Cloud architecture is the design of a system that uses cloud computing to deliver services. It typically involves multiple components, including hardware, software, networking and storage. As a system, it must be designed to meet the needs of an organization in terms of its size, workloads and applications and should also be able to scale up or down as needed.
Operational Excellence :
Operational Excellence focuses on running workloads efficiently, monitoring operational health, and continuously improving processes and procedures. AWS provides several services to support this pillar:
SERVICES:
AWS Cloud Formation for Infrastructure as Code (IaC) to automate resource provisioning and management.
AWS Cloud Trail for logging API activity and auditing changes in AWS resources.
Amazon CloudWatch for monitoring metrics, setting alarms, and automating actions based on specific thresholds.
AWS Config for evaluating and managing the compliance of your AWS resources.
Security
Security is about protecting your data, systems, and assets from potential threats and adhering to security best practices. AWS offers various services to enhance security:
Design principle
strong identity foundation: credentials data management, IAM policies
apply security at all layers: edge location, VPC, subnets, load balancer, every instance
enable traceability: integrate logs and metrics with the system to automatically respond and take action.
AWS Identity and Access Management (IAM) for managing user access and permissions to AWS resources.
Detective Controls: AWS config, cloud trail, CloudWatch
Infrastructure Protection: AWS CloudFront, VPC, Shield, Inspector,
data protection KMS, S3, ELB, ELB, RDS
Incident Response: IAM, CloudFormation, CloudWatch Events
Reliability :
Reliability ensures that your architecture can recover from failures, automatically scale, and maintain high availability. AWS services that promote reliability include:
Design principle
Test recovery procedures :
recover from failure: failure recovery action before they occur
stop guessing capacity: use auto-scaling
scale horizontally to increase aggregate system availability: distributing requests across multiple resources ensuring not to occur same failure points.
Change in infra automation process services :
foundation: IAM, Amazon VPC, service limits, AWS Trusted Advisor
change management: auto-scale, cloud watch, cloud Trail, Cloud config
fail management : Backups, cloud formation, S3, S3 Glacier (backup archive), Route 53(disaster recovery through changing DNS as required )
Performance Efficiency :
ability to use compute resources efficiently to meet required system services, and demands.
Design Principle:
Go Global in Min: easy deployment in multiple regions
use serverless architecture : avoid the burden of managing server
Services :
selection: auto-scaling, Lambda, EBS, S3, RDS
Review: AWS CloudFormation
Monitoring: cloud watch, Lambda
Tradeoffs: Amazon RDS, ElasticCache, Snowball (how do I know I am doing right performance), CloudFront –[go global in min, fast data delivery, low latency mechanism services.]
Cost Optimization :
- run systems to deliver business values & data at the lowest price points.
Design principle:
pay only for what you need (use lambda only if needed for particular required time)
measure overall efficiency – Use CloudWatch
don’t waste money on data center, AWS handels it, rather focus on org projects.
Analyze & identify system use and costs
use managed and application level services to reduce cost of ownership. (only 3 cloud engineer can handle 5million app users just by analysing and right cost optimization.) #Services:
Expenses Awareness: AWs budgets, Aws Cost& usage Report, AWS Cost explorer, reserved instance reporing
Cost-effective resources: spot-instance, reserved instance, S3 Glacier
matching Supply and Demand: AWS auto-scaling,
Sustainability :
Focuses on minimizing the environmental impacts of running cloud workloads.
Design Principles :
• Establish sustainability long-term goals for each workload
• Maximize utilization – Right size each workload to maximize the energy efficiency of the underlying hardware.
• Anticipate and adopt new, more efficient hardware and software offerings – and design for flexibility to adopt new technologies over time.
• Use managed serviceswhich helps to automate sustainability best practices as moving infrequent accessed data to cold storage and adjusting compute capacity.
Imp CCP questions:
if it says workload effectively, its Operational not Performance
Operational excellence talks about
Making frequent, small, reversible changes.
ocuses on using computing resources efficiently to meet system requirements, ie. advantage with evolving with technologies.
The Cost Optimization pillar focuses on the ability to run systems to deliver business value at the lowest price point.
The Performance Efficiency pillar focuses on using computing resources efficiently to meet system requirements and to maintain that efficiency as demand changes and technologies evolve.
The Reliability pillar focuses on the ability of a workload to consistently and correctly perform its intended functions.
- The Operational Excellence pillar includes the ability to run workloads effectively, gain insights into their operations, and continuously improve supporting processes to deliver business value.
The Performance Efficiency pillar focuses on using computing resources efficiently to meet system requirements, and to maintain that efficiency as demand changes and technologies evolve.
By performing operations as code, you limit human error and enable consistent responses to events.
**#Your company is developing its first application in the cloud. You suggested that the company should leverage the AWS Well-Architected Framework during the process. The CTO is now asking you to provide more details about the framework and its benefits.
Which statement would you use to describe the AWS Well-Architected Framework? (Select TWO)**
It helps organizations track development process while implementing cloud applications.
It increases the likelihood of business success by helping the organization having constructive conversations.
It provides a consistent approach to evaluate the application architecture against best practices.
It is an auditing mechanism that the company must comply before deploying into the cloud.
Additional resources
To learn more about the concepts that were explored in Module 10, review these resources.