XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX  SDALSDMROCS

WELL ARCHITECTURED FRAMEWORK - DESIGN PRINCIPALS

 

            SCALABILITY

·       Horizontal - adding more machines into your pool of resources

·       Vertical - increase in the specification of resources.

            DISPOSABLE SERVICES INSTEAD OF FIXED SERVERS

·       Instantiate compute resources

·       Infrastructure as code

            AUTOMATION

·       Serveries management and deployment

·       Infrastructure management and deployment

·       Alarms and Events

            LOOSE COUPLING

·       Well defined Interfaces

·       Service Discovery

·       Asynchronous integration

·       Distributed systems best practises

            SERVICES NOT SERVERS

·       Managed services

·       Serverless architectures

            DATABASES

·       Relational

·       NoSQL

·       Data Warehouse

·       Graph Databases - uses graph structures for queries

            Search is often confused with query

            MANAGING INCREASING VOLUMES OF DATA

·       Data Lake

            REMOVING SINGLE POINTS OF FAILURE

·       Redundancy

o   Standby - failover process

o   Active - distributed to multiple redundant resources

·       Detect failure - use health checks and collects logs

·       Durable Data storage

o   Synchronous replication -

o   Asynchronous replication - replication lag

o   Quorum-based replication -

·       Automated multi data centre resilience

·       Fault isolation and  traditional horizontal scaling

            OPTIMIZE FOR COST

·       Right Sizing

·       Elasticity

·       Take variety of Purchasing options

            CACHING

·       Application Data Caching - store information from fast in-memory caches.

·       Edge caching - serve content by infrastructure that is closer to consumers, which lowers latency and gives high, sustained data transfer rates necessary to deliver large popular objects to end users at scale.    

            SECURITY

·       Use features for defence in depth - secure multiple levels of infrastructure from network down to application and database.

·       Shared security - AWS handles security OF the cloud and Customers handle security IN the cloud

·       Reduce Privileged access - Implement Principal of least Privilege controls

·       Security as code - firewall rules, network access controls, internal/external subnets and operating system hardening can be captured in a template that defines a Golden environment

·       Real Time Auditing - Implement continuous monitoring and automation controls on AWS to minimize exposure to security risks