Skip to content
Codeloom
AWS

AWS Well-Architected Framework: Five Pillars Explained

Master the AWS Well-Architected Framework's five pillars: operational excellence, security, reliability, performance efficiency, and cost optimization.

·11 min read · By Codeloom
Beginner 16 min read

What you'll learn

  • Understand each of the five Well-Architected pillars
  • Apply design principles from each pillar to your workloads
  • Use the Well-Architected Tool to review your architecture
  • Identify and fix common architectural anti-patterns

Prerequisites

  • Basic familiarity with AWS services
  • Experience running at least one workload on AWS

The AWS Well-Architected Framework is a set of design principles and best practices for building reliable, secure, efficient, and cost-effective systems on AWS. It is organized around five pillars, each covering a different aspect of cloud architecture.

This is not theoretical hand-waving. The framework comes from AWS reviewing thousands of customer architectures and distilling what works and what fails. Applying these principles helps you avoid the architectural mistakes that lead to outages, security breaches, performance problems, and runaway costs.

The Five Pillars at a Glance

1. Operational Excellence:
   Focus: Run and monitor systems, continuously improve
   Key question: How do you manage and automate changes?

2. Security:
   Focus: Protect information, systems, and assets
   Key question: How do you detect and respond to security events?

3. Reliability:
   Focus: Recover from failures, meet demand
   Key question: How does your system adapt to changes in demand?

4. Performance Efficiency:
   Focus: Use resources efficiently as demand changes
   Key question: How do you select the right resource types?

5. Cost Optimization:
   Focus: Avoid unnecessary costs
   Key question: How do you evaluate the cost of your architecture?

The sixth pillar, Sustainability, was added later and focuses on minimizing environmental impact. This guide covers the original five pillars that form the core of the framework.

Pillar 1: Operational Excellence

Operational excellence is about running workloads effectively, gaining insight into their operations, and continuously improving processes and procedures.

Design Principles

  • Perform operations as code. Define your infrastructure, deployment procedures, and operational tasks as code. Use CloudFormation or CDK for infrastructure, CodePipeline for deployments, and Systems Manager for operational tasks.

  • Make frequent, small, reversible changes. Small deployments are easier to debug when they fail. Use feature flags, blue/green deployments, and canary releases.

  • Refine operations procedures frequently. After every incident, conduct a blameless post-mortem. Document what happened, why, and what you changed to prevent it from happening again.

  • Anticipate failure. Run game days and chaos engineering experiments. Test your runbooks before you need them.

What This Looks Like in Practice

# Good: Automated deployment pipeline
Pipeline:
  Source: GitHub (main branch)
  Build: CodeBuild (run tests, build artifacts)
  Deploy Dev: Auto-deploy to dev environment
  Integration Tests: Run against dev
  Deploy Staging: Auto-deploy to staging
  Manual Approval: Team lead reviews
  Deploy Production: Canary deployment (10% -> 50% -> 100%)
  Monitoring: CloudWatch alarms on error rate and latency

# Bad: Manual deployment process
Process:
  - Developer SSHs into production server
  - Runs git pull
  - Restarts application
  - Hopes nothing breaks

Key AWS services for operational excellence:

  • CloudFormation / CDK: Infrastructure as code
  • CodePipeline / CodeDeploy: Automated deployments
  • CloudWatch: Monitoring, logging, and alarming
  • Systems Manager: Operational tasks and runbooks
  • X-Ray: Distributed tracing

Pillar 2: Security

Security is about protecting information, systems, and assets while delivering business value through risk assessment and mitigation strategies.

Design Principles

  • Implement a strong identity foundation. Use IAM with least privilege. Never use the root account for daily operations. Require MFA for all human users.

  • Enable traceability. Log every API call with CloudTrail. Monitor logs with CloudWatch and GuardDuty. Know who did what, when, and from where.

  • Apply security at all layers. Do not rely on a single security control. Use VPC security groups AND NACLs. Encrypt data at rest AND in transit. Validate input at the API gateway AND in your application.

  • Automate security best practices. Use AWS Config rules to enforce compliance continuously. Use Security Hub to aggregate findings from GuardDuty, Inspector, and IAM Access Analyzer.

  • Protect data in transit and at rest. Encrypt everything. Use KMS for key management. Enforce TLS for all connections.

Security Architecture Example

# Layered security for a web application

Edge Layer:
  - AWS WAF: Block SQL injection, XSS, known bad IPs
  - CloudFront: TLS termination, geographic restrictions
  - Shield: DDoS protection

Network Layer:
  - VPC: Isolated network with public/private subnets
  - Security Groups: Allow only necessary ports between tiers
  - NACLs: Subnet-level deny rules for defense in depth
  - VPC Flow Logs: Record all network traffic

Application Layer:
  - API Gateway: Request validation, throttling, API keys
  - Lambda / ECS: Run in private subnets, no public IPs
  - IAM Roles: Least privilege, no hardcoded credentials

Data Layer:
  - RDS / DynamoDB: Encrypted at rest with KMS
  - S3: Bucket policies, public access blocked, versioning
  - Secrets Manager: Rotate credentials automatically

Monitoring Layer:
  - CloudTrail: API audit logging
  - GuardDuty: Threat detection
  - Config: Compliance monitoring
  - Security Hub: Centralized security findings

A quick audit you can run today:

# Check if CloudTrail is enabled
aws cloudtrail describe-trails \
  --query 'trailList[].{Name:Name,IsMultiRegion:IsMultiRegionTrail,IsLogging:IsLogging}'

# Check for S3 buckets with public access
aws s3api list-buckets --query 'Buckets[].Name' --output text | \
  tr '\t' '\n' | while read bucket; do
    acl=$(aws s3api get-public-access-block --bucket "$bucket" 2>/dev/null)
    if [ $? -ne 0 ]; then
      echo "WARNING: $bucket has no public access block"
    fi
  done

# Check for unencrypted EBS volumes
aws ec2 describe-volumes \
  --query 'Volumes[?Encrypted==`false`].{ID:VolumeId,Size:Size}' \
  --output table

Pillar 3: Reliability

Reliability ensures a workload performs its intended function correctly and consistently. It covers fault tolerance, disaster recovery, and capacity planning.

Design Principles

  • Automatically recover from failure. Use health checks, Auto Scaling, and multi-AZ deployments so your system heals itself without human intervention.

  • Test recovery procedures. Regularly test your backups by restoring them. Run disaster recovery drills. If you have never tested your recovery procedure, you do not have one.

  • Scale horizontally. Design stateless components that can be added or removed based on demand. Store state in managed services like DynamoDB or ElastiCache, not on instance local storage.

  • Stop guessing capacity. Use Auto Scaling to match capacity to demand. Over-provisioning wastes money. Under-provisioning causes outages.

Reliability Architecture

# Multi-AZ, auto-scaling web application

Load Balancing:
  ALB:
    - Cross-zone load balancing enabled
    - Health checks every 10 seconds
    - Deregistration delay: 30 seconds
    Targets:
      - AZ-a: 2-10 instances (Auto Scaling)
      - AZ-b: 2-10 instances (Auto Scaling)

Compute:
  Auto Scaling Group:
    MinCapacity: 4  # 2 per AZ minimum
    MaxCapacity: 20
    TargetTracking:
      - CPUUtilization: 60%
      - RequestCountPerTarget: 1000

Database:
  Aurora PostgreSQL:
    Writer: AZ-a
    Reader 1: AZ-b
    Reader 2: AZ-c
    Backup: Continuous to S3, 30-day retention
    Global Database: Secondary region for DR

Caching:
  ElastiCache Redis:
    Mode: Cluster mode enabled
    Nodes: 3 (one per AZ)
    Automatic failover: Enabled

The key reliability metric is your Recovery Time Objective (RTO) and Recovery Point Objective (RPO):

Disaster Recovery Strategies (from cheapest to fastest):

Backup and Restore:
  RTO: Hours
  RPO: Hours (last backup)
  Cost: Lowest
  How: Restore from S3 backups, redeploy infrastructure

Pilot Light:
  RTO: Tens of minutes
  RPO: Minutes
  Cost: Low
  How: Keep core services running in DR region (database replicas)

Warm Standby:
  RTO: Minutes
  RPO: Seconds
  Cost: Medium
  How: Scaled-down copy of production in DR region

Multi-Site Active/Active:
  RTO: Near zero
  RPO: Near zero
  Cost: Highest
  How: Full production in multiple regions, Route 53 failover

Pillar 4: Performance Efficiency

Performance efficiency is about using computing resources efficiently to meet requirements and maintaining that efficiency as demand changes and technologies evolve.

Design Principles

  • Democratize advanced technologies. Use managed services instead of building your own. RDS instead of self-managed databases. SageMaker instead of self-managed ML infrastructure. Let AWS handle the undifferentiated heavy lifting.

  • Go global in minutes. Use CloudFront for content delivery, Global Accelerator for application acceleration, and multi-region deployments for latency-sensitive workloads.

  • Use serverless architectures. Lambda, Fargate, Aurora Serverless, and API Gateway eliminate capacity planning and server management. You pay for what you use and scale automatically.

  • Experiment more often. Cloud makes it easy to test different instance types, database engines, and architectures. Run benchmarks, compare results, and choose based on data.

Selecting the Right Compute

Decision Matrix:

Workload: Stateless web API
  Best fit: Lambda or Fargate
  Why: No servers to manage, scales to zero, pay per request

Workload: Long-running batch processing
  Best fit: EC2 Spot Instances or ECS with Fargate Spot
  Why: Cost-effective for interruptible workloads

Workload: High-performance computing
  Best fit: EC2 with placement groups
  Why: Low-latency networking, GPU instances available

Workload: Container microservices
  Best fit: ECS Fargate or EKS
  Why: Container orchestration without managing clusters

Workload: Machine learning inference
  Best fit: SageMaker endpoints or Lambda with Graviton
  Why: Auto-scaling, managed infrastructure

Performance testing is essential. Do not guess which instance type or database engine performs best for your workload:

# Benchmark an RDS instance with pgbench
pgbench -i -s 100 -h mydb.rds.amazonaws.com -U admin mydb
pgbench -c 50 -j 4 -T 300 -h mydb.rds.amazonaws.com -U admin mydb

# Load test an API with hey
hey -n 10000 -c 100 -m GET https://api.example.com/items

# Compare Lambda memory configurations with AWS Lambda Power Tuning
# (open source tool that tests different memory sizes and finds the optimal one)

Pillar 5: Cost Optimization

Cost optimization is about running systems to deliver business value at the lowest price point. This is not about spending less but about spending wisely.

Design Principles

  • Implement cloud financial management. Assign cost ownership to teams. Use cost allocation tags on every resource. Review costs weekly, not monthly.

  • Adopt a consumption model. Pay only for what you use. Scale down non-production environments outside business hours. Use serverless where possible.

  • Measure overall efficiency. Track cost per transaction, cost per user, or cost per API call. Absolute cost means nothing without context.

  • Stop spending money on undifferentiated heavy lifting. Use managed services. The operational cost of running your own database, message queue, or search engine almost always exceeds the managed service cost.

Cost Optimization Checklist

Quick Wins (implement this week):
  - Delete unattached EBS volumes
  - Release unused Elastic IPs
  - Remove old EBS snapshots
  - Enable S3 Intelligent-Tiering for large buckets
  - Set up AWS Budgets with email alerts

Medium-Term (implement this month):
  - Right-size EC2 instances using Compute Optimizer
  - Purchase Savings Plans for steady-state workloads
  - Schedule dev/staging environments to stop after hours
  - Add S3 lifecycle policies to move data to cheaper tiers
  - Use VPC endpoints instead of NAT Gateway for S3/DynamoDB

Strategic (implement this quarter):
  - Move to serverless where appropriate (Lambda, Fargate)
  - Adopt Spot Instances for fault-tolerant workloads
  - Consolidate accounts with AWS Organizations for volume discounts
  - Implement chargeback/showback for cost accountability
  - Review architecture for data transfer cost reduction

Using the Well-Architected Tool

AWS provides a free tool in the console for running Well-Architected Reviews:

# Create a workload in the Well-Architected Tool
aws wellarchitected create-workload \
  --workload-name "My Application" \
  --description "Production e-commerce application" \
  --environment PRODUCTION \
  --lenses wellarchitected \
  --aws-regions us-east-1 \
  --review-owner "platform-team@example.com"

# List available lenses (there are industry-specific lenses too)
aws wellarchitected list-lenses \
  --query 'LensSummaries[].{Name:LensName,Arn:LensArn}'

The tool walks you through questions for each pillar, identifies high-risk issues, and generates an improvement plan. Run a review quarterly or whenever your architecture changes significantly.

Available lenses beyond the core framework:

  • Serverless Lens: Specific to serverless architectures
  • SaaS Lens: For multi-tenant SaaS applications
  • Data Analytics Lens: For data lakes and analytics workloads
  • Machine Learning Lens: For ML workloads
  • IoT Lens: For IoT architectures

Common Anti-Patterns

Anti-Pattern: Single point of failure
  Pillar: Reliability
  Fix: Multi-AZ deployment, Auto Scaling, health checks

Anti-Pattern: Hardcoded credentials in source code
  Pillar: Security
  Fix: Use Secrets Manager or Parameter Store with IAM roles

Anti-Pattern: Manual deployments via SSH
  Pillar: Operational Excellence
  Fix: CI/CD pipeline with CodePipeline and CodeDeploy

Anti-Pattern: One-size-fits-all instance types
  Pillar: Performance Efficiency
  Fix: Right-size with Compute Optimizer, benchmark alternatives

Anti-Pattern: No cost visibility or budgets
  Pillar: Cost Optimization
  Fix: Tag resources, set up Budgets, review Cost Explorer weekly

Anti-Pattern: Monolithic application on a single large EC2 instance
  Pillars: All five
  Fix: Break into services, use managed services, deploy across AZs

Wrapping Up

The AWS Well-Architected Framework is not a checklist to complete once and forget. It is a continuous practice of reviewing your architecture against proven principles and making incremental improvements. Start by running a Well-Architected Review on your most critical workload using the free AWS tool. Address the high-risk findings first. Then expand to other workloads and schedule quarterly reviews to catch new issues as your architecture evolves. Each pillar reinforces the others: security enables reliability, operational excellence enables cost optimization, and performance efficiency enables all of them. Build with all five pillars in mind from the start, and you will avoid the costly rearchitecting that comes from ignoring them.