AWS Well-Architected Framework
AWS Well-Architected helps cloud architects build secure, high-performing, resilient, and efficient infrastructure for their applications and workloads. Based on six pillars — operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability — AWS Well-Architected provides a consistent approach for customers and partners to evaluate architectures, and implement designs that can scale over time.
Recent questions
see all1 / 18
- ## Ask Add `qwen.qwen3-coder-480b-a35b-v1:0` to the Bedrock prompt-caching supported-models list (both Converse API `cachePoint` and Messages API equivalent). Ideally extend to other non-Anthropic, no...
- I recently deployed a small word puzzle project using Amazon S3 static hosting. The site loads fine, but I’ve noticed slower performance for users in different regions. For reference, this is the pro...
- Hi all, We are currently experiencing a situation where a single external IP address is continuously sending a very high volume of requests (tens of thousands per minute) to our application behind Am...
- **IAM Identity Center Application Inconsistency After Account Reactivation** I'm experiencing an inconsistency with IAM Identity Center applications after my account was suspended and then reactivate...
- We have multiple AWS accounts across several regions and over time a number of VPC Endpoints ( Interface types) have been created for various services. We suspect many of these endpoints are no longer...
- Service: Amazon EKS Category: Security / Vulnerability ...
- I work in a cloud lab rental company that provides temporary AWS environments for students to practice and learn. We use AWS Control Tower for multi-account management with the following architecture:...
- Hello! Sorry, I know this is probably a common question, but none of the current content reflects my situation. Anyway, I am using Cognito. My Accounts are fully passwordless, with no option built-i...
- I have an AWS batch with an EKS computer environment. I want to use the AWS Secrets Store CSI Driver provider and be able to use Secret Manager secret as a volume and mount it as Env_Var in the Pod. M...
- Hi, I took the [AWS Certified Solutions Architect - Associate (SAA-C03) ](https://aws.amazon.com/certification/certified-solutions-architect-associate/)exam yesterday on February 18, 2026 and receiv...
- Hi, Why is it that I can't see this option under Security tab? What am I missing? Thanks!
-  I am trying to build a dashboard within Quick Suite using cross function datasets. I seem to be the only one withi...asked 4 months ago
- Hello, We recently experienced service instability due to automatic security patches being applied to our Amazon MSK cluster during peak business hours (approx. 10:00 AM local time). These updates tr...
- My account looks completely reset after changing password. I don't see services I use, though they seem to work. The account id also changed.
- How i can resolve accessing aws web service in my internal network?
- We’re using Gateway Load Balancer (GWLB) to insert third-party firewalls into our traffic path using GENEVE tunnelling. One thing we’re unclear on: when traffic is forwarded through GWLB to the firew...
- We have an interface VPCendpoint for an AWS service and attached a security group to it. Does the security group control traffic to the endpoint, or just the traffic from the endpoint to the service ?
- Hi! If a client uses my app to collect data and the data is stored in my database who is the owner of the data? I saw that with legal agreements you can define if for example my company stores the da...asked 4 months ago
Recent articles
see all1 / 18
JohnTEXPERTpublished 3 days ago0 votes26 viewsThis article provides a practical framework for prioritizing AWS Trusted Advisor recommendations by scoring each finding on risk and effort, helping teams focus on high-impact, low-effort wins first.- Bhanusree VadlamudiEXPERTpublished 17 days ago0 votes99 viewsStop planning. Start implementing. The FinOps AFIX engagement brings the right people together to accomplish your cloud financial management goals in days, not months.
- AlejandroEXPERTpublished 18 days ago6 votes236 viewsThis article helps DevOps, support engineers, and solutions architects quickly understand the flat-rate plan tiers, identify how you can benefit most from them, and guide activation through the consol...
- KeyurEXPERTpublished 19 days ago0 votes58 viewsAWS CodeArtifact repository deletion is permanent and cannot be undone. If a repository is accidentally deleted, all packages become permanently unavailable — blocking CI/CD pipelines and potentially ...
- VictorEXPERTpublished 19 days ago3 votes215 viewsUK Cyber Essentials+ certification is a growing requirement for organisations supplying to the UK government. The good news is that as an AWS Enterprise customer, much of the groundwork is already wit...
- Job PaniaguaEXPERTpublished 25 days ago2 votes244 viewsThis guide provides a comprehensive overview of AWS commitment-based discount models — Reserved Instances and Savings Plans — including the newly launched Database Savings Plans (December 2025). It is...
- ChristianEXPERTpublished 25 days ago2 votes116 viewsEnterprise customers want to adopt AI coding assistants but face IP leakage, credential sprawl, and governance concerns. This article presents a POC architecture that streams Claude Code to developers...
- Dennis_OEXPERTpublished a month ago1 votes170 viewsContact centers regularly capture PII (names, addresses, SSNs, credit card numbers) in call audio and transcripts. To meet PCI DSS, GDPR, and HIPAA controls, this data must be removed from artifacts b...
- Dennis_OEXPERTpublished a month ago1 votes85 viewsConnect encrypts customer content at rest by default with a service-managed KMS key, but customers in regulated industries (PCI DSS v4.0, GDPR, HIPAA) typically need full key control — independent rot...
- MassimilianoAWSEXPERTpublished a month ago3 votes1.4K viewsThis article decomposes end-to-end latency in agentic AI applications running on Amazon Bedrock AgentCore Runtime, isolates startup (cold-start) latency as a distinct optimization target, and presents...
- Mateus PradoEXPERTpublished a month ago0 votes217 viewsCloudWatch alarms fire when the graph looks clean. They take minutes to react to obvious spikes. They get stuck in INSUFFICIENT_DATA for no apparent reason. These are among the most common questions o...
- Judith MettoudiEXPERTpublished a month ago0 votes242 viewsAWS DataSync is a powerful migration tool, but understanding its cost implications is crucial. By selecting the right transfer modes, configuring verification options, choosing appropriate S3 storage ...
- Heverin, StephenEXPERTpublished a month ago0 votes114 viewsLearn how to upgrade Python in AWS CloudShell so you can install and run the latest cid-cmd CLI for deploying Cloud Intelligence Dashboards. This step-by-step guide uses pyenv to build Python 3.12 in ...
- MikeLimEXPERTpublished a month ago5 votes1.4K viewsHow to install Kiro and Agent Toolkit for AWS including AWS MCP server to build, deploy and manage your AWS environment with natural language prompts. Include optional steps to install Open Source MCP...
- ChristianEXPERTpublished 2 months ago0 votes163 viewsUK Organisations running Amazon WorkSpaces in AUTO_STOP mode cannot receive patches when powered down. The built-in monthly maintenance window does not meet the Cyber Essentials 14-day patching requir...
- Harish MandhadiEXPERTpublished 2 months ago0 votes253 viewsAWS Security Agent closes the gap between fast-moving development and slow, end-of-cycle security reviews by embedding validation across design, code, and testing phases. Rather than treating security...
- Joanna KEXPERTpublished 2 months ago0 votes183 viewsHow to setup alarms for AWS WAF `AWSManagedRulesAntiDDoSRuleSet` using the DDoSAttackRequests metric
- Jatinder SinghEXPERTpublished 2 months ago2 votes92 viewsA detailed performance analysis between Amazon OpenSearch's specialized OM2 and general-purpose M7g instances to help you optimize performance and cost.
Recent selections
see all1 / 5
- Benjamin LecoqEXPERTpublished 3 years ago9 votes17.3K viewsRe:invent 2024 takes place in Las Vegas (Nevada) from Monday 12/02 to Friday 12/06. This selection will focus on cost optimization related announcements
- Jonathan_DEXPERTpublished 3 years ago4 votes12.3K viewsDo you have critical workloads running in AWS? Review these handpicked resources to find ways to ensure your applications are resilient to failures.
- AWS OFFICIALUpdated 3 years ago0 votes122 viewsDo you want to monitor your Amazon WorkSpaces usage and optimize your costs? Deploy Cost Optimizer for Amazon WorkSpaces to review your WorkSpaces usage and manage costs.
- AWS OFFICIALUpdated 3 years ago0 votes96 viewsThis selection includes content and solutions supporting FSI related compliance and requirements covering security, immutable storage, and general guidance.
- AWS OFFICIALUpdated 3 years ago0 votes234 viewsAs a best practice, AWS recommends that you use AWS Identity and Access Management (IAM) roles instead of IAM users with long-term credentials such as access keys.
1 / 18
Riku_Kobayashi
EXPERTGary Mclean
EXPERTAntonio Lagrotteria
EXPERTOleksii Bebych
EXPERTOsvaldo Marte
EXPERTSedat SALMAN
EXPERTAdeleke Adebowale .J.
EXPERTTushar Jagdale
EXPERTSHAJAM
EXPERTMatt Barbieri
EXPERTAWS-User-alantam
EXPERTIndranil Banerjee AWS
EXPERTGK
EXPERTGunasekaran, Makendran
EXPERTGarre Sandeep
EXPERTThanniru Anil Kumar
EXPERTMax Clements
EXPERT
