Operations Management

Reviewing Workloads with the AWS Well-Architected Tool - Architecture Improvement Based on Six Pillars

Quantify risks through architecture reviews based on six pillars, add organization-specific best practices with custom lenses, and track improvement progress with milestones.

約 3 分で読めます

Well-Architected Framework Overview

The Well-Architected Tool is a service for reviewing workload architecture based on AWS best practices. You answer questions for each of the six pillars (Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability) to assess risks. Review results are classified as High Risk Issues (HRI) and Medium Risk Issues (MRI), making improvement priorities clear.

Review and Improvement Planning

After creating a workload and answering questions for each pillar, a risk report is generated. For example, the Security pillar evaluates IAM best practices, data protection, and incident response readiness. In the improvement plan, you set milestones and manage items to address before the next review. Regular reviews (such as quarterly) enable continuous architecture improvement.

Custom Lenses and Milestones

Custom lenses let you define organization-specific best practices as questions and incorporate them into Well-Architected Tool reviews. You can codify security policies, compliance requirements, and internal standards as lenses, enabling consistent reviews across all teams. Milestones save snapshots at each review point, allowing you to track improvement progress over time. The improvement plan defines action items for each risk, with assigned owners and deadlines for progress management. AWS-provided specialized lenses (Serverless, SaaS, Machine Learning) enable reviews tailored to specific workload types. To deepen your understanding of architecture reviews, specialized books on Amazon can be a helpful resource.

Well-Architected Tool Pricing and Usage

The Well-Architected Tool itself incurs no additional charges. Creating reviews, answering questions, and managing improvement plans are all free. Integration with Organizations enables centralized management of workload reviews across all accounts, providing visibility into organization-wide risk posture. Establish a habit of quarterly reviews and update risk assessments as architecture changes and service updates occur. Supplement with external reviews from Well-Architected Partners to detect risks that internal teams may overlook.

Summary

The Well-Architected Tool systematizes architecture reviews based on AWS best practices. It evaluates risks across six pillars (Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability), adds organization-specific best practices with custom lenses, tracks improvement progress over time with milestones, and manages action item owners and deadlines through improvement plans.

Related Services

AWS Well-Architected ToolA tool for reviewing workload architecture based on the AWS Well-Architected FrameworkAWS Trusted AdvisorA service that checks your AWS environment for cost optimization, performance, security, and resilience improvements

Related Articles

Automated Best Practice Checks with AWS Trusted Advisor - Cost Reduction and Security ImprovementAutomatically check account health across five categories: cost optimization, performance, security, fault tolerance, and service limits. Learn about Priority for organization-wide best practice management and API integration.Architecture Review - Systematically Evaluate Workloads with the AWS Well-Architected ToolLearn about architecture reviews using the AWS Well-Architected Tool. Covers evaluation based on the six pillars, improvement planning, and custom lens usage.Optimizing Your AWS Environment - Best Practice Checks with Trusted AdvisorLearn how to use AWS Trusted Advisor for automated environment diagnostics. This article covers the check items and usage across five categories: cost optimization, security, fault tolerance, performance, and service limits.

More on This Topic

How AWS Keeps Time Internally - Amazon Time Sync Service and Leap Second Smearing DesignLearn how Amazon Time Sync Service works, how GPS and atomic clocks provide high-precision time sources, the design decision to absorb leap seconds through smearing, and why time synchronization matters in distributed systems.Centralizing SaaS Audit Logs with AWS AppFabric - OCSF Standardization and Security Lake IntegrationLearn how AppFabric collects audit logs from SaaS applications, standardizes them to OCSF format, and builds analysis pipelines.Implementing Feature Flags with AWS AppConfig - Safe Configuration Deployment and RollbackRoll out configuration changes independently from code deployments using Linear and Exponential strategies. Ensure safety with automatic rollback triggered by CloudWatch alarms.Architecture Review - Systematically Evaluate Workloads with the AWS Well-Architected ToolLearn about architecture reviews using the AWS Well-Architected Tool. Covers evaluation based on the six pillars, improvement planning, and custom lens usage.Audit Log Design and Operations - Complete API Activity Recording with CloudTrailLearn how to design audit logs using AWS CloudTrail, including recording API activity, long-term storage in S3, and compliance automation through integration with AWS Config.Lessons from AWS Incident Reports (COE) - How Past Major Outages Shaped Design PrinciplesAnalyze the root causes of past major incidents including the S3 outage, us-east-1 DNS failure, and Kinesis outage from AWS's published Correction of Errors (COE) and incident reports, and explain how they changed AWS's design principles.Tag Design Determines Operations - Trivia and Practical Naming Conventions for AWS Resource Tagging StrategyWe explain why AWS resource tags are not just labels but the foundation for cost allocation, access control, and automation, covering tag key naming conventions, how to use the 50-tag limit, and governance through tag policies.Why AWS Service Quotas Exist - Multi-Tenant Design That Protects Shared InfrastructureExplain how AWS service quotas (formerly service limits) are not mere restrictions but a design to protect other customers in a multi-tenant environment, covering the noisy neighbor problem, soft vs hard limits, and what happens behind quota increase requests.

Similar Articles and Services

Architecture Review - Systematically Evaluate Workloads with the AWS Well-Architected ToolLearn about architecture reviews using the AWS Well-Architected Tool. Covers evaluation based on the six pillars, improvement planning, and custom lens usage.Maturity of the AWS Well-Architected Framework - Six Pillars Guiding Best-in-Class Cloud DesignA detailed look at the six pillars of the AWS Well-Architected Framework, comparing its maturity with the Azure Well-Architected Framework and GCP Architecture Framework.Most Common Well-Architected Review Findings - 5 Design Mistakes Engineers OverlookCovers the most frequently flagged design issues in AWS Well-Architected Reviews, focusing on five areas: single-AZ deployment, missing backups, underutilized logging, neglected cost optimization, and overly permissive security groups.Security Posture Management - Building a Unified Security Monitoring Foundation with AWS Security HubLearn about unified security monitoring with AWS Security Hub and automated threat detection through GuardDuty integration. This guide covers visualizing compliance with security best practices and security governance for multi-account environments.