Framework Navigator

The AWS Well-Architected Framework, made practical

Decode the six pillars with tangible examples, anti-patterns to avoid, and guided labs that help you ship secure, reliable workloads even after dark.

Explore PillarsDownload Checklist

Pillar playbooks

Actionable runbooks for Operational Excellence through Sustainability pillars.

Anti-pattern vault

Real incidents, their impact, and how we mitigated them with Well-Architected fixes.

Live readiness scorecard

Generate a pillar scorecard and track improvements across reviews.

What is the Well-Architected Framework?

The AWS Well-Architected Framework helps you understand the pros and cons of decisions you make while building systems on AWS. It provides a consistent approach for customers and partners to evaluate architectures and implement designs that can scale over time.

📋

Best Practices

Decades of AWS experience distilled into actionable guidance

🎯

Design Principles

Proven patterns for building reliable, secure, efficient systems

⚖️

Tradeoffs

Understand when to optimize for different outcomes

The six pillars of excellence

Each pillar addresses a specific aspect of cloud architecture

⚙️

Operational Excellence

Run and monitor systems to deliver business value and continually improve processes.

Common Risks

  • No automated deployments
  • Manual infrastructure changes
  • Lack of monitoring and alerting
  • No runbooks for incidents

How to Fix

  • Implement Infrastructure as Code (IaC)
  • Automate CI/CD pipelines
  • Set up CloudWatch dashboards and alarms
  • Document operational procedures

Hands-On Lab

IaC with CloudFormation

Start Lab
🔒

Security

Protect information, systems, and assets through risk assessments and mitigation strategies.

Common Risks

  • Overly permissive IAM policies
  • Unencrypted data at rest and in transit
  • No MFA on root accounts
  • Public S3 buckets with sensitive data

How to Fix

  • Apply least-privilege IAM policies
  • Enable encryption for all data stores
  • Enforce MFA and strong password policies
  • Use AWS Config and Security Hub

Hands-On Lab

Security Baseline Setup

Start Lab
🎯

Reliability

Ensure workloads perform their intended functions correctly and recover from failures.

Common Risks

  • Single points of failure
  • No backup strategy
  • Insufficient capacity planning
  • Lack of disaster recovery

How to Fix

  • Deploy across multiple Availability Zones
  • Implement automated backups
  • Use Auto Scaling and load balancing
  • Test failure scenarios regularly

Hands-On Lab

Multi-AZ High Availability

Start Lab

Performance Efficiency

Use computing resources efficiently to meet requirements and maintain efficiency as demand changes.

Common Risks

  • Oversized or undersized instances
  • No caching strategy
  • Inefficient database queries
  • Monolithic architecture bottlenecks

How to Fix

  • Right-size instances based on metrics
  • Implement CloudFront and ElastiCache
  • Optimize database indexes and queries
  • Consider serverless and microservices

Hands-On Lab

Performance Optimization

Start Lab
💰

Cost Optimization

Run systems to deliver business value at the lowest price point.

Common Risks

  • Running resources 24/7 unnecessarily
  • No budget alerts or cost tracking
  • Not using Reserved Instances or Savings Plans
  • Orphaned resources accumulating costs

How to Fix

  • Schedule start/stop for non-prod resources
  • Set up AWS Budgets with alerts
  • Analyze and purchase Reserved Instances
  • Regularly audit and clean up unused resources

Hands-On Lab

Cost Guardrails in 90min

Start Lab
🌱

Sustainability

Minimize environmental impacts of running cloud workloads.

Common Risks

  • Inefficient resource utilization
  • Running in regions with dirty energy
  • No carbon footprint awareness
  • Over-provisioned infrastructure

How to Fix

  • Use Graviton instances for better efficiency
  • Choose AWS regions with renewable energy
  • Monitor carbon footprint with Customer Carbon Footprint Tool
  • Implement auto-scaling to match demand

Hands-On Lab

Sustainable Architecture

Start Lab

Common anti-patterns to avoid

Learn from mistakes others have made

Single Account Sprawl

Problem: All resources in one AWS account with shared permissions

Impact: Security risks, blast radius, difficult cost allocation

Solution: Use AWS Organizations with multiple accounts for different environments and teams

No Infrastructure as Code

Problem: Manual resource creation through console

Impact: Configuration drift, no version control, slow disaster recovery

Solution: Adopt CloudFormation, CDK, or Terraform for all infrastructure

Missing Budget Alerts

Problem: No monitoring of AWS spending

Impact: Surprise bills, no cost accountability, waste

Solution: Set up AWS Budgets with alerts and regular cost reviews

Weak IAM Policies

Problem: Using "*" permissions or admin access everywhere

Impact: Major security vulnerability, compliance failures

Solution: Implement least-privilege policies with regular access reviews

Download the WAF Review Checklist

A practical checklist to assess your AWS architecture against all six pillars

200+ review questions across all six pillars
Scoring system to identify improvement areas
Recommended actions for each pillar
Links to relevant AWS documentation

By downloading, you agree to receive occasional emails from OneAWS. Unsubscribe anytime.

Need expert help with your architecture?

Book a professional Well-Architected Review with our certified architects

📊

Comprehensive Assessment

In-depth review of all six pillars

📋

Detailed Report

Prioritized findings and recommendations

🎯

Action Roadmap

30/60/90 day implementation plan

Book a WAF Review

Continue learning

Certification Courses

Learn WAF concepts in our structured certification paths

Browse courses

Hands-On Labs

Practice implementing Well-Architected patterns

Try labs

Enterprise Services

Get expert guidance for your organization

Learn more