Show Menu

AWS Well-Architected by

WS Well-A­rch­itected Framework terms:

The code, config­ura­tion, orAWS Resources that together deliver against a requir­ement
A set of components that together deliver business value
Level of effort:
The amount of time, effort, and complexity a task requires for implem­ent­ation.

Security: Detection, Infra, Data & IAM

To detect and invest­igate security events:
Capture and analyze events from logs and metrics to gain visibi­lity.
Take action on security events and potential threats to help secure a workload.
To protect network + compute resources:
Any workload that with some form of network connec­tivity, whether the internet or a private network, requires multiple layers of defense
To classify data:
Critic­ality and sensit­ivity for protection and retention controls.
Protecting data:
Multiple controls to:
At rest: Prevent unauth­orized access or loss.
In transit: Reduce the risk of unauth­orized access or loss
To prepare and and recover from incidents:
Log file access and changes
Process and launch tools to automate responses through APIs
Prepare, pre-pr­ovision tooling and create a “clean enviro­nment” via AWS CloudF­orm­ation
To incorp­orate and validate security properties of apps thru CI/CD lifecy­cles:
Validate the security properties of tools and applic­ations help to reduce the likelihood of security issues in production
Identity and access:
Human Identities ~ Interact with AWS resources via a web browser, client applic­ation, or intera­ctive command line tools
Machine Identities ~ Service applic­ations, operat­ional tools and workloads
The utiliz­ation of cloud techno­logies to protect data, systems, and assets

Perfor­mance efficiency

The ability to use computing resources effici­ently to meet system requir­ements
Selecting best performing archit­ecture:
Multiple approaches are required for more effective perfor­mance across a workload
3 Compute options:
1 Instances -
Virtua­lized servers
Different families and sizes
Solid-­state drives (SSDs) and graphics processing units (GPUs)
2 Containers -
A method of operating system virtua­liz­ation:
AWS Fargate - serverless compute for containers or Amazon EC2
Amazon Elastic Container Service (ECS) or Amazon Elastic Kubernetes Service (EKS)- container orches­tration platforms
3 Functions -
Abstract run enviro­nment from the code you want to apply.
The more efficient storage solution for a system varies based on:
1) The kind of access operation (block, file, or object):
1a - Object
From any internet location for user-g­ene­rated content, active archive, serverless computing
Divides data into separate, self-c­ont­ained units that are re-stored in a flat enviro­nment, with all objects at the same level
Contain metadata: inform­ation about the file that helps with processing and usability
1b - Block Storage
Often configured to decouple the data from the user’s enviro­nment and spread it across multiple enviro­nments that can better serve the data
Data is split into fixed blocks of data and then stored separately with unique identi­fiers
1c - File
Data is stored as a single piece of inform­ation inside a folder, just like you’d organize pieces of paper inside a manila folder.
Problem is, just like with your filing cabinet, that virtual drawer can only open so far. File-based storage systems must scale out by adding more systems, rather than scale up by adding more capacity.
2) Frequency of update (WORM, dynamic)
Write once, read many (WORM) model
3) Availa­­bility and durability constr­­aints
Relati­onal, key-value, document, in-memory, graph, time series, and ledger
Select according to:
Availa­bility, consis­tency, partition tolerance, latency, durabi­lity, scalab­ility, and query capability
As the network is between all workload compon­ents, it can have great impacts, both positive and negative, on workload perfor­mance and behavior
Determine workload requir­ements for bandwidth, latency, jitter, and throughput
Physical constr­aints, such as user or on-pre­mises resources, determine location options

Operat­ional excellence

Teams must have a shared unders­tanding of your entire workload, their role in it, and shared business goals
To determine priori­ties:
Have shared goals to set priorities for resources
How an organi­zat­ional culture supports business outcomes:
Provide support for team members
Understand workloads and their expected behaviors
To understand its state:
Design your workload so that it provides the inform­ation necessary across all components (for example, metrics, logs, and traces)
To reduce defects, ease remedi­ation, and improve flow into produc­tion:
Adopt approaches that improve flow of changes into production that achieve refact­oring fast feedback on quality, and bug fixing
Before supporting a workload:
Evaluate the operat­ional readiness of your workload, processes and proced­ures, and personnel to understand the operat­ional risks
Measured by the achiev­ement of business and customer outcomes:
After we identify metrics that will be used in calcul­ations
To understand the health of your workload:
Define, capture, and analyze workload metrics to gain visibility to workload events
To manage workload and operations events:
Prepare and validate procedures for responding
Learn, share, and contin­uously improve
To evolve operat­ions:
Dedicate time and resources for nearly continuous increm­ental improv­ement to evolve the effect­iveness and efficiency of your operations


No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.

          More Cheat Sheets by datamansam