Application Modernization Questions:

One of the shifts in thinking about modernizing versus migrating an application is in terms of workload.  A workload here is a collection of software systems called components that deliver a business value. In a monolithic system, the components might be tightly integrated.  A well architected framework allows them to evolve independently. Evolution is incremental release subject to development and test. If the architecture involves independent microservices, then it is easy to test them independently and at different levels of a multi-tier microservice. When the changes are continuously incremental and delivered via a pipeline that follows a continuous integration (CI)/continuous deployment (CD), then every release is guaranteed to have little or no regressions allowing components of the overall workload to change without affecting the others. This facilitates removing pain points in the original monolithic software and a transition towards hosting them in the cloud.

Describing a well-architected framework almost always involves the five pillars conceptually regardless of the cloud to which the application is destined for. These five pillars are:  Reliability (REL), Security (SEC), Cost Optimization (COST), Operational Excellence (OPS), Performance efficiency (PERF). The elements that support these pillars are a review, a cost and optimization advisor, documentation, patterns-support-and-service offers, reference architectures and design principles. 

Each pillar contains questions for which the answers relate to technical and organizational decisions that are not directly related to the features the software to be deployed. For example, a software that allows people to post comments must honor use cases where some people can write and others can read. But the system developed must also be safe and sound enough to handle all the traffic and should incur reasonable cost. 

Since the most crucial pillars are OPS and SEC, they should never be traded in to get more out of the other pillars. 

The security pillar consists of Identity and access management, detective controls, infrastructure protection, data protection and incident response. Three questions are routinely asked for this pillar: 

1.       How is the access controlled for the serverless api? 

2.       How are the security boundaries managed for the serverless application? 

3.       How is the application security implemented for the workload? 

The operational excellence pillar is made up of four parts: organization, preparation, operation, and evolution. The questions that drive the decisions for this pillar include: 

1.       How is the health of the serverless application known? 

2.       How is the application lifecycle management approached? 

The reliability pillar is made of three parts: foundations, change management, and failure management. The questions asked for this pillar include: 

1.       How are the inbound request rates regulated? 

2.       How is the resiliency build into the serverless application? 

The cost optimization pillar consists of five parts: cloud financial management practice, expenditure and usage awareness, cost-effective resources, demand management and resources supply, and optimizations over time. The questions asked for cost optimization include: 

1.       How are the costs optimized? 

The performance efficiency pillar is composed of four parts: selection, review, monitoring and tradeoffs. The questions asked for this pillar include: 

1.       How is the performance optimized for the serverless application? 

In addition to these questions, there’s quite a lot of opinionated and even authoritative perspectives into the appropriateness of a framework and they are often referred to as lenses. With these forms of guidance, a well-architected framework moves closer to reality