AWS Well-Architected design considerations
This solution uses the best practices from the AWS Well-Architected Framework
This section describes how the design principles and best practices of the Well-Architected Framework benefit this solution.
Operational excellence
This section describes how we architected this solution using the principles and best practices of the operational excellence pillar.
-
Resources defined as IaC using CloudFormation.
-
All actions and audit logging sent to Amazon CloudWatch, allowing for automated responses to be deployed.
Security
This section describes how we architected this solution using the principles and best practices of the security pillar.
-
IAM used for authentication and authorization.
-
Role permissions scoped to be as narrow as possible, though in many cases this solution requires wildcard permissions to be able to act on any resources.
-
Optional use of WAF to further secure the solution.
-
Amazon Cognito and optional ability to federate with external IDPs.
Reliability
This section describes how we architected this solution using the principles and best practices of the reliability pillar.
-
Serverless services allow the solution to provide a fault tolerant architecture.
Performance efficiency
This section describes how we architected this solution using the principles and best practices of the performance efficiency pillar.
-
Serverless services allow the solution to scale as needed.
Cost optimization
This section describes how we architected this solution using the principles and best practices of the cost optimization pillar.
-
Serverless services allow you to pay for only what you use.
Sustainability
This section describes how we architected this solution using the principles and best practices of the sustainability pillar.
-
Serverless services allow you to scale up or down as needed.
