Get Started. It's Free
or sign up with your email address
Rocket clouds
awaf by Mind Map: awaf

1. P2: Security

1.1. Design Principles

1.1.1. Implement a strong identity foundation

1.1.2. Enable traceability

1.1.3. Apply security at all layers

1.1.4. Automate security best practices

1.1.5. Protect data in transit and at rest

1.1.6. Prepare for security events

1.2. Best Practice

1.2.1. Identity and Access Management SEC-1: How are you protecting access to and use of the AWS account root user credentials? SEC-2: How are you defining roles and responsibilities of system users to control human access to the AWS Management Console API? SEC-3: How are you limiting automated access to AWS resources (for example applications scripts, and/or third-party tools or services)? Services IAM MFA

1.2.2. Detective Controls SEC-4: How are you capturing and analyzing logs? Services CloudTrail Config CloudWatch

1.2.3. Infrastructure Protection SEC-5: How are you enforcing network and host-level boundary protection? SEC-6: How are you leveraging AWS service-level security features? SEC-7: How are you protecting the integrity of the operating system? Service VPC

1.2.4. Data Protection SEC-8: How are you classifying your data? SEC-9: How are you encrypting and protecting your data at rest? SEC-11: How are you encrypting and protecting your data in transit? Services Encrypt RDS, S3, EBS Macie KMS

1.2.5. Incident Response SEC-12: How do you ensure that you have the appropriate incident response? Services IAM CloudFormation

1.3. Resources

1.3.1. Documentation

1.3.2. Whitepapers

1.3.3. Videos

2. P1: Operational Excellence

2.1. Design Principles

2.1.1. Perform operations as code

2.1.2. Annotate documentation

2.1.3. Make frequent, smal, reversible changes

2.1.4. Refine operations procedures frequently

2.1.5. Anticipate failure

2.1.6. Learn from all operational failures

2.2. Best Practices

2.2.1. Prepare OPS-1: What factors drive your operational priorities? OPS-2: How do you design your workload to enable operability? OPS-3: How do you know that you are ready to support a workload? Services Config Config Rules

2.2.2. Operate OPS-4: What factors drive your understanding of operational health? OPS-5: How do you manage operational events? Services CloudWatch CloudTrail

2.2.3. Evolve OPS-6: How do you evolve operations? Services Elastic Search

2.3. Resources

2.3.1. Documentation

2.3.2. Whitepaper

2.3.3. Video

3. P3: Reliability

3.1. Design Principles

3.1.1. Test recovery procedures

3.1.2. Automatically recover from failure

3.1.3. Scale horizontally to increase aggregate system availability

3.1.4. Stop guessing capacity

3.1.5. Manage change in automation

3.2. Best Practice

3.2.1. Foundations REL-1: How are you managing AWS service limits for your accounts? REL-2: How are you planning your network topology on AWS? Services IAM VPC Trusted Advisor Shield

3.2.2. Change Management REL-3: How does your system adapt to changes in demand? REL-4: How are you monitoring AWS resources? REL-5: How are you executing change? Services CloudTrail Config Auto Scaling CloudWatch

3.2.3. Failure Management REL-6: How are you backing up your data? REL-7: How does your system withstand component failures? REL-8: How are you testing your resiliency? REL-9: How are you planning for disaster recovery? Services CloudFormation S3 Glacier KMS

3.3. Resources

3.3.1. Documentation

3.3.2. Whitepapers

3.3.3. Videos

3.3.4. Report

3.3.5. AWS Support

4. P4: Performance Efficiency

4.1. Design Principle

4.1.1. Democratize advanced technologies

4.1.2. Go global in minutes

4.1.3. Use serverless architectures

4.1.4. Experiment more often

4.1.5. Mechanical sympathy

4.2. Best Practices

4.2.1. Selection PERF-1: How do you select the best performance architecture? Compute PERF-2: How did you select your compute solution? Instances Containers Functions Services Storage PERF-3: How do you select your storage solution? Services Database PERF-4: How do you select your Storage solution? Services Network PERF-5: How do you select your network solution? Services

4.2.2. Review PERF-6: How do you ensure that you continue to have the most appropriate resource type as new ressource types and features are introduced? Services AWS BLog AWS Website re:invent & summits twitter

4.2.3. Monitoring PERF-7: How do you monitoring your resources post-launch to ensure they are performing as expected? Services Cloudwatch Lambda Cloudtrail

4.2.4. Tradeoffs PERF-8: How do you use tradeoffs to improve performance? Services Elastic Cache CloudFront Snowball RDS Read replicas

4.3. Ressources

4.3.1. Documentation

4.3.2. Whitepaper

4.3.3. Videos

5. P5: Cost Optimization

5.1. Design Principle

5.1.1. Adopt a consumption model

5.1.2. Measure overall efficiency

5.1.3. Stop spending money on data center operations

5.1.4. Analyse and attribute expenditure

5.1.5. Use management services to reduce cost of ownership

5.2. Best Practices

5.2.1. Cost-Effective resources COST-1: Are you considering cost when you select AWS services for your solutions? COST-2: Have you sized your resources to meet your cost targets? COST-3: Have you selected the appropriate pricing model to meet your cost targets? Services Cost Explorer

5.2.2. Matching Supply and Demand COST-4: How do you make sure your capacity matches but does not substantially exceed what you need? Services Auto Scaling

5.2.3. Expenditure Awarness COST-5: Do you consider data-transfer charges when designing your architecture? COST-6: How are you monitoring usage and spending? COST-7: Do your decommission resources that you no longer need or stop resources that are temporarily not needed? COST-8: What access controls and procedures do you have in place to govern AWS usage? Services CloudWatch SNS

5.2.4. Optimizing Over Time COST-9: How do you manage and/or consider the adoption of new services? Services AWS Blog AWS Website Trusted Advisor re:invent / Summits Twitter

5.3. Resources

5.3.1. Documentation

5.3.2. Whitepaper

5.3.3. Video

5.3.4. Tools AWS TCO Calculators AWS Simple Monthly Caclulator