Five Pillars of the Well - Architected AWS Framework.

General Design Principles 

1.Stop guessing capacity,

2.Test at prod scale.

3.Automate to make Architectural Experiments easier . 

4. Allow evolutionary Architecture. 

5.Data driven Architecture.
6.Improve through Game days.  

  The FIVE Pillars of AWS Architecutre

  https://d0.awsstatic.com/whitepapers/architecture/AWS_Well-Architected_Framework.pdf 

(Nov 2016 Version )

AWS Services covering the Five Pillars.

Security

1.Identity and Access Management:

IAM ( MFA enabled )

2.Detective Controls 

Cloud Trail, Config, Cloud Watch

3.Infrastructure Protection

VPC

4.Data Protection

Encryption for data in transit and at rest. KMS makes it easier for customers to create and control keys used for encryption.

5. Incident Response.

IAM access to Incident Response team. Cloud Formation to create trusted environment for conducting investigations.

  Reliability: 

Key service: Cloud Watch

1. Foundations:

IAM,  VPC,

 2. Change Management

Cloud Trail,  Config
3. Failure Management
Cloud Formation

Performance  ( Incorporate Cloud Watch feedback )

1. Selection 

Compute =>  Auto Scaling

Storage => SSD,PIOPS, S3 Transfer Acceleration,

Database => Provisioned IOPS, Read Replica, Dynamo DB single digit millisecond latency at any scale

Network => Route 53 latency based routing , VPC endpoints and DIrect Connect reduce network distance or jitter

2. Review :

AWS Blog and what is new to update on latest and new service and updates.

3. Monitoring:

Amazon CloudWatch, ( can be integrated to Lambda and trigger actions )

4. Trade off: Amazon ElastiCache, CloudFront , Snowball,Read Replica. offer performance trade offs. 

Cost Optimization Pillar :

1. Cost-effective resources: Reserved Instances, prepaid, capacity, . AWS trusted advisor

2. Matching supply and Demand : Auto Scaling
3. Expenditure Awareness : CloudWatch Alarms,  SNS

4. Optimizing over time : Blog, What's new, Trusted Advisor, 

Operational Excellence :

1.  Preparation : => AWS Config, AWS Service Catalog, 

 2. Operation => AWS CodeCommit, AWS Code Deploy, AWS CodePipeline. Use AWS SDKsor 3rd party libraries to automate operational changes,. Use AWS Cloud Trail to audit and track changes made to AWS environments.

3.Response : All features of CloudWatch service.

 

Top Level Questions  To Ask Specific to Five Pillars Before Moving To Cloud

( From AWS Doc : https://d0.awsstatic.com/whitepapers/architecture/AWS_Well-Architected_Framework.pdf )

Security:
1. How Root account access and protection?
2. How Human Access control of AWS console?
3. Control and limiting automated access to AWS resources?
4. How Capturing and analyzing logs?
5. How Enforcing Network and Host level boundary protection?
6. How leveraging AWS Service level security eatures?
7. How integrity of OS at EC2 instance level  protected?
8. How are you classifying Data?
9. How Data encrypted and protected at rest?
10. How Keys managed?
11. How Data encrypted and protected in transit?
12. How do you ensure you have proper Incident Repsonse?


Reliability
1. How do you manage AWS service limits for your accounts?
2.How are you planning your Network topology on AWS?
3.How does your system adapt to changes in demand?
4. How are you monitoring AWS resources?
5. How are you executing change?
6. How are you backing up data?
7. How does your system withstand component failure?
8. How are you testing for resiliency?
9. How are you planning for disaster recovery?


Performance Efficiency  
1. How do you select the best performing architecture? 
2. How do you select your compute solution?
3. How do you select your storage solution?
4. How do you select your database solution?
5. How do you select your network solution?
6. How do you ensure you always have the most up to date and appropriate resources?
7. How do you monitor resources post-launch to ensure they perform as expected?
8. How do you use trade offs to improve performance?

Cost Optimization :
1. Are you considering Cost when you select AWS for your solution?
2. Have you sized your resources to meet your cost targets?
3. HAve you selected the appropriate pricing model to meet your cost targets?
4. How do you ensure your capacity matches but doesn't substantially exceed?
5. Do you consider data-transfer charges when designing your architecture?
6. How are you monitoring usage and spending?
7. Do you decommission resources you no longer need or just stop it?
8. What access controls and procedures do you have in place to govern AWS usage?
9. How do you manage/consider adoption of new services?

Operational Excellence: 
1. What best practice for cloud operations are you using?
2. How are you doing configuration management for your workload?
3. How are you evolving your workload while minimizing the impact of change?
4. How do you monitor your workload to ensure it is operating as expected?
5.  How do you respond to unplanned operational events?
6. How is escalation managed when responding to unplanned operational events?

 
Other questions:  
The above pillar questions are aspects to be considered within AWS. Questions below are how do you link up or align or reprocess or re engineer within your enterprise. There will be scenarios where the question arises as to who owns your cloud. Is it your IT? Your business ? or is there a hybrid overlapping or non overlapping ownership model? These questions only applies to enterprises. 
1. How is cloud adoption aligned to enterprise architecture practice.
2. How is collaboration ensured when departments go on cloud on their own?