Graduate Program KB

AWS Architecting & Ecosystem

  • Well-Architected Framework general guiding principles

    • Stop guessing capacity needs
    • Test systems at production scale
    • Automate to make architectural experimentation easier
    • Allow for evolutionary architectures
      • Design based on changing requirements
    • Drive architectures using data
    • Improve through game days
      • Simulate applications for flash sale days

  • AWS Cloud best practices, design principles

    • Scalability: Vertical and horizontal
    • Disposable resources: Servers should be disposable and easily configured
    • Automation: Serverless, Infrastructure as a Service, Auto Scaling, etc.
    • Loose coupling:
      • Monolith are applications that do more over time and become bigger
      • Break it down into smaller, loosely coupled components
      • A change or failure in a component should not cascade to other components
    • Services, not Servers:
      • Don't just use EC2
      • Use managed services, databases, serverless, etc.

Pillars

  • The 6 pillars of the Well-Architected Framework (they synergise, not an act of balance / trade-offs)

    • Operational Excellence
    • Security
    • Reliability
    • Performance Efficiency
    • Cost Optimisation
    • Sustainability

  • Operational Excellence

    • Includes the ability to:
      • Run and monitor systems
      • Deliver business value
      • Continually improve supporting processes / procedures
    • Design principles
      • Perform operations as code: Infrastructure as code
      • Annotate documentation: Automate the creation of annotated documentation after every build
      • Make frequent, small, reversible changes: In case of any failure, you can reverse it
      • Refine operations procedures frequently: Ensure that team members are familiar with it
      • Anticipate failure
      • Learn from all operational failures
    • AWS services for operational excellence
      • Prepare: CloudFormation, Config
      • Operate: CloudFormation, Config, CloudTrail, CloudWatch, X-Ray
      • Evolve: CloudFormation, CodeBuild, CodeCommit, CodeDeploy, CodePipeline

  • Security

    • Includes the ability to:
      • Protect information, systems and assets
      • Deliver business value through risk assessments and mitigation strategies
    • Design principles
      • Implement a strong identity foundation: Centralise privilege management and reduce / eliminate reliance on long-term credentials (principle of least privilege)
      • Enable traceability: Integrate logs and metrics with systems to automatically respond and take action
      • Apply security at all layers: Like edge networks, VPC, subnet, load balancer, all instances, OS and applications
      • Automate security best practices
      • Protect data in transit and at rest: Encryption, tokenisation and access control
      • Keep people away from data: Reduce / eliminate the need for direct access or manual processing of data
      • Prepare for security events: Run incident response simulations and use tools with automation to increase your speed for detection, investigation and recovery
      • Shared Responsibility Model
    • AWS services for security
      • Identity and Access Management: IAM, AWS STS, MFA token, AWS Organizations
      • Detective Controls: Config, CloudTrail, CloudWatch
      • Infrastructure Protection: CloudFront, VPC, Shield, WAF, Inspector
      • Data Protection: KMS, S3, Elastic Load Balancing, EBS, RDS
      • Incident Response: IAM, CloudFormation, CloudWatch Events

  • Reliability

    • Includes the ability of a system to:
      • Recover from infratructure or service disruptions
      • Dynamically acquire computing resources to meet demand
      • Mitigate disruptions such as misconfigurations or transient network issues
    • Design principles
      • Test recovery procedures: Use automation to simulate different failures or recreate scenarios that led to previous failures
      • Automatically recover from failure: Anticipate and remediate failures before occurring
      • Scale horizontally to increase aggregate system availability: Distribute requests across multiple, smaller resources to ensure they don't share a common point of failure
      • Stop guessing capacity: Maintain the optimal level to satisfy demand without over or under provisioning (use Auto Scaling)
      • Manage change in automation: Use automation to make changes to infrastructure
    • AWS services for reliability
      • Foundations: IAM, VPC, Service Quotas, Trusted Advisor
      • Change Management: Auto Scaling, CloudWatch, CloudTrail, Config
      • Failure Management: Backups, CloudFormation, S3, S3 Glacier, Route 53

  • Performance Efficiency

    • Includes the ability to:
      • Use computing resources efficiently to meet system requirements
      • Maintain that efficiency as demand changes and technology evolves
    • Design principles
      • Democratise advanced technologies: Advance technologies become services, hence, you can focus more on product development
      • Go global in minutes: Easy deployment in multiple regions
      • Use serverless architectures: Avoid burden of managing servers
      • Experiment more often: Easy to carry out comparative testing
      • Mechanical sympathy: Be aware of all AWS services
    • AWS services for performance efficiency
      • Selection: Auto Scaling, Lambda, Elastic Block Store (EBS), Simple Storage Service (S3), RDS
      • Review: CloudFormation, News Blog
      • Monitoring: CloudWatch, Lambda
      • Trade-offs: RDS, ElastiCache, Snowball, CloudFront

  • Cost Optimisation

    • Includes the ability to run systems to deliver business value at the lowest price point
    • Design principles
      • Adopt a consumption mode: Pay only for what you use
      • Measure overall efficiency: Use CloudWatch
      • Stop spending money on data centre operations: AWS does the infrastructure part and enables customers to focus on organisation projects
      • Analyse and attribute expenditure: Accurate identification of system usage and costs, helps measure return on investment (ROI), use tags
      • Use managed and application level services to reduce cost of ownership: As managed services operate at cloud scale, they offer a lower cost per transaction or service
    • AWS services for cost optimisation
      • Expenditure awareness: Budgets, Cost and Usage Report, Cost Explorer, Reserved Instance Reporting
      • Cost-effective resources: Spot Instance, Reserved Instance, S3 Glacier
      • Matching supply and demand: Auto Scaling, Lambda
      • Optimising over time: Trusted Advisor, Cost and Usage Report, News Blog

  • Sustainability

    • Includes the ability to focus on minimising the environmental impacts of running cloud workloads
    • Design principles
      • Understand your impact: Establish performance indicators and evaluate improvements
      • Establish sustainability goals: Set long-term goals for each workloads / model return on investment
      • Maximise utilisation: Right size each workload to maximise the energy efficiency of the underlying hardware and minimise idle resources
      • Anticipate and adopt new, more efficient hardware and software offerings Design for flexibility to adopt new technologies over time
      • Use managed services: Shared services reduce the amount of infrastructure. Managed services help automate sustainability best practices by moving infrequently accessed data to cold storage and adjusting compute capacity
      • Reduce the downstream impact of your cloud workloads: Reduce the amount of energy / resources required to use your services and reduce the need for customers to upgrade their devices
    • AWS services for sustainability
      • EC2 Auto Scaling, Serverless Offering (Lambda, Fargate)
      • Cost Explorer, Graviton 2, EC2 T instances, Spot instances
      • EFS-IA, S3 Glacier, EBS Cold HDD volumes
      • S3 Lifecycle Configurations, S3 Intelligent Tiering
      • Amazon Data Lifecycle Manager
      • Read local, write global: RDS Read Replicas, Aurora Global DB, DynamoDB Global Table, CloudFront

AWS Well-Architected Tool

  • A free tool to review your architectures against the 6 pillars Well-Architected Framework and adopt architectural best practices
  • It works by:
    • Selecting your workload and answering questions
    • Reviews your answers against the 6 pillars
    • Obtain advice through videos and documentations, generates a report and see the results in a dashboard

AWS Cloud Adoption Framework

  • Cloud Adoption Framework (CAF) helps you build and execute a comprehensive plan for your digital transformation through AWS

  • Created by AWS professionals, taking advantage of AWS best practices and lessons learned from thousands of customers

  • AWS CAF identifies specific organisational capabilities that underpin successful cloud transformations

  • AWS CAF groups its capabilities in six perspectives:

    • Business
      • Helps ensure your cloud investments accelerate your digital transformation ambitions and business outcomes
    • People
      • Serves as a bridge between technology and business, accelerating the cloud journey to help organisations evolve rapidly to a culture of continous growth and learning
      • Where change becomes business as normal, the focus is on culture, organisational structure, leadership and workforce
    • Governance
      • Helps orchestrate cloud initiatives while maximising organisational benefits and minimising transformation-related risks
    • Platform
      • Helps build an enterprise-grade, scalable, hybrid cloud platform to modernise existing workloads and implement new cloud-native solutions
    • Security
      • Helps achieve confidentiality, integrity and availability of your data and cloud workloads
    • Operations
      • Helps ensure your cloud services are delivered at a level that meets the needs of your business

  • Transformation Domains

    • Technology: Using the cloud to migrate and modernise legacy infrastructure, applications, data and analytics platforms
    • Process: Digitising, automating and optimising business operations
      • Leverage new data and analytics platforms to create actionable insights
      • Use ML to improve customer service experience
    • Organisation: Re-imagining your operating model
      • Organising your teams around products and value streams
      • Leverage agile methods to rapidly iterate and evolve
    • Product: Re-imagining your business model by creating new value propositions (products and services) and revenue models

  • Transformation Phases

    • Envision: Demonstrate how the Cloud will accelerate business outcomes by identifying transformation opportunities and create a foundation for your digital transformation
    • Align: Identify capability gaps across the 6 AWS CAF perspectives which results in an action plan
    • Launch: Build and deliver pilot intiatives in production and demonstrate incremental business value
    • Scale: Expand pilot initiatives to the desired scale while realising the desired business benefits

AWS Right Sizing

  • Right sizing is the process of matching instance types and sizes to your workload performance and capacity requirements at the lowest possible cost
    • EC2 has many instance types but choosing the most powerful type isn't the best choice because the cloud is elastic
    • Always start small, scaling up is easy
  • It's also the process of looking at deployed instances and identifying opportunities to eliminate or downsize without compromising capacity or other requirements which results in lower costs
  • The time to right size is:
    • Before a cloud migration
    • Continuously after the cloud onboarding process (requirements change over time)
  • CloudWatch, Cost Explorer, Trusted Advisor and 3rd party tools can help\

AWS Ecosystem - Free resources

AWS Ecosystem - AWS Support

  • Developer
    • Business hours email access to Cloud Support Associates
    • General guidance: Less than 24 business hours
    • System impaired: Less than 12 business hours
  • Business
    • 24/7 phone, email and chat access to Cloud Support Engineers
    • Production system impaired: Less than 4 hours
    • Production system down: Less than 1 hour
  • Enterprise
    • Access to a Technical Account Manager (TAM)
    • Concierge Support Team (for billing and account best practices)
    • Business-critical system down: Less than 15 minutes

AWS Marketplace

  • A digital catalog with thousands of software listings from independent software vendors (3rd party)
  • Examples:
    • Custom AMI (custom OS, firewalls, technical solutions)
    • CloudFormation templates
    • Software as a Service
    • Containers
  • If you buy through AWS Marketplace, it goes into the AWS bill
  • You can sell your own solutions on the AWS Marketplace

AWS Training

  • AWS Digital (online) and Classroom Training (in-person or virtual)
  • AWS Private Training (for your organisation)
  • Training and Certification for the US Government
  • Training and Certification for the Enterprise
  • AWS Academy helps universities teach AWS

AWS Professional Services & Partner Network

  • The AWS Professional Services organisation is a global team of experts
    • They work alongside your team and a chosen member of the APN
    • APN: AWS Partner Network
    • APN Technology Partners: Providing hardware, connectivity and software
    • APN Consulting Partners: Professional services firm to help build on AWS
    • APN Training Partners: Find who can help you learn AWS
    • AWS Competency Program: AWS Competencies are granted to APN Partners who have demonstrated technical proficiency and proven customer success in specialised solution areas
    • AWS Navigate Program: Help partners become better partners

AWS IQ

  • Quickly find professional help for AWS projects
  • Engage and pay AWS certified 3rd party expoerts for on-demand project work
  • Video conferencing, contract management, secure collaboration and integrated billing
  • For customers:
    • Submit request: Describe your project
    • Review responses: Connect to experts (requirements and timelines)
    • Select expert: Based on rates, experience, etc.
    • Work securely: Give experts appropriate access to your AWS account
    • Pay per milestone: Charges added into your AWS bill
  • For experts:
    • Create profile: Photo, biography, certificates, etc.
    • Connect with customers
    • Start a proposal: Work description, price, milestones, etc.
    • Work securely: Get appropriate access to customer AWS account
    • Get paid: Request payment after milestones are met

AWS re:Post

  • An AWS-managed Q&A service offering crowd-sourced, expert-reviewed answers to your technical questions about AWS that replaces the original AWS Forums

  • Part of the AWS Free Tier

  • Community members can earn reputation points to build up their community expert status by providing accepted answers and reviewing answers from other users

  • Questions from AWS premium support customers that don't receive a response from the community are passed on to AWS support engineers

  • AWS re:Post is not intended to be used for questions that are time sensitive or involve an proprietary information

  • Knowledge Center

    • Contains the most frequent & common questions and requests

AWS Managed Services (AMS)

  • Provides infrastructure and application support on AWS
  • AMS offers a team of AWS experts who manage and operate your infrastructure for security, reliability and availability
  • Helps organisations offload routine management tasks and focus on their business objectives
  • A fully managed service, AWS handles common activities such as change requests, monitoring, patch management, security and backup services
  • Implements best practices and maintains your AWS infrastructure to reduce operational overhead and risk
  • AMS business hours are 24 hours a day, 365 days a year