Module 9: Cloud Architecture

Section 1: AWS Well-Architected Framework

Architecture: designing and building

Architect

Customer
Structure design (Decision maker) Completed structure
Building crew
(Delivery team)
What is the AWS Well-Architected Framework?
•A guide for designing infrastructures that are:
✓Secure
✓High-performing
✓Resilient
✓Efficient

•A consistent approach to evaluating and implementing cloud architectures

•A way to provide best practices that were developed through lessons learned
by reviewing customer architectures
Pillars of the AWS Well-Architected Framework

7
Pillar organization
Best practice area Identity and Access Management
Question text SEC 1: How do you manage credentials and authentication?
Credential and authentication mechanisms include passwords, tokens, and keys that grant
Question context access directly or indirectly in your workload. Protect credentials with appropriate
mechanisms to help reduce the risk of accidental or malicious use.

Best practices:
Best practices •Define requirements for identity and access management
•Secure AWS account root user
•Enforce use of multi-factor authentication
•Automate enforcement of access controls
•Integrate with centralized federation provider
•Enforce password requirements
•Rotate credentials regularly
•Audit credentials periodically
AnyCompany background
•AnyCompany Corporation: “Cityscapes you can stand over”
•Founded in 2008 by John Doe
•Sells 3D-printed cityscapes
•About to apply for investment
•Has asked youto perform a review of their platform as part of their due
diligence
•Cloud native
AnyCompany background (continued)
AnyCompany architecture: Fly and Snap
AnyCompany architecture: Show and Sell
AnyCompany architecture: Make and Ship
Activity overview
•Break into small groups.
•You will learn about each of the pillars. At the end of each pillar, there is a set of questions
from the AWS Well-Architected Framework for you to work through with your group. Use
these Framework questions to guide your review of the AnyCompany architecture.
•For each Well-Architected Framework question, answer the following questions about the
AnyCompany architecture:
•What is the CURRENT STATE (what is AnyCompany doing now)?
•What is the FUTURE STATE (what do you think AnyCompany should be doing?)

•Agree on the top improvement that AnyCompany should make to its architecture for each
set of Well-Architected Framework questions.
•Hint: There are no right or wrong answers.
Operational Excellence pillar –deliver business value

• Focus
Operational
Excellence •Run and monitor systems to deliver business value, and to
pillar continually improve supporting processes and procedures.

•Key topics
•Automating changes
•Responding to events
Deliver
•Defining standards to manage daily operations
business
value
Operational excellence design principles

•Perform operations as code

Operational
Excellence •Make frequent, small, reversible changes
pillar •Refine operations procedures frequently
•Anticipate failure
•Learn from all operational events and failures

Deliver
business
value
Operational excellence questions
Organization
Operate
•How do you determine what your priorities are?
•How do you understand the health of your workload?
•How do you structure your organization to support •How do you understand the health of your
your business outcomes? operations?
•How does your organizational culture support your
•How do you manage workload and operations events?
business outcomes?

Evolve
Prepare
•How do you evolve operations?
•How do you design your workload so that you can
understand its state?
•How do you reduce defects, ease remediation, and
improve flow into production?
•How do you mitigate deployment risks?
•How do you know that you are ready to support a
workload?
Operational excellence activity breakout
Security pillar –protect and monitor systems

• Focus
Security
•Protect information, systems, and assets while delivering
pillar business value through risk assessments and mitigation
strategies.

•Key topics
•Protecting confidentiality and integrity of data
•Identifying and managing who can do what
Protect and
monitor •Protecting systems
systems •Establishing controls to detect security events
Security design principles

•Implement a strong identity foundation

Security
pillar •Enable traceability •Apply security at
all layers •Automate security best
practices •Protect data in transit and at
rest •Keep people away from data
•Prepare for security events
Protect and
monitor
systems

23
Security questions
Security
Infrastructure protection
•How do you securely operate your workload?
•How do you protect your network resources?
•How do you protect your compute resources?

Identity and access management

•How do you manage identities for people and Data protection
machines? •How do you classify your data?
•How do you manage permissions for people and •How do you protect your data at rest?
machines?
•How do you protect your data in transit?

Detection
Incident response
•How do you detect and investigate security events? •How do you anticipate, respond to, and recover
from incidents?

24
Security activity breakout

25
Reliability pillar –recover from failure and mitigate disruption

• Focus
Reliability
pillar •Ensure a workload performs its intended function correctly and
consistently when it’s expected to.

•Key topics
•Designing distributed systems
Recover from •Recovery planning
failure and
mitigate •Handling change
disruption.
Reliability design principles

•Automatically recover from failure

Reliability
pillar •Test recovery procedures
•Scale horizontally to increase aggregate workload
availability
•Stop guessing capacity
•Manage change in automation
Recover from
failure and
mitigate
disruption.
Reliability questions
Foundations Change management
•How do you manage service quotas and
•How do you monitor workload resources?
constraints? •How do you design your workload to adapt to
•How do you plan your network topology? changes in demand?
•How do you implement change?
Workload architecture
Failure management
•How do you design your workload service
architecture? •How do you back up data?
•How do you design interactions in a distributed •How do you use fault isolation to protect your
workload?
system to prevent failure?
•How do you design your workload to withstand
•How do you design interactions in a distributed component failures?
system to mitigate or withstand failures?
•How do you test reliability?
•How do you plan for disaster recovery?
Activity breakout
Performance Efficiency pillar –use resources sparingly

• Focus
Performance •Use IT and computing resources efficiently to meet system requirements
Efficiency and to maintain that efficiency as demand changes and technologies
pillar evolve.

•Key topics
•Selecting the right resource types and sizes based on workload
requirements
Use •Monitoring performance
resources •Making informed decisions to maintain efficiency as business needs
sparingly. evolve
Performance efficiency design principles

• Democratize advanced technologies

Performance • Go global in minutes
Efficiency
pillar • Use serverless architectures
• Experiment more often
• Consider mechanical sympathy

Use
resources
sparingly.

33
Performance efficiency questions
Selection Review
•How do you select the best performing
•How do you evolve your workload to
architecture? take advantage of new releases?
•How do you select your compute
solution? Monitoring
•How do you select your storage •How do you monitor your resources to
solution? ensure they are performing?
•How do you select your database
solution? Tradeoffs
•How do you configure your networking •How do you use tradeoffs to improve
solution? performance?

34
Activity breakout
Cost Optimization pillar –eliminate unneeded expense

• Focus
Cost
Optimization •Avoid unnecessary costs.
pillar
•Key topics
•Understanding and controlling where money is being spent
•Selecting the most appropriate and right number of resource
types
Eliminate
unneeded •Analyzing spend over time
expense.
•Scaling to meeting business needs without overspending
Cost optimization design principles

•Implement Cloud Financial Management

Cost •Adopt a consumption model
Optimization
pillar •Measure overall efficiency
•Stop spending money on undifferentiated heavy lifting
•Analyze and attribute expenditure

Eliminate
unneeded
expense.

38
Cost optimization questions
Practice cloud financial management
Cost-effective resources
•How do you implement cloud financial management?
•How do you evaluate cost when you select services?
•How do you meet cost targets when you select
resource type, size, and number?
Expenditure and usage awareness •How do you use pricing models to reduce cost?
•How do you govern usage?
•How do you plan for data transfer changes?
•How do you monitor usage and cost?
•How do you decommission resources? Manage demand and supply resources
•How do you manage demand and supply resources?

Optimize over time

•How do you evaluate new services?

39
Activity breakout
The AWS Well-Architected Tool
•Helps you review the state of your workloads and compares them to the
latest AWS architectural best practices
•Gives you access to knowledge and best practices used by AWS architects,
whenever you need it
•Delivers an action plan with step-by-step guidance on how to build better
workloads for the cloud
•Provides a consistent process for you to review and measure your cloud
architectures
Section 2: Reliability and availability
Reliability

• A measure of your system’s

ability to provide functionality Car
when desired by the user.
• Systemincludes all system
components: hardware,
firmware, and software. Brakes
System
• Probabilitythat your entire Component
system will function as intended Ignition
System
for a specified period. Cooling Component
System
• Mean time between failures component
(MTBF) = total time in
service/number of failures
System
Understanding reliability metrics

System brought online

(system available)

Mean Time Between Failures Mean Time to Failure

(MTBF = MTTF + MTTR) (MT TF)

System System
(component) Mean Time to Repair (component)
(MT TR)
repaired fails
Availability
•Normal operation time / total time
•A percentage of uptime (for example, 99.9 percent) over time (for example, 1
year)
•Number of 9s –Five 9s means 99.999 percent availability

47
High availability

• System can withstand some measure of degradation

while still remaining available.
• Downtime is minimized.
• Minimal human intervention is required.

48
Availability tiers
Factors that influence availability
Fault tolerance
Recoverability
•The built-in redundancy of an
•The process, policies, and
application's components and its procedures that are related to
ability to remain operational.
restoring service after a
catastrophic event.
Scalability
•The ability of an application to
accommodate increases in
capacity needs without changing
design.

50
Section 3: AWS Trusted Advisor
AWS Trusted Advisor

•Online tool that provides real-time guidance to help you

provision your resources following AWS best practices.
AWS Trusted •Looks at your entire AWS environment and gives you real-time
Advisor recommendations in five categories.
Cost Optimization Performance Security Fault Tolerance Service Limits

Potential monthly savings

53
Activity: Interpret AWS Trusted Advisor recommendations
Activity: Recommendation #1

MFA on Root Account

Description: Checks the root account and warns if multi-factor authentication (MFA) is not enabled. For increased
security, we recommend that you protect your account by using MFA, which requires a user to enter a unique
authentication code from their MFA hardware or virtual device when interacting with the AWS console and
associated websites.
Alert Criteria: MFA is not enabled on the root account.

Recommended Action: Log in to your root account and activate an MFA device.
Activity: Recommendation #2
IAM Password Policy
Description: Checks the password policy for your account and warns when a password policy is not enabled, or if
password content requirements have not been enabled. Password content requirements increase the overall
security of your AWS environment by enforcing the creation of strong user passwords. When you create or change a
password policy, the change is enforced immediately for new users but does not require existing users to change
their passwords.
Alert Criteria: A password policy is enabled, but at least one content requirement is not enabled.
Recommended Action: If some content requirements are not enabled, consider enabling them. If no password policy
is enabled, create and configure one. See Setting an Account Password Policy for IAM Users.
Activity: Recommendation #3

Security Groups –Unrestricted Access

Description: Checks security groups for rules that allow unrestricted access to a resource. Unrestricted access
increases opportunities for malicious activity (hacking, denial-of-service attacks, loss of data).
Alert Criteria: A security group rule has a source IP address with a /0 suffix for ports other than 25, 80, or 443.)
Recommended Action: Restrict access to only those IP addresses that require it. To restrict access to a specific IP
address, set the suffix to /32 (for example, 192.0.2.10/32). Be sure to delete overly permissive rules after creating
rules that are more restrictive.
Activity: Recommendation #4
Amazon EBS Snapshots
Description: Checks the age of the snapshots for your Amazon Elastic Block Store (Amazon EBS) volumes
(available or in-use). Even though Amazon EBS volumes are replicated, failures can occur. Snapshots are
persisted to Amazon Simple Storage Service (Amazon S3) for durable storage and point-in-time recovery.
Alert Criteria:
Yellow: The most recent volume snapshot is between 7 and 30 days old.
Red: The most recent volume snapshot is more than 30 days old.
Red: The volume does not have a snapshot.
Recommended Action: Create weekly or monthly snapshots of your volumes
Activity: Recommendation #5
Amazon S3 Bucket Logging
Description: Checks the logging configuration of Amazon Simple Storage Service (Amazon S3) buckets. When server
access logging is enabled, detailed access logs are delivered hourly to a bucket that you choose. An access log record
contains details about each request, such as the request type, the resources specified in the request, and the time
and date the request was processed. By default, bucket logging is not enabled; you should enable logging if you want
to perform security audits or learn more about users and usage patterns.
Alert Criteria:
Yellow: The bucket does not have server access logging enabled.
Yellow: The target bucket permissions do not include the owner account. Trusted Advisor cannot check it.
Recommended Action:
Enable bucket logging for most buckets.
If the target bucket permissions do not include the owner account and you want Trusted Advisor to check the
logging status, add the owner account as a grantee.

59