Building on Amazon Web Services and other cloud computing platforms offers a wide range of benefits. It gives you affordable access to powerful IT infrastructure without having to invest in on-site equipment. This means you can scale IT operations and infrastructure to match your business performance — then scale back whenever business slows down.

Cloud computing saves your business time and money, which enables you to direct more attention to other projects within your organization. And the Well-Architected Framework is designed to help you maximize the benefits of working on the AWS cloud.

But how do you know whether you’re following the framework correctly? That’s where the AWS Well-Architected Framework Review (also known as the AWS WAR) can help.

What Is AWS WAR?

The AWS Well-Architected Review is a systematic assessment of your cloud architecture. It looks to see whether you’re following the AWS Well-Architected Framework and which areas of the framework you can improve upon.

This framework is one of your most important resources if you’re building and running workloads on AWS. Following it will help you optimize multiple areas of your cloud systems, including their performance, cybersecurity, and even their cost effectiveness.

What Are the 5 Pillars of the AWS Well-Architected Framework?

The AWS Well-Architected Framework is divided into five pillars that look at different aspects of your cloud architecture. Those pillars are:

Operational excellence

How to run and monitor your systems, so they drive continuous improvement and deliver business value.


Safeguarding your cloud systems and protecting the integrity and confidentiality of your data.


How to minimize and mitigate disruptions that could affect your services.

Performance efficiency

Managing your computing resources efficiently and effectively to meet demand.

Cost optimization

Focuses on how to meet your IT needs while minimizing unnecessary expenses.

As you can see, the Well-Architected Framework is complex and extremely comprehensive. It’s also regularly updated to accommodate industry trends. Organizations need to constantly stay up to date with those changes to adhere to the framework.

Conducting an AWS WAR will help with that. Use it to improve your security posture and maximize returns.

Following are some reasons why you should conduct an AWS review.

What Are the Benefits of an AWS WAR?

Cloud computing is one of the most important tools your organization can use to address its business needs. It’s cost efficient and helps organizations of all sizes secure the resources necessary to compete in a modern business landscape.

Naturally, you want to get the most out of those benefits, so your cloud services are safe, efficient, and give you the most bang for your buck. Regularly running an AWS WAR helps with that by showing you which elements of AWS you can optimize for better performance.

The AWS WAR is based on the five pillars of the Well-Architected Framework. Conducting a review will help you:

  • Identify critical issues and prioritize solutions to those problems
  • Stay current with any changes in AWS
  • Reduce unnecessary expenses associated with your cloud infrastructure
  • Optimize the performance of your AWS environment
  • Help you maintain compliance and good security posture

From a cybersecurity point of view, the AWS WAR is especially important. That’s because it can significantly reduce the number of security incidents your organization experiences.

Why AWS WAR is Important for Cybersecurity

If you’re building on AWS, it’s important that you familiarize yourself with the shared responsibility model. This is a widely accepted cloud security framework that defines the security responsibilities of both the customer and the cloud service provider.

Under the shared responsibility model, AWS guarantees the security of the cloud. As the customer, you’re responsible for the security within the cloud.

This means that AWS provides the security of the cloud infrastructure, while you provide the security for everything inside your cloud environment (like your apps and data).

Why is this important? Because most often these attacks happen due to a misconfiguration or some other form of human error. It’s actually estimated that 99% of cloud security failures are linked to the user/customer as opposed to the provider.

However, routinely conducting an AWS WAR will help you catch those errors that could lead to cyberattacks. On top of that, it allows you to assess your security practices and look at the steps you can take to strengthen your overall security.

Best of all, an AWS WAR allows you to learn from any mistakes without having to learn by experiencing a data breach.

Who Conducts an AWS WAR?

Following the Well-Architected Framework can be a challenge. It’s easy to make mistakes or overlook certain things when building and running workloads on AWS. That’s why AWS launched the Well-Architected Partner Program.

This program allows authorized AWS Well-Architected partners to help organizations that are using Amazon Web Services. These partners are organizations which are recognized by AWS as having the expertise to:

  • Review critical workloads
  • Help organizations establish and maintain good architectural habits
  • Minimize cybersecurity risks and more

In other words, they are qualified to help your organization align its practices to the AWS WAR Pillars.

Does an authorized partner have to conduct the AWS WAR?

Due to the complex and comprehensive nature of the Well-Architected Framework, it’s recommended to use an AWS Certified Solutions Architect for your review.

With that said, anyone can conduct an AWS WAR using the AWS Well-Architected Tool. It’s located in your AWS Console and comes with an in-depth instruction guide that explains how to use it effectively.

If you decide to adopt a DIY approach to AWS WAR, be sure to familiarize yourself with the Well-Architected Framework beforehand. Understanding the best practices for building on AWS will help you better identify the gaps in your current strategy, in addition to coming up with actionable steps for improvement.

Should you use an AWS partner for your review?

There are two things to consider when planning an AWS war:

  • The complexity of your architecture
  • Your team’s AWS expertise

These factors should play a role in deciding whether you’re going to conduct your own review or hire an authorized AWS consultant. If your team has expertise in AWS WARs, you could conduct in-house reviews if your architecture isn’t overly complicated.

But what if your architecture is complex? Even if you do have the expertise, you may want to consider partnering with an authorized consultant. They could help you identify issues that teams could easily overlook. Plus, working with an authorized AWS partner won’t use as many resources as conducting a DIY review.

And if your teams don’t have any expertise in conducting AWS WARs, you should strongly consider hiring an authorized partner –– regardless of your architecture’s complexity (or lack thereof).

Understanding the AWS WAR Process

One of the first things to understand about the AWS review process is that it’s neither an audit nor an interrogation. It’s more like a non-accusatory conversation of your cloud architecture. The review process aims to help your organization so you can continue to use AWS to reach your business goals.

Because the review process follows the AWS Well-Architected Framework, reviews always take a consistent approach when assessing your architecture.

While every review process isn’t the same, they do share similar elements in order to maintain that consistency. This includes:

An initial meeting about your cloud architecture

The first stage of the WAR process is the initial meeting between your organization and the solution architect conducting the review. The purpose of this interaction is to prepare for the actual WAR review.

For this stage, you will:

  • Identify the workloads that need to be reviewed
  • Give the solution architect read access to any AWS accounts where those workloads reside

The AWS review meeting

The review meeting is where the actual assessment of your AWS systems takes place. It’s a meeting between your project team and the cloud architect. The consultation usually lasts between two to four hours and can happen in person or over a conference call.

It’s during this time that you’ll likely use the AWS Well-Architected Tool to evaluate whether you’re following AWS best practices. This tool will ask you a series of questions related to the five pillars of the Well-Architected Framework. Answering the following questions will help you move forward with AWS WAR:

  • How well do we follow the Well-Architected Framework?
  • How can we use AWS to further improve your business performance?
  • What are the critical issues in our architecture that need immediate attention?

The WAR report

The WAR report breaks down your AWS systems and how well your organization has been following the Well-Architected Framework. This is where you’ll learn about what you’re doing right and where you need to improve.

Typically, areas of improvement will be prioritized as either High Risk or Medium Risk.

This is also the part of the review process where you’ll look at your improvement strategy. If an AWS Well-Architected Partner conducted the review for you, they’ll likely give you a prioritized plan for addressing your risks.

When Do You Need to Run an AWS WAR?

AWS recommends conducting a review every 6 to 12 months for each of your organization’s critical workloads.

A critical workload is defined as a workload that’s quintessential to your business operations. What you will consider a critical workload depends heavily on your industry and your business.

If you’re a retailer, your online payment gateway would be a critical workload. If you’re a manufacturer, it could be your supply chain IT system. These are the workloads that are necessary to keep your business running.

It’s important to understand that the Well-Architected Framework is a living set of guidelines and best practices. It continues to evolve alongside other areas of technology. This means that your architecture could be considered Well-Architected right now, but you could have various elements deemed High Risk a few months later if the framework updates.

For this reason, it’s not a bad idea to err on the side of caution and conduct an AWS WAR at the end of every quarter. This will ensure your up to date with changes within your cloud environment and any external changes that could affect your performance, security, and stability.

Is an AWS WAR Enough to Keep My Systems Protected?

There’s little doubt that conducting an AWS WAR will improve your cybersecurity. After all, the best practices outlined in the Well-Architected security pillar cover a broad range of recommendations to keep your systems protected.

But you also need a response plan in case the worst happens. That’s where a Managed Detection and Response (MDR) solution can help.

A good MDR solution doesn’t just strengthen your security to protect your systems against external threats. It also enables you to act quickly in the event of a cyberattack –– because the quicker you respond, the easier it is to mitigate the impact.

See how safe your systems are by downloading our free AWS Security Checklist.

The Bottom Line

Conducting your first AWS WAR can be intimidating, especially if this is your first time building on AWS. You may feel nervous because you don’t know what to expect after the review is completed. Understand that the AWS WAR is supposed to be a discussion –– not an indictment. Due to the dynamic nature of technology, cloud services are constantly changing.

Conducting Well-Architected Reviews will help you produce secure and efficient systems that help your organization meet its business and cybersecurity goals. Combine this approach with an effective MDR solution and you can strengthen your cybersecurity and maintain good compliance posture.

Fortra’s Alert Logic MDR solution for AWS offers around-the-clock protection throughout your AWS ecosystem.

Schedule a MDR demo today to see how Alert Logic protects cloud systems from threats.

Antonio Sanchez
About the Author
Antonio Sanchez
Antonio Sanchez is Fortra’s Principal Evangelist. He has over 20 years of experience in the IT industry focusing on cyber security, information management, and disaster recovery solutions to help organizations of all sizes manage threats and improve their security posture.

Related Post

Ready to protect your company with Alert Logic MDR?