March 2022 – Wolk Technology

What is the AWS Well-Architected Framework?

AWS Solutions Architects took their many years’ experience building solutions, and designing and reviewing thousands of customers’ architectures on AWS, and identified a set of best practices for architecting systems in the cloud. The result is the AWS Well-Architected Framework.

Based on 5 pillars – Operational Excellence, Security, Reliability, Performance Efficiency, and Cost Optimization – the Framework allows us to design and operate reliable, secure and cost-effective systems in the cloud, while sticking to best-practice architectural methodology.

The development of the AWS Well-Architected Tool has enabled regular review of workloads, identifying high risk issues and recording your improvements. Conducting a Well-Architected Review (WAR) allows a conversational approach rather than an audit process, and serves to establish well-architected systems that greatly increase the likelihood of business success.

The review documents a set of foundational questions that allow you to understand if a specific architecture aligns well with cloud best practices. The framework provides a consistent approach to evaluating systems against the qualities you expect from modern cloud-based systems, and the remediation that would be required to achieve those qualities. As AWS continues to evolve, the definition of well-architected will continue to be refined.

We begin all of our development projects with a Well-Architected Review to give clients full visibility of their workload. The precise and comprehensive nature of the Framework provides clients with essential insights that enable informed decisions that add business value.

We have years of experience architecting solutions across a wide range of business verticals and use cases, with several of our case studies being used by AWS.

What are the basic components of security under AWS?

The AWS Well-Architected Framework consists of five pillars. Security, the second pillar, focuses on protecting your data, systems, and assets using cloud technology.

The security pillar includes seven design principles and six best practice areas. By following the guidelines laid out in this pillar, you can keep your data safe and secure.

Best Practice: Security
Keeping your workload secure is an essential part of using cloud technology. The AWS Well-Architected Framework details the best practices you should follow when focusing on security.

Organise Based on Security Requirement
Organise your accounts and workloads from a security point of view, rather than following the existing structure of your company. You can simplify the security process by combining like-accounts that need similar security procedures.

Identity and validate control objectives, using your compliance guidelines and any high-risk items discovered by a Well-Architected Review. Continue to schedule reviews of your control objectives, and update them when necessary.

Secure your AWS Account
Make sure your AWS account is fully secure. Use Multi-factor Authentication (MFA), don’t use your root user too often and configure your account contacts.

Stay Updated
Security risks are continually changing and evolving. Be sure to schedule regular meetings to review new threats and how to mitigate them.

Security recommendations are always changing. Be diligent in following the latest suggestions by subscribing to AWS Updates and the AWS Security blog. Consider consulting with outside experts at regular intervals to ensure your security is up to date.

Use a Threat Model
Create a threat model to identify new and existing risks. Once identified, prioritise the risks and address them as needed. Be sure to keep your threat model updated to reflect new security recommendations.

Automate
Automation lessens the possibility of human error. Create an automated testing service that allows you to check the secureness of your systems quickly.

Build the automated testing services directly into your systems and processes. Once built-in, these testing services can continuously check for threats and breaches, and alert you if there is a problem.

AWS Partners
AWS Partners regularly release security updates that can help you keep your data safe.

WOLK, a long term AWS Partner, is always up to date on new threats and security recommendations. To ensure your data is secure, schedule a Well-Architected Review. WOLK will identify and highlight any high-risk items, and mitigate them for you.