The AWS WAF (well-architected framework), is a framework designed by AWS but can also be applied to other cloud providers, the purpose of this framework is to :
- Build and deploy faster: by implementing automation, capacity planning, and reducing firefighting.
- Make justified architectural decisions: by highlighting the purpose of a change and how does it impact the current architecture
- Lower the risks: understand where your architecture is weak and address them before it impacts your business.
The AWS Well-Architected Framework consists of five pillars: Operational excellence, Security, Performance, Reliability, Cost optimization
1 — Operational excellence :
This is measured on how you are able to support the business if you are meeting the required SLA that means that you are in good shape.
Since the business runs several applications and In order to reach operational excellence, the ops teams should give the priority to critical applications over non-critical ones. For achieving operational excellence in the cloud, here are the design principles that should be applied :
- Always document: All operations should be documented, everything must be documented.
- Apply operations as code: always try to automate the operations and also don’t stop terraforming your infrastructure.
- Anticipate failure: simulate failure and do destruction testing, so when a real failure happens, your application is prepared to handle it.
- Do Post-mortems: learn from the operational failure to make sure that the same failure does not happen twice.
- Small changes: never make changes on an infrastructure that can not easily reversible, always go for a small change
- Refine operating procedures often: set up regular days to review and validate your operating procedures.
This includes the ability of your systems to work as intended consistently. Before architecting an infrastructure you need to set up foundational requirements that influences reliability. You need to create an architecture where the system is designed to prevent and cope with failure by automatically heal itself.
The design principles for reliability in the cloud are :
- Automatically recover from failure
- Scale horizontally to increase aggregate workload availability
- Test recovery procedures
- Stop guessing capacity
- Manage change in automation
3 — Security
You need to set up a clear process for responding to security issues, this will prevent financial loss or complying with regulatory obligations. You need to control your resources with granularity and quickly identify security incidents.
There are seven design principles for security in the cloud:
- Implement a strong identity foundation
- Enable traceability
- Apply security at all layers
- Automate security best practices
- Protect data in transit and at rest
- Keep people away from data
- Prepare for security events
4- Cost Optimization
You need to identify the correct sizing for your application and choose services that fit your needs, by avoiding over-provisioned resources you prevent financial loss, by using the appropriate services, resources, and configuration for your systems you will save money. You also need to measure consistently measure efficiency and the overall cost of your architecture.
There are five design principles for cost optimization in the cloud:
- Implement cloud financial management
- Adopt a consumption model
- Measure overall efficiency
- Stop spending money on undifferentiated heavy lifting
- Analyze and attribute expenditure
5- Performance Efficiency
As demand changes and technology evolves you need to be able to maintain certain performance standards.
There are five design principles for performance efficiency in the cloud:
- Democratize advanced technologies
- Go global in minutes
- Use serverless architectures
- Experiment more often
- Consider mechanical sympathy
The AWS Well-Architected Framework helps you get the big picture of what a good infrastructure has to meet as requirements in reliability, security, efficiency, and cost optimization. It will help you create an efficient system and focus on functional requirements.