performance efficiency uses multiple solutions and enables different features to improve workload performance. When you take a data-driven approach to building a high-performance architecture, you can make fact-based decisions about your architecture. using the best practices of the Performance Efficiency pillar will allow you to optimize for higher performance, and put in place monitoring to help ensure that the performance of your architecture does not degrade over time.

What are the design principles of the Performance Efficiency pillar?

There are five design principles for Performance Efficiency in the cloud.

Democratize advanced technologies

Make advanced tech nology implementation easier for your team by delegating complex tasks to your cloud vendor. Rather than asking your IT team to learn about hosting and running a new technology, consider consuming the technology as a service. In the cloud, these technologies become services that your team can consume, allowing your team to focus on product development rather than resource provisioning and management.

Go global in minutes

Deploying your workload in multiple AWS Regions around the world helps you to provide lower latency and better experience for your customers at minimal cost.

Use serverless architectures

Serverless architectures remove the need for you to run and maintain physical servers for traditional compute activities. For example, serverless storage services can act as static websites (removing need for webservers), and event services can host code. This removes the operational burden of managing physical servers and can lower transactional costs because managed services operate at cloud scale.

Experiment more often

With virtual and automatable resources, you can quickly carry out comparative testing using different types of instances, storage, or configurations.

Consider mechanical sympathy

Understand how your team consumes cloud services, and always use the technology approach that aligns best with your workload goals. For example, consider data access patterns when you select database or storage approaches.

What are the best practice areas of Performance Efficiency?

Selection
Review
Monitor
Trade-offs

Reliability Pillar - Best Practice Areas

Sebastian Torres — Sat, 23 Apr 2022 18:06:20 +0000

Reliability Foundations

Why is the Reliability Foundations best practice area important?

Foundational requirements are those in which the scope extends beyond a single workload or project. Before architecting any system, foundational requirements that influence reliability should be in place. These requirements are something neglected because they are beyond a single project's scope. This neglect can significantly impact the ability to deliver a reliable system.

Workload Architecture

Why is the Workload Architecture best practice area important?

A reliable workload starts with up-front design decisions for both software and infrastructure. Your architecture choices will impact your workload behaviour across all of the Well-Architecture pillars.

Change Management

Why is the Change Management best practice area important?

For reliable operation of the workload, you must anticipate and accommodate changes to your workload or its environments. Changes include those imposed on your workload, such as spikes in demand, and also those from within, such as feature deployments and security patches.

Failure Management

Why is the Failure Management best practice area important?

In any system of reasonable complexity, it is expected that failures will occur. Reliability requires that your workload be aware of failures as they occur and take action to avoid impact on availability. Workloads must be able to both withstand failures and automatically repair issues.

AWS Well-Architected Framework - Reliability Pillar

Sebastian Torres — Sat, 23 Apr 2022 17:44:11 +0000

What is the Reliability Pillar?

The Reliability pillar focuses on the ability of a workload to perform its intended function correctly and consistently when it's expected to. This includes the ability to operate and test the workload through its total lifecycle.

Why is Reliability important to improving my architecture?

Reliability of a workload in the cloud depends on several factors, the primary of which is resiliency.

Resiliency

Resiliency is the ability of a workload to recover from insfrastructure or service disruptions, dynamically acquire computing resources to meet demand, and mitigate disruptions -such as misconfigurations or transient network issues.

Using the best practices of the Reliability pillar can enable workloads to achieve the availability goals required to achieve an organization's business objectives. These best practices help mitigate the turbulent conditions of production, and therefore best serve your users.

What are the design principles of the Reliability pillar?

There are five designs principles for Reliability in the cloud.

Automatically recover from failure

By monitoring a workload for key performance indicators (KPIs), you can trigger automation when a threshold is breached. These KPIs should be a measure of business value, not of the technical aspects of the operation. This allows for automatic notification and tracking of failures, and for automated recovery processes that work around or repair theb failure. With more sophisticated automation, it's possible to anticipate and remediate failures before they occur.

Test recovery procedures

In the cloud, you can test how your workload fails, and you can validate your recovery procedures. You can use automation to simulate different failures or recreate scenarios that led to failure pathways that you can test and fix before a real failure scenario occurs, thus reducing risk.

Scale horizontally to increase aggregate workload availability

Replace one large resource with multiple small resources to reduce the impact of a single faiilure on the overall workload. Distribute requests across multiple, smaller resources to help ensure they don't share a common point of failure.

Stop guessing capacity

In the cloud, you can monitor demand and workload utilization, and automate the addition or removal of resources to maintain the optimal level to satisfy demand withouth over -or under- provisioning. There are still limits, but some quotas can be controlled and others can be managed.

Manage change in automation

Changes to your infrastructure should be made using automation. The changes that need to be managed include changes to automation, which then can be tracked and reviewed.

What are the best practice areas of Reliability?

Foundations
Workload Architecture
Change Management
Failure Management

Security Pillar - Best Practice Areas

Sebastian Torres — Thu, 21 Apr 2022 22:58:13 +0000

Security Foundations

Why is the Security Foundations best practice area important?

To operate your workload securely, you must apply overarching best practices to every area of security. Take requirements and processes that you have defined in Operational Excellence at an organizational and workload level, and apply them to all areas.

Identity and Access Management

Why is the Identity and Access Management best practice area important?

Identity and access management is a key part of an information security program. It helps ensure that only authorized and authenticated users and components are able to access your resources, and only in a menner that you intend.

Detection

Why is the Detection best practice area important?

You can use detective controls to identify a potential security threat or incident. They are an essential part of governance framework and can be used to support a quality process, a legal or compliance obligation, and for threat identification and response efforts.

Infrastructure Protection

Why is the Infrastructure Protection best practice area important?

Infrastructure protection encompasses the control methodologies, such as defense in depth, necessary to meet best practices and organizational or regulatory obligations. Use of these methodologies is critical for succesful, ongoing operations in either the cloud or on premises.

Data Protection

Why is the Data Protection best practice area important?

Before architecting any system, foundational practices that influence security should be in place. For example, data classification provides a way to categorize organizational data based on levels of sensitivity. Encryption protects data by way of rendering it unintelligible to unathorized access.

Incident Response

Why is the Incident Response best practice area important?

Even with extremely mature preventive and detective controls, your organization should still put processes in place to respond to and mitigate the potential impact of security incidents.

AWS Well-Architected Framework - Security Pillar

Sebastian Torres — Wed, 20 Apr 2022 22:09:33 +0000

What Is the Security Pillar?

The Security pillar encompasses the ability to protect data, systems, and assets to take advantage of cloud technologies to improve your security.

Why is Security important to improving my architecture?

Customers

Your customers may be internal to your organization, or external.

Legal and regulatory requirements

You will have legal and regulatory requirements that appropiate security controls and architecture can help address.

What are the design principles of the Security Pillar?

Implement a strong identity foundation

Implement the principle of least privilege, and enforce separation of duties with appropiate authorization for each interaction with Amazon Web Services (AWS) resources.

Enable traceability

Monitor, alert, and audit actions and changes to your environment in real time. Integrate log and metric collection with systems to automatically investigate and take action.

Apply security at all layers

Apply a defense-in-depth approach with multiple security controls. Apply to all layers (for example, edge of network, VPC, load balancing, every instance and compute service, operating system, application, and code).

Automate security best practices

Use automated, software-based security mechanisms to improve your ability to securely scale more rapidly and cost-effectively. Create secure architectures, including the implementation of controls that are defined and managed as code in version-controlled templates.

Protect data in transit and at rest

Classify your data into sensitivity levels and use mechanisms, such encryption, tokenization, and access control, where appropiate.

Keep people away from data

Use mechanisms and tools to reduce or eliminate the need for direct access or manual processing of data. This reduces the risk of mishandling or modification and human error when handling sensitive data.

Prepare for security events.

Prepare for an incident by having incident management and investigation policies and processes that align to your organizational requirements. Run incident response simulations, and use tools with automation to increase your speed for detection, investigation, and recovery.

What are the best practice areas of security?

Security Foundations
Identity and Access Management
Detection
Infrastructure Protection
Data Protection
Incident Response

Operational Excellence Pillar - Best Practice Areas

Sebastian Torres — Wed, 20 Apr 2022 21:38:19 +0000

Organization

Why is the Organization best practice area important?

You need to understand your organization's priorities, your organizational structure, and how your organization supports your team members so that they can support business outcomes.

Organization priorities - There needs to be common understanding across your organization of the business value of your workload and the role of each team in supporting it. Teams need to have shared business goals to set the priorities that will enable business success.
Operational model - Teams need to understand their roles in the success of other teams, and the role of other teams in their success. Understanding responsability and ownership will help focus efforts and maximize the benefits of those efforts.
Organization culture - Your organization needs to provide support for team members so that they can be more effective in taking and supporting the business outcomes.

Prepare

Why is the Prepare best practice area important?

To prepare for Operational Excellence, you have to understand your workloads and their expected behaviors. You will then be able to design them to provide insight into their status, and build the procedures to support them. The Prepare best parctice area focuses on design telemetry, improving flow, mitigating deployments risks, and understanding operational readiness.

Design telemetry - It is important to ensure the workload provides the information necessary (for example, metrics, logs, events, and traces) for you to understand its internal state across all its components.
Improve flow - You need to emphazise practices that accelerate the velocity of beneficial changes towards production, that limit the issues that move forward, and that enable identifying and fixing issues before they can make it to production.
Mitigate deployment risks - It is important that you adopt approaches that allow you quickly identify quality and rapidly recover from changes that do not have desired outcomes. Implement engineering practices that support reducing the number of defects and that enable quick and safe fixes.
Operational readiness - It is essential to understand how ready the workload is to enter production and how ready your teams are to support it. By understanding the risks of operating the workload in production, you can make an informed decision about whether to do so.

Operate

Why is the Operate best practice area important?

You need to know how to operate your wokloads and understand the health of your workload and operations activities. Through this understanding, you can identify when organizational and business outcomes are at risk and respond appropiately.

Evolve

Why the Evolve best practice area important?

You need to have a process for continuous improvement of both your workload and your operations activities. This includes implementing feedback loops, learning from experience, making improvements, and sharing what is learned to benefit your entire organization.

AWS Well-Architected Framework - Operational Excellence Pillar

Sebastian Torres — Wed, 20 Apr 2022 00:11:32 +0000

What is the Operational Excellence pillar?

The Operational Excellence pillar focuses on how your organization supports your business objectives. It includes your ability to run workloads effectively, gain insight into their operations, and continuously improve supporting processes and procedures to deliver business value.

Why is Operational Excellence important to improving my architecture?

Operational Excellence helps you define success for your workloads, identify risks inherent in their operation, and make informed decisions. It enables your teams' understanding of their roles in that success and helps you determine if they have what they need to succeed. Its best practices support measuring success through the achievement of business outcomes, understanding workload and operations health, responding when outcomes are at risk, and continuing improvement.

What are the design principles of Operational Excellence?

There are five design principles for Operational Excellence in the cloud:

Perform operations as code

In the cloud, you can apply the same engineering discipline that you use for application code to your entire environment. You can define your entire workload (applications, infrastructure) as code, and update it with code. You can implement your operations procedures as code, and automate their operation by starting them in response to events. By performing operations as code, you limit humane error and enable consistent responses to events.

Make frequent, small, reversible changes

Design workloads to allow components to be updated regularly to increase the flow of beneficial changes into your workload. Make changes in small increments that can be reversed if they fail to aid in identifying and resolving issues introduced into your environment (without affecting customers when possible).

Refine operations procedures frequently

As you use operations procedures, look for opportunities to improve them. AS you evolve your workload, evolve your procedures appropiately. Set up regular Game Days to review and validate that all procedures are effective and that teams are familiar with them.

Anticipate failure

Perform "pre-mortem" exercises to identify potential sources of failure so that they can be removed or mitigated. Test your failure scenarios, and validate your understanding of their impact. Test your response procedures to ensure that they are effective and that teams are familiar with their activities. Set up regular Game Days to test workloads and team responses to simulated events.

Learn from all operational failures

Drive improvement through lessons learned from all operational events and failures. Share what is learned across teams and through the entire organization.

Well-Architected Improvement Plan

Sebastian Torres — Tue, 19 Apr 2022 23:50:40 +0000

Improve your architectures by addressing High-Risk Issues

After the Well-Architected Review is completed, you will receive a report identifying High-Risk Issues and Medium-Risk Issues. These issues are measured against the Framework.

What are High-Risk Issues and Medium-Risk Issues?

High-Risk Issue

A High-Risk Issue (HRI) is a architectural and operational choice identified by AWS that might have a significant negative impact. It may affect organizational operations, assets, and individuals.

Medium-Risk Issue

A Medium-Risk Issue also might negatively impact business, but to a lesser extent.

What resources are available for implementiong Improvement Plans?

Contact your AWS account manager for additional support and guidance.
If you don't have an AWS account manager, or don't have the bandwidth or skill set in your organization, reach out to AWS Well-Architected Partner Program memebers.
If your team is taking on the remediation of HRIs, review the steps that are outlined in the Improvement Plan. Reference Well-Architected Labs, which provide step-by-step guidance on how to implement best practices.

Well-Architected Review Process

Sebastian Torres — Tue, 19 Apr 2022 23:17:58 +0000

Measure your architecture against best practices using the AWS Well-Architected Tool

Now that you have learned about the Well-Architected Framework and its components, in this post we will focus on the AWS Well-Architected Tool.

The AWS Well-Architected Tool is organized by pillar questions and is used when performing a Well-Architected Review. This review helps customers measure their architecture against AWS best practices. The AWS Well-Architected Tool helps you guide deeper conversations around your architectures and should not be used as a checklist.

What are the benefits of using the AWS Well-ARchitected Tool?

The AWS Well-Architected Tool gives you quick access to the knowledge in the Well-Architected Framework and is the easiest way to conduct the Well-Architected Review.

Get free architectural guidance

Gives you access to knowledge and best practices used by AWS architects, whenever you need it. You answer a series of questions about your workload. The AWS Well-Architected Tool delivers an improvement plan with step-by-step guidance on how to build better workloads in the cloud.

Review your workloads consistently

Provides a single tool and consistent process to help you review and measure your cloud architectures. It is meant to be used as a repeatable process for the multiple workloads across your organization.

Identify and implement improvements

Supports continuous improvement through the workload lifecycles. The tool helps you save point-in-time milestones and track changes to your workloads.

What is the intent of the Well-Architected Review?

Not an audit

The Well-Architected Review is about a team working together to figure out how to improve your architectures.

Not architecture astronauts

The Well-Architected Review is pragmatic, proven advice that AWS has identified through other successful customers.

Not a one-time check

The Well-Architected Review should be a continuous process, completed early and often through your architecture's lifecycle.

How does the AWS Well-Architected Tool work?

Identify workload and answer questions - Identify the workload to document. Then, answer a series of questions about your architecture.
Compare to pillar best practices - Review your answers against the five pillars established by the Well-Architected Framework:
- Operational Excellence
- Security
- Reliability
- Performance Efficiency
- Cost Optimization
Media - Receive videos and documentation,
Report - Generate a report that summarizes your workload review.
Dashboard - View the result of reviews in a single dashboard.

When should a Well-Architected Review be conducted?

Ideally, a Well-Architected Review should be conducted periodically over the lifetime of an application, during milestones. Although a review before an application goes into production is a good idea, this is not enough. Any issues detected right before production would tale longer to fix than if caught earlier during development.

AWS also frequently releases new services, and we, as a community, are constantly learning better ways to architect and take advantage of the cloud. This means that even after an application is in production, periodic reviews can identify missed opportunities.

After a review, you should have a list of issues to prioritize based on your business context.