This is the set of questions presented on The Well-Architected Framework whitepaper designed to evaluate how well your architecture is aligned with AWS best practices.
- How are you encrypting and protecting your data at rest?
- How are you encrypting and protecting your data in transit?
- How are you protecting access to and use of the AWS root account credentials?
- How are you defining roles and responsibilities of system users to control human access to the AWS Management Console and APIs?
- How are you limiting automated access (such as from applications, scripts, or third-party tools or services) to AWS resources?
- How are you managing keys and credentials?
- How are you enforcing network and host level boundary protection?
- How are you enforcing AWS service level protection?
- How are you protecting the integrity of the operating systems on your Amazon EC2 instances?
- How are you capturing and analysing AWS logs?
- How are you managing AWS limits for your account?
- How are you planning your network topology on AWS?
- Do you have an escalation path to deal with technical issues?
- How does your system adapt to changes in demand?
- How are you monitoring AWS resources?How are you executing change management?
- How are you backing up your data?
- How does your system withstand component failures?
- How are you planning for recovery?
- How do you select the appropriate instance type for your system?
- How do you ensure that you continue to have the most appropriate instance type as new instances types and features are introduced?
- How do you monitor your instances post launch to ensure they are performing as expected?
- How do you ensure that the quantity of your instances matches demand?
- How do you select the appropriate storage solution for your system?
- How do you ensure that you continue to have the most appropriate storage solution as new storage solutions and features are launched?
- How do you monitor your storage solution to ensure it is performing as expected?
- How do you ensure that the capacity and throughput of your storage solutions matches demand?
- How do you select the appropriate database solution for your system?
- How do you ensure that you continue to have the most appropriate database solution and features as new database solutions are launched?
- How do you monitor your databases to ensure performance is as expected?
- How do you ensure the capacity and throughput of your databases matches demand?
- How do you select the appropriate proximity and caching solutions for your system?
- How do you ensure that you continue to have the most appropriate proximity and caching solutions as new solutions are launched?
- How do you monitor your proximity and caching solutions to ensure performance is as expected?
- How do you ensure that proximity and caching solutions you have matches demand?
- How do you make sure your capacity matches but does not substantially exceed what you need?
- How are you optimising your usage of AWS service?
- Have you selected the appropriate resource types to meet your cost targets?
- Have you selected the appropriate pricing model to meet your cost targets?
- Are there managed services (higher level services than EC2, EBS and S3) that you can use to improve your ROI?
- What access controls and procedures do you have in place to govern AWS costs?
- How are you monitoring usage and spending?
- How do you decommission resources that you no longer need, or stop resources that are temporarily not needed?
- How do you consider data-transfer charges when designing your architecture?
- How do you manage and/or consider the adoption of new services?
- What best practices for cloud operations are you using?
- How are you doing configuration management for your workload?
- How are you evolving your workload while minimising the impact of changes?
- How do you monitor your workload to ensure it is operating as expected?
- How do you respond to unplanned operational events?
- How is escalation managed when responding to unplanned operational events?
This is not the most recent version. It is just a copy from 20/01/2018. (whitepaper)