AWS Cloud Operations Blog

Streamline change processes ­and improve governance with AWS Well-Architected

The AWS Well-Architected Framework (WA Framework) is designed to help cloud architects build secure, resilient, high-performing, and efficient workloads on AWS. It is structured around six pillars: Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability.

6 pillars of AWS Well-Architected Framework – Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability. Implement scalable design and operations to accelerate the outcomes.

Figure 1. The pillars of AWS Well-Architected Framework

This post provides insights on how to streamline your change-management operational practices using AWS Well-Architected Framework Reviews (WAFR) and the AWS Well-Architected Tool (WA Tool). We will showcase how a healthcare customer redefined their approach to building on AWS by incorporating best practices such as changing their culture, enhancing security and building a successful roadmap for future product releases.

The challenge

When AWS customers plan to improve and optimize their workloads, they often find it challenging to prioritize the implementation of best practices for addressing multiple risks simultaneously. Security vulnerabilities pose a risk, as inadequate measures could lead to data breaches or unauthorized access. Operational inefficiencies generate potential delays and errors in release processes due to manual interventions. The lack of system visibility and monitoring can make troubleshooting and maintenance challenging, as the teams may not have a complete understanding of the system design. Risks associated with performance bottlenecks can also affect the system, as it may experience degradation under high load.

The healthcare customer we’ve been working with faced similar challenges: they had a lack of visibility through documentation of their AWS workload, which impacted the implementation of their product releases and security monitoring. This prevented the teams from understanding the state of the system’s reliability, security, and performance. As a customer in the healthcare industry, they need to protect sensitive patient data and comply with regulatory standards, which is why it is important for them to thoroughly understand their security posture and implement robust security measures. They also wanted to increase operational efficiency by introducing automation and optimizing deployment and monitoring processes. All of these meant that a strategic approach to implementing improvements was crucial toward continuous maintenance of the system and informed decision-making.

The solution

Incorporating the pillars of the WA Framework into your application will help you produce stable and efficient systems. Additionally, the time to value for feature delivery should be aligned to operational needs for running the systems that power that feature so it continues to deliver business value through the life of the product. Prioritizing implementation of best practices and remediation of risks should depend on the strategic direction of your organization.

The popularity of our healthcare customer’s application was growing and becoming a key revenue driver within the organization. As a result, they defined their long-term strategy to enhance the system’s reliability to cope with high volumes of traffic without downtime. Together with their AWS Solutions Architect, the customer performed a WAFR for their workload, following which they implemented quick wins recommended in the workload report generated within the WA Tool. The comprehensive review gave them full visibility of the application, identifying areas for improvement categorized into High and Medium risks (HRIs and MRIs). This highlighted opportunities for automation that could replace manual, error-prone processes to handle infrastructure provisioning and system monitoring, ensuring consistency and repeatability, which are crucial for maintaining a stable production environment. The insights gained from the tool enabled the team to plan their backlog and prioritize work effectively. Following the review process, the customer introduced robust change processes that improved their ability to implement releases successfully. They detected and addressed risks that had previously been overlooked.

Figure 2. Sample WAFR improvement plan provided by the WA Tool

Having seen direct business benefits of prioritizing operational improvements (non-functional requirements) alongside product feature requests (functional requirements), the teams have embarked on the next iteration of improvements. They are enhancing their Continuous Integration / Continuous Deployment (CI/CD) pipelines to automate code roll-outs to ensure consistent and error-free releases. They are adopting Infrastructure as Code (IaC) services like AWS CloudFormation to manage infrastructure and provide consistent and repeatable environment setup. They are enhancing their monitoring and logging capabilities to detect and resolve issues promptly. Regular security audits will be conducted to identify and mitigate vulnerabilities, maintaining a high security posture. Providing thorough training and documentation for the team will allow everyone to have a deep understanding of the system architecture and processes, which is crucial for effective management and operations.

Utilizing native capabilities of AWS Well-Architected Tool

The WA Tool played a pivotal role in the transformation of our healthcare customer’s workload and their change management culture. It provided a way to compare their architecture against best practices across six pillars of the WA Framework and was instrumental in accelerating their decision-making process. Features such as the detailed question sets and risk identification capabilities allowed them to quickly identify high-risk areas that needed immediate attention. This structured approach enabled the customer to prioritize actions that had the most significant impact on the system’s overall health and performance.

In addition to accelerating decision-making, the WA Tool provided other benefits:

  • Enhanced Visibility. A comprehensive view of the architecture allowed the teams to see potential bottlenecks and better understand how different components interacted.
  • Improvement Plans. The tool offered tailored improvement plans based on the identified risks, helping them systematically address issues and track progress over time.
  • Resource Allocation. By clearly highlighting areas that required attention, the tool helped them allocate resources more effectively, ensuring that their efforts were focused on the most impactful improvements.
  • Knowledge Sharing. The review process fostered a culture of knowledge sharing and collaboration among team members, as everyone brought their insights and expertise to the table.

WA Tool Lenses: Healthcare Industry and Serverless Applications

Lenses provide a way for you to consistently measure your architectures against up-to-date technology and industry-focused best practices. A workload can have one or more lenses applied, each with its own set of questions and improvement plan. These lenses are available to all users and do not require any additional installation to use.

Having seen benefits from Well-Architected recommendations, our healthcare customer then embarked on these lenses. They utilized the Healthcare Industry Lens to ensure their application met industry standards for security, data privacy, and operational efficiency. It helped them identify gaps in their compliance posture, such as inadequate data encryption and insufficient access controls. They promptly addressed these gaps by implementing advanced encryption mechanisms and strengthening their access management policies. They also used the Serverless Applications Lens, which helped evaluate the serverless components of their architecture, focusing on performance optimization, cost management, and scalability. The lens helped them identify inefficiencies, such as excessive function execution times and unoptimized resource utilization. They refined their function code, optimizing resource allocation, and implemented automated scaling policies. These improvements led to significant cost savings and enhanced the performance and reliability of their serverless applications.

Example screenshot of multiple lenses applied to a workload for a comprehensive WA Framework Review: default WA Framework lens, Healthcare industry lens, and serverless lens, - each with multiple questions answered during the review process and a number of high and medium risks captured in the WA Tool.

Figure 3. Example of multiple lenses applied to a workload for a comprehensive WA Framework Review

Achieving operational excellence through people and culture

The WAFR process can be instrumental in transforming your approach to implementing and managing workloads on AWS.

Three phases of the WA Framework Review process: Prepare, Review, and Improve. Prepare phase highlights the importance of identifying sponsors and scoping the workloads. Review phase focuses on the actual review process and report creation. Improve phase consists of HRI prioritization and creation of a remediation plan.

Figure 4. Three phases of the WA Framework Review process: Prepare, Review, and Improve

Our healthcare customer’s workload comprises of critical components that contain patient information and are integral to their business. They performed a WAFR with key representatives across the cloud, engineering, and service teams who all had a deep understanding of their respective systems. The review process drove collaboration and fostered stronger relationships between these teams, which allowed them to gain diverse insights and perspectives, ultimately enhancing their understanding and management of the workload. The WAFR process was supported by the customer’s AWS Solutions Architect who guided them throughout the review phases. This combined effort of people and technology not only strengthened the customer’s operational framework but also ensured that their teams are well-positioned to consistently deliver reliable, secure, and efficient solutions.

Alongside the benefits of the WAFR process, our customer’s teams took away several key learning from the challenges they had to face and resolve in the process:

  • Team members were initially resistant to the review process, fearing it would expose weaknesses in their work. They overcame this by emphasizing the collaborative nature of the reviews and framing them as improvement opportunities.
  • The team members expected that the complexity of the existing architecture would make the review process overwhelming. However, the WA Tool’s structured approach and the support from the AWS Solutions Architect helped them navigate this complexity effectively.
  • Balancing the review process with ongoing development work was challenging. They addressed this by integrating the review activities into regular workflows and breaking the process into manageable phases.

To overcome these challenges, the customer took strategic steps to ensure they successfully achieve their goals:

  • Conducted training sessions to familiarize the teams with the WA Tool and its benefits. This helped reduce resistance and uncertainty about the process.
  • Had regular interactions with AWS Solutions Architect who provided them with expert guidance and ensured the teams stayed on the right track.
  • Adopted a continuous improvement mindset, treating the WAFR as an ongoing mechanism rather than a one-time exercise. This allowed them to make a steady progress and adapt to evolving business needs.

Conclusion

AWS Well-Architected is more than just a set of best practices and a tool that can aid you in finding opportunities to improve the design of your applications. It’s a mechanism that helps you improve governance and drive better outcomes for your organization on a continuous basis. The WAFR process provides a consistent approach to evaluating your architectures, allowing you to measure your workloads against industry best practices, while streamlining change processes, enhancing security, and implementing improvements across critical areas of your application. By performing regular WAFRs for your workloads, you create a culture of continuous improvement and accountability, while capturing and remediating any critical issues in your workloads proactively.

Call to action and additional resources

To learn more about how you can perform a successful WA Framework Review, check the below series of blog posts:

How to perform a Well-Architected Framework Review – Part 1

How to perform a Well-Architected Framework Review – Part 2

How to perform a Well-Architected Framework Review – Part 3

If you prefer hands-on examples and exercises, check out some of our Well-Architected labs and workshops that you can follow to learn more about implementing best practices and using the WA Tool:

AWS WA Labs

AWS WA Tool Workshop

How to run a WAFR

To expand further on streamlining change processes in organization, and adopting a continuous improvement mindset, take a look at our latest whitepaper: Change Enablement in the Cloud.

About the authors:

Nataliya Godunok

Nataliya is a Cloud Optimization Success Solutions Architect at AWS. She’s supporting customers with their cloud initiatives, providing strategic technology, people, and process guidance to improve architectural health of their workloads. Nataliya is passionate about cost optimization and regularly runs enablement sessions for customers and partners to help them achieve operational excellence in the most cost-efficient way!

Dr. Charlie Coleman

Charlie is a Solutions Architect in the Greenfield team at Amazon Web Services (AWS). She supports customers in the start of their cloud journey on AWS, helping them to broaden their experience and cloud skills and facilitate the onboarding of those first workloads to AWS. Charlie is passionate about sustainability on AWS and helping customers to reduce their carbon emissions.