Platform perspective: infrastructure and applications - An Overview of the AWS Cloud Adoption Framework

Also available on Audible, Kindle, and as an eBook.

Platform perspective: infrastructure and applications

The platform perspective focuses on accelerating the delivery of your cloud workloads via an enterprise-grade, scalable, hybrid cloud environment. It comprises seven capabilities shown in the following figure. Common stakeholders include CTO, technology leaders, architects, and engineers.

      A diagram depicting the AWS CAF Platform perspective capabilities.

AWS CAF Platform perspective capabilities

  • Platform architecture – Establish and maintain guidelines, principles, patterns, and guardrails for your cloud environment. A well-architectedcloud environment will help you accelerate implementation, reduce risk, and drive cloud adoption. Create consensus within your organization for enterprise standards that will drive cloud adoption. Define best practice blueprints and guardrails to facilitate authentication, security, networking, and logging and monitoring. Consider what workloads you may need to retain on-premises due to latency, data processing, or data residency requirements. Evaluate such hybrid cloud use cases as cloud bursting, backup and disaster recovery to the cloud, distributed data processing, and edge computing.

  • Data architecture – Design and evolve a fit-for-purpose data and analytics architecture. A well-designed data and analytics architecture can help you reduce complexity, cost, and technical debt while enabling you to gain actionable insights from exponentially growing data volumes. Adopt a layered and modular architecture that will allow you to use the right tool for the right job as well as iteratively and incrementally evolve your architecture to meet emerging requirements and use cases.

    Based on your requirements, select key technologies for each of your architectural layers, including ingestion, storage, catalog, processing, and consumption. To simplify ongoing management, consider adopting serverless technologies. Focus on supporting real-time data processing, and consider adopting a Lake House architecture to facilitate data movements between data lakes and purpose-built data stores.

  • Platform engineering – Build a compliant multi-account cloud environment with enhanced security features, and packaged, reusable cloud products. An effective cloud environment will allow your teams to easily provision new accounts, while ensuring that those accounts conform to organizational policies. A curated set of cloud products will enable you to codify best practices, helping you with governance while increasing the speed and consistency of your cloud deployments. Deploy your best practice blueprints, and detective and preventative guardrails. Integrate your cloud environment with your existing ecosystem to enable desired hybrid cloud use cases.

    Automate the account provisioning workflow and leverage multiple accounts to support your security and governance goals. Set up connectivity between your on-premises and cloud environments as well as between different cloud accounts. Implement federation between your existing identity provider (IdP) and your cloud environment so that users can authenticate using their existing login credentials. Centralize logging, establish cross-account security audits, create inbound and outbound Domain Name System (DNS) resolvers, and get dashboard visibility into your accounts and guardrails.

    Evaluate and certify cloud services for consumption in alignment with corporate standards and configuration management. Package and continuously improve enterprise standards as self-service deployable products and consumable services. Leverage infrastructure as code (IaC) to define configurations in a declarative way.

  • Data engineering – Automate and orchestrate data flows across your organization. Automated data and analytics platforms and pipelines may help you improve productivity and accelerate time to market. Form cross-functional data engineering teams comprising infrastructure and operations, software engineering, and data management. Leverage metadata to automate pipelines that consume raw and produce optimized data. Implement relevant architectural guardrails and security controls, as well as monitoring, logging, and alerting to help with pipeline failures. Identify common data integration patterns and build reusable blueprints that abstract away the complexity of pipeline development. Share blueprints with business analysts and data scientists and enable them to operate using self-service methods.

  • Provisioning and orchestration – Create, manage, and distribute catalogs of approved cloud products to end users. Maintaining consistent infrastructure provisioning in a scalable and repeatable manner becomes more complex as your organization grows. Streamlined provisioning and orchestration help you achieve consistent governance and meet your compliance requirements, while enabling users to quickly deploy only the approved cloud products. Design and implement a centrally-managed, self-service portal for publishing, distributing, browsing, and consuming approved cloud products. Make your cloud products accessible via APIs as well as via personalized portals. Integrate with your IT service management (ITSM) tools and automate any updates to your configuration management database (CMDB).

  • Modern application development – Build well-architected cloud-native applications. Modern application development practices can help you realize the speed and agility that go with innovation. Using containers and serverless technologies can help you optimize your resource utilization and automatically scale from zero to peak demands. Consider decoupling your applications by building them as independent microservices leveraging event-driven architectures. Implement security in all layers and at each stage of the application development lifecycle.

    Automate the process of scaling out and scaling in or use serverless technologies. Modernize your existing applications to reduce costs, gain efficiencies, and make the most of your existing investments. Consider replatforming (moving your own containers, databases, or message brokers to managed cloud services) and refactoring (rewriting your legacy applications to a cloud native architecture). Ensure that your architecture takes into account service quotas and physical resources so that they do not negatively impact your workload performance or reliability.

  • Continuous integration and continuous delivery – Evolve and improve applications and services at a faster pace than organizations using traditional software development and infrastructure management processes. Adopting DevOps practices with continuous integration, testing, and deployment will help you to become more agile so that you can innovate faster, adapt to changing markets better, and grow more efficient at driving business results. Implement continuous integration and continuous delivery (CI/CD) pipelines.

    Start with a minimum viable pipeline for continuous integration and then transition to a continuous delivery pipeline with more components and stages. Encourage developers to create unit tests as early as possible and to run them before pushing the code to the central repository. Include staging and production steps in your continuous delivery pipeline and consider manual approvals for production deployments. Consider multiple deployment strategies, including in-place, rolling, immutable, and blue/green deployments.