The AWS Well-Architected Framework consists of a set of questions you can use to evaluate how well an architecture is aligned to AWS best practices. I found the 56-paged white-paper [^PDF] thought-provoking. The same questions could be applied to Azure as well. For my reference, I plan to adapt the answers that are written for AWS in the white-paper & jot down notes making them Azure specific
The AWS Well-Architected Framework is based on four pillars—security, reliability, performance efficiency, and cost optimization. The white-paper raises 45 questions across those four categories. As a first step towards compiling Azure specific answers for the questions to ask while building cloud solutions, I've replaced the AWS references in the questions with Azure equivalent keywords (work in progress) -
SEC 1. How are you encrypting and protecting your data at rest?
SEC 2. How are you encrypting and protecting your data in transit?
SEC 3. How are you protecting access to and use of the Azure root account credentials?
SEC 4. How are you defining roles and responsibilities of system users to control human access to the Azure Portal and APIs?
SEC 5. How are you limiting automated access (such as from applications, scripts, or third-party tools or services) to Azure resources?
SEC 6. How are you managing keys and credentials?
SEC 7. How are you enforcing network and host-level boundary protection?
SEC 8. How are you enforcing Azure service level protection?
SEC 9. How are you protecting the integrity of the operating systems on your Azure VM instances?
SEC 10.How are you capturing and analyzing Azure logs?
REL 1. How are you managing Azure service limits for your account?
REL 2. How are you planning your network topology on Azure?
REL 3. Do you have an escalation path to deal with technical issues?
REL 4. How does your system adapt to changes in demand?
REL 5. How are you monitoring Azure resources?
REL 6. How are you executing change management?
REL 7. How are you backing up your data?
REL 8. How does your system withstand component failures?
REL 9. How are you planning for recovery?
PERF 1. How do you select the appropriate instance type for your system?
PERF 2. How do you ensure that you continue to have the most appropriate instance type as new instance types and features are introduced?
PERF 3. How do you monitor your instances post launch to ensure they are performing as expected?
PERF 4. How do you ensure that the quantity of your instances matches demand?
PERF 5. How do you select the appropriate storage solution for your system?
PERF 6. How do you ensure that you continue to have the most appropriate storage solution as new storage solutions and features are launched?
PERF 7. How do you monitor your storage solution to ensure it is performing as expected?
PERF 8. How do you ensure that the capacity and throughput of your storage solutions matches demand?
PERF 9. How do you select the appropriate database solution for your system?
PERF 10. How do you ensure that you continue to have the most appropriate database solution and features as new database solution and features are launched?
PERF 11. How do you monitor your databases to ensure performance is as expected?
PERF 12. How do you ensure the capacity and throughput of your databases matches demand?
PERF 13. How do you select the appropriate proximity and caching solutions for your system?
PERF 14. How do you ensure that you continue to have the most appropriate proximity and caching solutions as new solutions are launched?
PERF 15. How do you monitor your proximity and caching solutions to ensure performance is as expected?
PERF 16. How do you ensure that the proximity and caching solutions you have matches demand?
COST 1. How do you make sure your capacity matches but does not substantially exceed what you need?
COST 2. How are you optimizing your usage of Azure services?
COST 3. Have you selected the appropriate resource types to meet your cost targets?
COST 4. Have you selected the appropriate pricing model to meet your cost targets?
COST 5. Are there Azure managed services/PaaS that you can use to improve your ROI?
COST 6. What access controls and procedures do you have in place to govern Azure service costs?
COST 7. How are you monitoring usage and spending?
COST 8. How do you decommission resources that you no longer need, or stop resources that are temporarily not needed?
COST 9. How do you consider data-transfer charges when designing your architecture?
COST 10. How do you manage and/or consider the adoption of new services?
No comments:
Post a Comment