site-logo

JAWS PANKRATION 2024

site-logo
HomeNewsTimetableCfPCommitteePromotionFollow UpPrivacy Policy

Focus Areas in Software Architecture Reviews

Lv300

Lv300

8/24/2024 07:00 (UTC)
Session Info

In this lightning talk, I will discuss key insights gained from architecture reviews that I conducted over the past three years.

Topics include encryption practices in AWS services like ALB, DynamoDB and SQS, and strategies for ensuring high availability through redundant monitoring paths and multi-AZ configurations.

Additionally, I'll highlight the importance of managing AWS resource quotas in multi-tenant SaaS environments and leveraging automation tools like CodeBuild for enhanced operational security.

Join us to gain actionable insights for refining your architecture review practices.

Akito KIDANI

Akito KIDANI

- AWS Top Engineers(APN) -

- AWS Ambassadors(APN) -

Session Category
Security
Identity and compliance
AWS Services
ALB
DynamoDB
CodeBuild
SNS
Session Materials
Session Archive
Session Summary (by Amazon Bedrock)
    The speaker, Kidani, an Engineering Manager at Works Human Intelligence and AWS Ambassador, discusses software architecture review focusing on reliability, security, and operational excellence. Architecture Review Process: - Developers prepare documentation referencing AWS Well-Architected Framework - Reviewers examine the documentation and note concerns - Online meeting between developers and reviewers to discuss improvements and concerns - Developers implement agreed-upon changes Key Focus Areas: 1. Reliability: - Multi-Availability Zone configurations for redundancy - Redundant alert notifications (e.g., Slack and email) 2. Security: - Ensuring strong TLS security policies for web applications - Proper data isolation in multi-tenant DynamoDB tables using IAM policies - Implementing S3 lifecycle rules for temporary object deletion 3. Operational Excellence: - Creating staging environments in separate AWS accounts - Enabling essential services like CloudTrail and GuardDuty for monitoring - Automating database operations to reduce human error Outcomes: - Gained valuable insights shared across teams - Established baseline configurations for AWS accounts using AWS Control Tower - Enabled critical services by default The company has been conducting these reviews for several years, leading to safer and more reliable software on AWS. They emphasize the importance of continuous learning to keep up with evolving AWS services and ensure their architecture review process remains relevant.

Back

©JAWS-UG (AWS User Group - Japan). All rights reserved.