Why do an AWS well-architected review?
26. july, 2022
The well-architected review is a specific process that compares your actual practices with the AWS well-architected framework. This framework is a collection of wisdom based on Amazon’s experience and learnings that they’ve acquired from years of running workloads in the cloud. It consists of six topics of cloud application security best practices. These topics are called pillars, and each of them takes a different angle on making sure your team is building secure and reliable systems.
Regularly going through an AWS well-architected framework review is a critical part of the cloud design process because it helps you discover and fix shortcuts you might have taken earlier. With development teams under constant pressure for quick results, it’s easy to forget where exactly corners got cut, and whether it’s critical to go back and smooth things over at a later time.
Implementing these practices of the well-architected framework enables businesses to confidently meet requirements for IT system availability, security and continuity. And what’s a better way to ensure these practices are actually implemented than regularly holding a review workshop with your team!
The Amazon well-architected review is a specific workshop format that produces an insightful report about the current state of things in your cloud implementation. The main value of this report is the opportunity to learn from your mistakes and determine better ways of going forward. It’s a great way to understand how you look compared to the best and recommended practices of cloud implementations, and what are your improvement opportunities with the highest impact.
All services consist of products, people, partners and processes. This makes technology just one quarter of the whole picture! Before looking at any of these in detail, it’s important to think about how they all work together. In short - providing great services only starts with establishing great governance.
A large part of the AWS well-architected framework targets technical aspects and looks at cloud application security best practices. But before others, you should address the pillar of operational excellence as this is specifically focused on governance issues. Well-functioning systems rely on good management, and even the best technical solutions will not fix bad governance down the line.
Analysing your current goals, responsibilities and processes will help determine gaps in your management foundation - these shortcomings are impossible to catch by looking at the symptoms that occur later down the line.
The well-architected review will help you discover where you stand with all of these:
Clear communication of the ultimate business goals is vital for every organisation. Best practices are just generic advice, and need to be adjusted and translated for the current business and its growth stage. Having everyone understand the long-term vision and commander’s intent is crucial for common alignment, but achieving this state of team-wide understanding certainly requires effort from all participants.
Conway’s law states that “organisations design systems that mirror their own communication structure”. Anything you produce is a reflection of yourself, so distributing clear responsibilities within your team is fundamental for delivery success. Uncovering and fixing issues with unclear communication early will spare you from troubleshooting lots of problematic symptoms later down the line. We really recommend the book “Team Topologies” by Matthew Skelton and Manuel Pais as further reading into this topic.
Well-designed processes make sure the responsibilities hand-in-hand with the business goals. It’s tempting to implement new procedures on-demand whenever determined necessary, but patching problems on the go does not bring value to the system as a whole. Designing for the system as an unity, on the other hand, can really upgrade the delivery of your whole organisation. (link to value stream performance blog). The well-architected review will easily tell you if you’re actually planning ahead or rather putting out fires with new procedures as the flames arise.
The experts at Amazon list the following as practical advice for achieving operational excellence - the first of the AWS well architected framework pillars to consider. The well-architected review will also check your processes against this list, and determine the most impactful improvement opportunities.
Perform operations as code
Put all changes through version control so that the changes are visible and traceable. Performing operations as code allows for small iterations and sets a foundation for continuous improvement.
Make frequent, small, reversible changes
It’s much easier to find what caused an error when you’ve only made a single small change. Having a large batch of major changes cause a single fatal error can keep you occupied with troubleshooting for days.
Refine operations procedures frequently
We learn most from actual practical situations while we work. In order to not instantly forget these lessons, it’s best to regularly reflect on the journey and adjust the procedures.
Murphy insists that it’s better to design for reality than pretend that things probably won’t break. Anyone with considerable DevOps experience tends to agree with him.
Learn from all operational failures
Find a balance between over-engineering and constant fire-fighting. We should accept that not everything will work the first time and be ready to fix what didn’t. Trying to foresee and plan for everything is a challenge that has already failed.
The well-architected review format is based on interviews with key stakeholders. If you have documentation on your systems, this will support the interviews, but the main input is gathered through a live workshop format.
The review process consists of three steps:
Interview with the in-house initiative lead.
This helps setting up the scope expectations for the upcoming workshop and report.
The review scope will first define the workloads under focus, then determine the stakeholders responsible for the processes, technologies and responsibilities.
The full-day moderated workshop engages all stakeholders that were determined during the first interview. The team members do not have to prepare anything for the workshop. The workshop moderator walks the team through a discussion of all six pillars of the AWS well-architected framework in a coaching format, discovering opportunities of improvement for the specific workload under focus.
The goal of the workshop is on constructive learning. It is important to keep in mind that the well-architected review is a comparison of the current state of things against best practices. It is not an audit!
Presenting the results
The learnings discovered during the workshop will be documented for future reference. The AWS review framework produces three pieces of documentation that summarise everything learned during the process: a scorecard, a report, and an action plan.
The workshop moderator will present these to the team so everyone will know how to find and reference the materials later.
The initial interview usually takes an hour. The workshop takes a whole 8-hour workday. Presenting the results can take up to two hours.
Usually the whole well-architected review process is spread out over a week or two, as it will take time to find a common workshop day with all stakeholders.
The review can be conducted either in-house or in collaboration with an external well-architected review partner. While some teams are able to implement the process into their routines themselves, the pressure for features and progress often makes it tempting to skip or postpone this kind of self-assessment sessions.
A great alternative is working with a neutral external partner that provides an AWS well-architected framework assessment service. Instead of learning and trying to figure out the details by yourself, collaborating with an agency can keep you focused on determining the best possible ways forward.
An external person can often be the necessary trigger to get people talking at all. For many practical-minded people it can seem redundant to analyse work processes with colleagues who sit next to them every day. Having to explain things to a third party is a great excuse to open the discussion and see if everyone is actually on the same page.
Do not hesitate to get in touch with the Entigo team to learn more about how to arrange a well-architected review for your team!
Best practices for cloud cost management with FinOpsRead more about insights
How to reduce lead time in software developmentRead more about insights
Why do an AWS well-architected review?Read more about insights