Well-Architected Framework
The six pillars of architectural excellence — Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability
What is the AWS Well-Architected Framework?
The AWS Well-Architected Framework is a guide designed to help you build the most secure, high-performing, resilient, and efficient infrastructure possible for your cloud applications and workloads. AWS developed it after reviewing thousands of customer architectures. It provides a consistent approach for evaluating architectures and implementing designs that scale over time.
The Six Pillars
The framework is organized into six pillars. The first five have existed since 2015; the sixth (Sustainability) was added in 2021 to help organizations minimize the environmental impacts of running cloud workloads.
Pillar 1: Operational Excellence
Focus: Run and monitor systems to deliver business value, and continually improve supporting processes and procedures.
Five Design Principles
| Principle | Meaning |
|---|---|
| Perform operations as code | Define entire workloads and operations procedures as code. Limit human error, enable consistent responses. |
| Make frequent, small, reversible changes | Update components regularly in small increments that can be reversed if they fail. |
| Refine operations procedures frequently | Evolve procedures as workloads evolve. Run regular game days to validate. |
| Anticipate failure | Identify potential sources of failure, test failure scenarios, validate response procedures. |
| Learn from all operational failures | Drive improvement through lessons learned and share across teams and the organization. |
Pillar 2: Security
Focus: Protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies.
Seven Design Principles
- Implement a strong identity foundation — least privilege, separation of duties, centralize privilege management, reduce long-term credentials.
- Enable traceability — monitor, alert, audit actions and changes in real time.
- Apply security at all layers — defense in depth for edge, VPC, subnet, load balancer, instance, OS, and application.
- Automate security best practices — secure architectures managed as code in version-controlled templates.
- Protect data in transit and at rest — encryption, tokenization, access control based on data classification.
- Keep people away from data — reduce or eliminate direct access/manual processing of sensitive data.
- Prepare for security events — incident management process, simulations, automation for detection/investigation/recovery.
Pillar 3: Reliability
Focus: Ensure a workload performs its intended function correctly and consistently. A resilient workload quickly recovers from failures.
Five Design Principles
| Principle | Meaning |
|---|---|
| Automatically recover from failure | Monitor KPIs, trigger automated recovery when thresholds are breached. |
| Test recovery procedures | Simulate failures and validate recovery. Expose failure pathways before real incidents. |
| Scale horizontally to increase aggregate availability | Replace one large resource with multiple smaller ones to reduce single-point-of-failure impact. |
| Stop guessing capacity | Monitor demand and automate addition/removal of resources for optimal capacity. |
| Manage change in automation | Use automation to make and manage infrastructure changes. |
Pillar 4: Performance Efficiency
Focus: Use IT and computing resources efficiently to meet system requirements and maintain efficiency as demand changes and technologies evolve.
Five Design Principles
- Democratize advanced technologies — consume as a service (NoSQL, media transcoding, ML) instead of building expertise.
- Go global in minutes — deploy in multiple Regions for lower latency at minimal cost.
- Use serverless architectures — remove operational burden; lower transactional costs at cloud scale.
- Experiment more often — comparative testing of different instance types, storage, and configurations.
- Consider mechanical sympathy — use the technology approach that best aligns to your goals (e.g., data access patterns → database choice).
Pillar 5: Cost Optimization
Focus: Avoid unnecessary costs. Understand and control where money is spent.
Five Design Principles
- Implement Cloud Financial Management — build capability through knowledge, programs, resources, and processes.
- Adopt a consumption model — pay only for what you require; increase/decrease usage based on business requirements, not forecasts.
- Measure overall efficiency — measure business output vs. cost. Know the gains from increasing output and reducing costs.
- Stop spending on undifferentiated heavy lifting — AWS handles racking, stacking, powering servers; you focus on customers.
- Analyze and attribute expenditure — accurately identify system usage/costs, attribute IT costs to workload owners, measure ROI.
Pillar 6: Sustainability
Added in 2021. Helps organizations learn how to minimize the environmental impacts of running cloud workloads. Considers energy consumption, efficiency improvements, and sustainable practices across the workload lifecycle.
AWS Well-Architected Tool
Available in the AWS Management Console. Define your workload, answer questions across the pillars, and receive an action plan with step-by-step guidance. Uses a consistent process to review and measure cloud architectures. Results help identify improvement areas, drive architectural decisions, and bring architecture considerations into corporate governance.
Well-Architected Framework Quiz
Select one answer per question. You will receive immediate feedback.