A client in the education industry, specializing in innovative language e-learning solutions, approached us for consultation to resolve existing issues and enhance their AWS (Amazon Web Services) infrastructure. Recognizing the importance of their main goal to deliver high-quality educational content (mainly videos), based on a Well-Architected Framework, we conducted a review of their AWS infrastructure to address security, reliability, performance efficiency, and cost optimization concerns.
Technical outcomes of the Well-Architected review with education industry customer
After a discussion with the customer, we provided some solutions for their proposed issues, but thanks to a Well-Architected framework, we also identified issues that did not follow AWS's best practices. We provided guidance, implementation, and specific documentation where needed. Below are some specific things that we were able to solve.
Security
Acknowledging the criticality of securing their AWS environment, we implemented security measures. Firstly, we addressed the risk associated with unrestricted access to AWS root users and enforcing multi-factor authentication (MFA) for IAM users.
Additionally, we controlled traffic at all layers by securing connections between components, ensuring they were accessible only through private IP addresses. This included understanding if a component required internet access, both inbound and outbound, and connectivity to Virtual Private Clouds (VPCs). The result was that the connection between the application and the database RDS instance is now secured and private.
Reliability
Before the review, the organization was unaware of service quotas in the AWS environment. We evaluated their workload to ensure sufficient gaps between quotas and current usage, assuring future scalability. The customer was informed that a lot of quotas are “soft quotas“ and if needed in the future they can simply request a quota increase in the AWS console.
Performance
To improve performance efficiency, we conducted extensive research on available cloud services and features, leveraging our expertise. The customer had a specific issue with one part of their infrastructure and their clients were not able to access the application. We were able to provide better logging and monitoring that they could use in the current investigation and also in the future.
Cost Optimization
We analyzed the AWS workload to identify opportunities for cost optimization. While the nature of their workload limited the utilization of special AWS pricing models like reserved instances, we ensured that the selected instance sizes/types were optimal.
In addressing data transfer cost concerns, we analyzed the organization's application requirements and proposed solutions for optimizing data transfer costs. Specifically, we optimized data transfer out to the public Internet. One major part of their business is to provide video content to their clients, which has grown steadily for the last couple of years. We addressed this issue by providing private pricing for Amazon CloudFront CDN to reduce outbound traffic costs.
Conclusion
Through the Well-Architected review, we have helped the education industry player to enhance the security, reliability, performance efficiency, and cost optimization of their AWS infrastructure, enabling them to continue delivering exceptional language learning experiences.
