Operations Management

Architecture Review - Systematically Evaluate Workloads with the AWS Well-Architected Tool

Learn about architecture reviews using the AWS Well-Architected Tool. Covers evaluation based on the six pillars, improvement planning, and custom lens usage.

約 4 分で読めます

The Well-Architected Framework and Review Tool

The AWS Well-Architected Framework systematizes cloud architecture best practices into six pillars: Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability. The Well-Architected Tool is a managed tool that evaluates workloads based on this framework, identifying architecture improvements through a question-based review. Multiple questions are provided for each pillar, and based on your answers, High Risk Issues (HRI) and Medium Risk Issues (MRI) are automatically identified.

Workload Evaluation and Improvement Planning

Using the Well-Architected Tool starts with defining a workload. You specify the workload name, description, target AWS accounts, regions, and select the lenses to apply (AWS Well-Architected Framework lens, Serverless lens, SaaS lens, etc.). As you answer questions for each pillar, your compliance with best practices is displayed on a dashboard. The Improvement Plan shows a prioritized list of HRIs and MRIs, with specific improvement recommendations and links to reference documentation for each item. The milestone feature lets you save snapshots of evaluation results and compare progress after implementing improvements. The recommended operational pattern is to conduct reviews quarterly and track improvement trends using milestones.

Custom Lenses and Organizations Integration

Custom lenses let you define your organization's unique best practices and industry-specific requirements as evaluation criteria. You define a lens in JSON format with custom pillars, questions, best practices, and improvement plans. For example, you can create custom lenses to evaluate compliance with financial industry regulations, internal security policies, or adherence to specific architecture patterns. Organizations integration allows you to share custom lenses across all accounts in your organization, conducting reviews with unified evaluation criteria. The Well-Architected Tool is completely free to use, with no limits on the number of workloads or reviews. While Trusted Advisor performs automatic resource-level checks (S3 public access settings, unused EC2 instances, etc.), the Well-Architected Tool provides interactive architecture-level reviews (Is the DR strategy appropriate? Is the monitoring setup sufficient?), serving a complementary role. For more detailed coverage of cloud architecture, you can also check out related books on Amazon.

Well-Architected Tool Pricing

The Well-Architected Tool is completely free to use. There are no limits on the number of workloads created, reviews conducted, or custom lenses created. Sharing custom lenses across the organization via Organizations integration also incurs no additional charges. While Trusted Advisor provides automatic resource-level checks, the Well-Architected Tool offers interactive architecture-level reviews, serving as a complementary tool. It is recommended to establish a habit of quarterly reviews and use the tool for continuous architecture improvement.

Summary - Guidelines for Using the Well-Architected Tool

The AWS Well-Architected Tool systematically evaluates workload architecture across six pillars. Its key strengths are question-based reviews, automatic HRI/MRI identification, improvement plan creation, and custom lenses for organization-specific evaluation. It is free to use, and quarterly reviews of production workloads are recommended. It can also be used for pre-launch reviews of new workloads.

Related Services

AWS Well-Architected ToolA tool for reviewing workload architecture based on the AWS Well-Architected FrameworkAWS Trusted AdvisorA service that checks your AWS environment for cost optimization, performance, security, and resilience improvementsAWS ConfigA service that records and evaluates AWS resource configuration changes and continuously monitors compliance

Related Articles

Optimizing Your AWS Environment - Best Practice Checks with Trusted AdvisorLearn how to use AWS Trusted Advisor for automated environment diagnostics. This article covers the check items and usage across five categories: cost optimization, security, fault tolerance, performance, and service limits.Resilience Assessment - Quantifying Application Fault Tolerance with AWS Resilience HubLearn how to assess application fault tolerance with AWS Resilience Hub, including defining RTO/RPO targets, configuring resilience policies, running automated assessments, and leveraging improvement recommendations.Retrieving Compliance Reports with AWS Artifact - Audit Response and Agreement ManagementLearn how to retrieve SOC, PCI DSS, and ISO audit reports on demand and apply BAA and GDPR DPA agreements across your entire AWS Organizations structure.

More on This Topic

How AWS Keeps Time Internally - Amazon Time Sync Service and Leap Second Smearing DesignLearn how Amazon Time Sync Service works, how GPS and atomic clocks provide high-precision time sources, the design decision to absorb leap seconds through smearing, and why time synchronization matters in distributed systems.Centralizing SaaS Audit Logs with AWS AppFabric - OCSF Standardization and Security Lake IntegrationLearn how AppFabric collects audit logs from SaaS applications, standardizes them to OCSF format, and builds analysis pipelines.Implementing Feature Flags with AWS AppConfig - Safe Configuration Deployment and RollbackRoll out configuration changes independently from code deployments using Linear and Exponential strategies. Ensure safety with automatic rollback triggered by CloudWatch alarms.Audit Log Design and Operations - Complete API Activity Recording with CloudTrailLearn how to design audit logs using AWS CloudTrail, including recording API activity, long-term storage in S3, and compliance automation through integration with AWS Config.Lessons from AWS Incident Reports (COE) - How Past Major Outages Shaped Design PrinciplesAnalyze the root causes of past major incidents including the S3 outage, us-east-1 DNS failure, and Kinesis outage from AWS's published Correction of Errors (COE) and incident reports, and explain how they changed AWS's design principles.Tag Design Determines Operations - Trivia and Practical Naming Conventions for AWS Resource Tagging StrategyWe explain why AWS resource tags are not just labels but the foundation for cost allocation, access control, and automation, covering tag key naming conventions, how to use the 50-tag limit, and governance through tag policies.Why AWS Service Quotas Exist - Multi-Tenant Design That Protects Shared InfrastructureExplain how AWS service quotas (formerly service limits) are not mere restrictions but a design to protect other customers in a multi-tenant environment, covering the noisy neighbor problem, soft vs hard limits, and what happens behind quota increase requests.Centralized Backup Management with AWS Backup - Backup Plans and Cross-Region ProtectionManage backups for EC2, RDS, DynamoDB, and more under a unified policy. Covers Vault Lock WORM protection and automated restore testing.

Similar Articles and Services

Reviewing Workloads with the AWS Well-Architected Tool - Architecture Improvement Based on Six PillarsQuantify risks through architecture reviews based on six pillars, add organization-specific best practices with custom lenses, and track improvement progress with milestones.Maturity of the AWS Well-Architected Framework - Six Pillars Guiding Best-in-Class Cloud DesignA detailed look at the six pillars of the AWS Well-Architected Framework, comparing its maturity with the Azure Well-Architected Framework and GCP Architecture Framework.Most Common Well-Architected Review Findings - 5 Design Mistakes Engineers OverlookCovers the most frequently flagged design issues in AWS Well-Architected Reviews, focusing on five areas: single-AZ deployment, missing backups, underutilized logging, neglected cost optimization, and overly permissive security groups.Optimizing Your AWS Environment - Best Practice Checks with Trusted AdvisorLearn how to use AWS Trusted Advisor for automated environment diagnostics. This article covers the check items and usage across five categories: cost optimization, security, fault tolerance, performance, and service limits.