Automating Best Practices with nOps and the AWS Well-Architected Framework
By Jang Whan Han, Solutions Architect – AWS
By Jun-Tin Yeh, Solutions Architect – AWS
By Satish Bora, Chief Evangelist – nOps
An AWS Well-Architected Review is the optimal way to measure your architecture against Amazon Web Services (AWS) best practices and to improve your architecture by addressing critical issues.
A Well-Architected Review provides a consistent set of best practices for building and running applications and workloads that are secure, high-performing, reliable, scalable, and cost-efficient.
nOps is an AWS Cloud Management Tools Competency Partner that provides a cloud management platform for AWS that offers instant visibility into changes in your infrastructure. It enables change management, continuous cost and resource optimization, painless compliance and security audits, workflow automation, and automation of Well-Architected Reviews.
In this post, we’ll walk you through how nOps allows customers and consulting partners to have a more accurate view of AWS service configurations in alignment with the AWS Well-Architected Framework. We’ll also explore how nOps enables more prescriptive and real-time insights to continuously improve the architecture over time.
About the Well-Architected Framework
The AWS Well-Architected Framework describes key concepts, design principles, and architectural best practices for designing and running workloads in the cloud. It is based on six pillars:
- Operational excellence
- Performance efficiency
- Cost optimization
Each pillar consists of design principles, pillar-aligned questions, and best practices that AWS has learned through reviewing thousands of customers running their workloads on AWS.
The review process helps you identify critical issues and highlight opportunities to create significant cost savings, improve business agility, and optimize your security and performance configurations.
As cloud architecture can evolve with time, customers need a mechanism that allows them to automate best practice detection to have data-driven architectural reviews.
To achieve that, AWS launched Well-Architected Tool APIs that allow customers and AWS Partners to build their own integrations with a broad range of use cases.
Let’s have a look at the benefits you’ll get by running the AWS Well-Architected Review using nOps.
To follow the steps in this post, you will need the following:
A Better Review Experience with nOps
nOps provides a cloud management and intelligence platform that is purpose-built to support AWS Well-Architected Framework best practices.
Automated Initial Setup
Initial setup works by provisioning a role within your environment, allowing nOps read-only access to the customer metadata necessary to evaluate architectural configuration within your environment.
The setup process requires no agents for installation—simply create an ID and password on the nOps portal and provide your AWS account details. This allows the provisioned AWS Lambda code to automate configuration of the required AWS Identity and Access Management (IAM) role and associated billing bucket.
Figure 1 – nOps Well-Architected Review Report.
Once initial configuration is complete, actionable insights will be available within 24 hours. nOps provides a single pane of glass view where you can continuously monitor your infrastructure for compliance with the AWS Well-Architected Framework.
Architectural risks are auto-discovered within the dashboard, which can be referenced during a Well-Architected Review session with a customer.
Integration with the AWS Well-Architected Tool and APIs
nOps allows integration with the AWS Well-Architected Tool via APIs. This allows a reviewer to conduct a Well-Architected Review through a single interface and save the results to the Well-Architected Tool.
Additionally, workloads within the nOps interface allow grouping of AWS resources based on a resource family or specific tag. This allows a reviewer to focus on a subset of resources which contribute to the user’s specific workload.
Each best practice within the nOps console has the option of attaching supporting documentation. This provides a reviewer with all of the necessary documentation to complete a data-driven review with a customer.
Figure 2 – nOps workload for Well-Architected Review.
Automated Discovery and Continuous Compliance
nOps provides hundreds of pre-configured rules which automate the detection of high-risk issues in alignment with the Well-Architected Framework.
Additionally, the platform is capable of providing near-real time feedback to users concerning the state of their workload configuration. This is particularly useful when remediating existing high-risk issues within a workload, as feedback is provided back to the user in near real-time.
Figure 3 – nOps automated discovery for high-risk items.
In addition to discovering high-risk issues, auto-discovery provides recommendations and AWS resource details that are not compliant with best practice.
This feature is particularly useful to consulting partners when building a statement of work (SOW) for their customers in terms of prioritizing the issues based on business requirements.
Figure 4 – nOps recommendations for high-risk items.
Custom Recommendation Template and Questions
The nOps templates generator allows reusable recommendations to be defined for various architectural scenarios. The recommendations can be customized in a personalized layout in the assessment state of the Well-Architected Framework Report, remediation plan, and associated proposal.
In the example below, a template has been created before the review to ensure the architecture uses strong sign-in mechanisms in multiple layers to meet the best practice. This will be automatically included in the Well-Architected Framework Report.
Figure 5 – nOps reusable recommendations.
There may be some cases where customers want to add their own questions and best practices to enhance the review process on top of what the AWS Well-Architected Framework provides.
Custom questions enable customers to add and publish questions for customized Well-Architected Reviews. These custom questions are available in a downloadable report.
Well-Architected Partner Dashboard
The nOps partner dashboard helps manage multiple customers through a single pane of glass. This view is available to manage their Well-Architected Review performance on an ongoing basis.
The aggregation of customers can help consulting partners manage multiple customers with ease and provide Well-Architected compliance all the time—continuous monitoring and continuous compliance.
Figure 6 – nOps partner dashboard’s Well-Architected Report for all customers.
Case Study: NiuPay
NiuPay is a horizontal software-as-a-service (SaaS) and business-process-as-a-service (BPaaS) solutions company with a mission to rapidly introduce affordable, cloud-native technologies into the South Pacific region.
NiuPay has been offering cloud-native tools like customer self-service, revenue collection, and business intelligence to cloudification services such as re-platforming and re-architecture in Papua New Guinea.
As an independent software vendor (ISV), NiuPay has run an AWS Well-Architected Review to ensure their applications follow AWS best practices. They actually did the review manually, and then partnered with nOps on a review to see what the difference really was.
In half a day, NiuPay estimates their Well-Architected Review improved 50-60% through the auto-discovery capabilities in nOps. Now, they have effectively deployed nOps into the entire DevSecOps stack so it handles the entire customer base in their AWS Organizations.
One of the biggest benefits of nOps is automating the review process and the fact it picks up metrics from AWS in near real-time to provide visibility into areas of improvement.
“We also use nOps across our internal environment and productized offerings to ensure our portfolio meets the highest standards of architecture,” says Jason Kurdzinski, CTO at NiuPay. “When we sign agreements with customers, we explain the audit requirements which our product goes through in which nOps plays a large part in from a security perspective.”
“As a result of the recommendations from nOps, we were able to reduce our internal architectural costs by 20% from the first month through right-sizing and cost control measures,” says James Inglis, CEO at NiuPay. “We are now operating with zero unused AWS resources as a direct result of the increased visibility of our environment which the product provided. We flew through the Well-Architected Review, exported a report directly from nOps, and were certified within half an hour.”
Apart from automation and report generation, one of the biggest advantages of nOps is that customers get the surety that workloads and infrastructure are optimized. They can see the violations and work to clear them up to make the workloads compliant.
In this post, we shared how nOps can make the AWS Well-Architected Review process a better experience for customers and consulting partners. A Well-Architected Review backed by data provided by nOps can help partners work with end customers to create improvement plans so their workloads can be optimized ongoing basis.
You can visit these resources to learn more:
- Free 30-day trial of nOps
- AWS Well-architected Tool APIs
- AWS Well-Architected Review with nOps
- AWS Well-Architected Partner Program
nOps – AWS Partner Spotlight
nOps is an AWS Cloud Management Tools Competency Partner that provides a cloud management platform for AWS that offers instant visibility into changes in your infrastructure.
*Already worked with nOps? Rate the Partner
*To review an AWS Partner, you must be a customer that has worked with them directly on a project.