AWS Cloud Operations & Migrations Blog

How to evaluate your Cloud Environment in a well-architected manner

Today, we’re happy to announce the availability of the AWS Well-Architected Management and Governance (M&G) Cloud Environment custom lens! To be ready for migrations and to run workloads at scale on AWS, customers need a properly configured AWS environment. The Well-Architected M&G Environment Guide (M&G Guide) provides best practices and prescriptive guidance to help customers understand what an AWS landing zone should include, as well as how to prepare it.

Your AWS environment configuration should prevent burdens on operations and migration delays. To make sure of this, you must be able to evaluate your cloud environment for alignment with standards and best practices. For example, you should be able to define a multi-account strategy and identify preventive and detective controls.

What the Well-Architected M&G Cloud Environment custom lens provides

To complement the M&G Guide, AWS is now offering the ability to add the Well-Architected M&G Cloud Environment custom lens. You can request access to this lens, which will then be available in the Well-Architected Tool. It offers environment-focused reviews that help you evaluate whether or not your existing AWS environment follows the prescriptive guidance provided in the M&G Guide. It also provides specific guidance in areas where there is opportunity for improvement.

Based on experience gained from thousands of successful migrations, the M&G Guide provides decision-makers and cloud, networking, and security architects with detailed implementation priorities. These priorities help you define the steps needed to prepare your environment. The guidance demonstrates how the eight M&G functions should interoperate, as well as identifies the recommended AWS services for each function. Furthermore, it provides implementation guidance regarding AWS Partner solutions. Partner solutions are available in AWS Marketplace, can support an AWS multi-account environment, and work with AWS Control TowerAWS Security HubAWS IAM Identity Center, and AWS Organizations.

Solution walkthrough: using the M&G Cloud Environment lens

Add the M&G Cloud Environment lens to your account

Send your AWS account number and preferred AWS Region to When you receive the email acknowledgement, sign in to the AWS account that you provided, and in the Well-Architected Tool, on the left sidebar, choose Share Invitations. Then select the Share invitation titled Management and Governance Cloud Environment Review. In the upper right, choose the orange Accept button.

Define your workloads

  • In the Well-Architected Tool left sidebar, choose Workloads. In the upper right of the main pane, choose Define workload.
  • Complete the Workload properties fields. At the bottom right, choose Next. From the list of Lens choices that appear, select the Management and Governance Cloud Environment Review. In the lower right, choose Define workload.

Compare your configuration to best practices

  • Engage relevant teams, begin the review, and capture your environment configuration as compared to the provided best practices.
  • When evaluating your environment according to the provided best practices, follow the URL and text resources provided on the right-hand navigation panel titled Helpful resources. Implement a plan to improve management and governance in each function.

Save completed environment reviews as point-in-time milestones

To do this, in the left sidebar, choose Workloads, then choose the name of the workload review that you provided in Step 2. In the main pane Overview tab in the lower right, choose Save milestone.

Generate a report of your alignment to best practices defined by this custom lens

To do this, choose the Milestones tab in the Workload section from the previous step. Then choose Generate report.

Remediate the identified findings

A helpful tutorial on creating reviews with the Well-Architected Tool can be found here.


Customers now have an environment review mechanism to provide a clear path toward making sure that your AWS environments are ready for data center closures, migrations, acquisitions, divestitures, and the growth of AWS-hosted applications. This lens provides clear direction regarding areas that must be improved, and you can follow the provided resources to guide your process. Resources include improvement plans, implementation guides, architectural diagrams, and videos for the AWS Management and Governance services, as well as seller solutions that run on AWS services.

About the authors:

Jim McDonald

Jim McDonald is a Partner Integrations Solutions Architect for AWS in AWS Marketplace and Control Services. He is passionate about cloud architecture and helping customers solve tough challenges in creative ways. Jim has more than 30 years of technology experience working in oil and gas, energy, financial services, healthcare, and professional services sectors. He enjoys spending his free time with family, getting outdoors, listening to great music, and reading a good book.

Tim Honychurch

Tim Honychurch is a Principal Management and Governance Specialist for AWS in AWS Marketplace & Control Services. Tim brings a dual passion for the cloud and customer success, with a focus on delivering customers’ desired outcomes. Having spent time during his career in business consulting and sales, he has spent the last ten years leading teams in cloud governance and customer success. Outside of work, Tim spends time with his wife and family, enjoying anything outdoors, and live music.