AWSアーキテクチャレビューで重視するポイント / Focus Areas in Software Architecture Reviews

Transcript

1. Focus Areas in Software Architecture Reviews 2024/08/24 KIDANI Akito /

   @kdnakt

2. KIDANI Akito / @kdnakt • From Tokyo, Japan • Work

   as an engineering manager @ Works Human Intelligence • AWS Ambassador • TLS Enthusiast 2

3. < > • What’s “Software Architecture Review”? • Area 1:

   Reliability • Area 2: Security • Area 3: Operational Excellence • Beyond Reviews 3 Agenda

4. < > • Background • Lift-and-shift in progress • Replatform

   old features • Build new cloud native apps • Problem • Are they reliable, secure? → Let’s review with AWS Well-Architected! 4 What’s “Software Architecture Review”? ( 1 / 2 )

5. < > • Review Process • Developers prepare architecture docs

   with AWS Well-Architected in mind • Reviewers examine the docs • Online meeting to discuss and resolve any concerns or problems • Developers improve and deploy the software 5 What’s “Software Architecture Review”? ( 2 / 2 )

6. < > • Prepare for failures • Multi-AZ: EC2, ECS,

   RDS, etc • Redundantly configure Amazon SNS subscription 6 Area 1: Reliability

7. < > • Data in transit: ALB, CloudFront • TLS

   security policy may be not strong enough • Multitenancy on DynamoDB • IAM policy-based separation • S3 lifecycle rule • Ensure temporary objects are removed 7 Area 2: Security

8. < > • Mitigating deployment risks • Build a staging

   env in new AWS account • Preparing for incident • CloudTrail, GuardDuty etc • Automate to eliminate human manual tasks • CodePipeline, CodeBuild, Systems Manager 8 Area 3: Operational Excellence

9. < > • Share insights from reviews for future development

   in other teams • Established a baseline for AWS accounts with AWS Organizations • Enable CloudTrail, GuardDuty etc. • Force AWS SSO and more … 9 Beyond Reviews

10. < > • AWS Well-Architected helps you build secure, reliable

    software solutions on AWS • AWS services evolve constantly • Let’s keep on learning! 10 Summary

11. Thank you! ありがとうございました！