Blog

Well-architected cloud infrastructure: main recommendations

37898463_m-1As we have explained in previous articles, the AWS Well-Architected Framework allows us to design optimal infrastructures, focused on high performance. In fact, many companies already implement these best practices for their cloud-based systems and workloads.

However, it is common for questions about risk mitigation guidelines to arise before or during the architecture analysis. Or also related to session requirements or additional requirements.

So, how do we achieve the development of an appropriate cloud architecture? In today's post we solve the most frequently asked questions and give you some recommendations to run your Well-Architected Analysis in a smooth way.


The Well-Architected program


AWS Well-Architected program provides the necessary guidelines to cloud solutions architects in the design and deployment of secure and efficient platforms. Let's not forget that WAF is based on five essential pillars that provide the necessary tools to develop effective assessment environments: Operational Excellence, Security, Cost Optimization, Reliability, Performance Efficiency.

Throughout various evaluations carried out by Linke's WAR team, we have found that it is important for our clients to know the impact and incidents resolution, among other aspects. We have asked Linke's experts, who have shared with us the most relevant information:

Incidents and Impact

One of the frequently asked questions is the impact that High Risk Incidents could have on the platform. Let's start by explaining that HRIs are determined according to AWS best practices, their impact depends on the corresponding pillar:

  • Security: indicates that company has not taken the minimum measures to protect the platform and/or the workload data.
  • Reliability: no managed services are used to guarantee business continuity in case of disasters.
  • Performance: it may be due to the fact that no right-sizing or evaluation of frequent KPI's are performed.
  • Costs: it is possible that the company is not taking advantage of different pricing models, or that automation has not been implemented in order to eliminate resources that have completed their life cycle.
  • Operational: Undetermined or ineffective KPI's may be some of the problems regarding the operational model.
Once detected, Linke is responsible for preparing a proposal with the recommended HRI's  to be mitigated (at least 25% of incidents). This decision is based on an analysis of criticality and required effort  to implement the solution. 

And, what happens with the Incidents (High and Medium) detected? In this case, the customer can ask Linke for a statement-of-work that contains: the analysis of effort and cost of applying solutions to the selected incidents.
Access/Permissions and capabilities of the Linke team

To get the maximum benefit from the assessment, our experts require key permissions for the workload review and to the customer's AWS console, detailed below. 

On the other hand, Linke guarantees that our team has the required expertise and current AWS Professional certifications to carry out WARs. In addition to having participated as architects and technicians in various projects and managed services in solutions based on AWS.

Evaluating your cloud architecture

The review of the architecture is carried out through 5 phases: Booking a meeting with certified cloud architects, identifying applications and workloads to be checked, analysis with questions focused on the five pillars of AWS architecture, and setting out the mitigation tasks to be performed throughout the process.

Our recommendations

To ensure an optimal session, our experts recommend:

1. Session Requirements

It is advisable to have the following roles during the session, which will be key as they provide knowledge regarding the workloads to be evaluated. 

  • Responsible for the platform at AWS
  • Responsible for the workload/applications to be evaluated
  • Operations Team Manager
  • Technician/architect with knowledge of the platform architecture
  • Organizational Network/Security Specialist 

2. Additional Requirements

During the session, it is recommended to give Linke  the necessary permissions for the platform review. Let's see what the essential permissions are: 

  • Write permissions to the AWS console on the AWS Well-Architected Tool service, and for the account where the productive workload platform is located.
  • Viewing permissions on the components of the workload to be analyzed for the revision of the platform prior to the execution of the session.
  • To have all the documentation, in a cloud architecture level, of the workload to be evaluated.

With all these points covered we are ready to start a Well Architected Review. Schedule a session now, our experts will be happy to advise you.

Sign up for a well-architected analysis

 

Stay tunned for more content like this.

Nueva llamada a la acción
Linke SAP on AWS
Key steps to adopt Devops on a Cloud-Native Company
Download The Linke AWS Connector for SAP in PDF