1. Security - IAM, Detective Controls, Infrastructure Protection, Data Protection, Incident Response. Security design Principles - Implement sec at all layers, enable traceability, principle of least privilege, automate
2. Reliability - The ability to recover from infrastructure or application failures.
To have reliability use: foundations(plan a scalable env.), change management, failure management. Test recovery procedures, automatically recover, scale horizontally, stop guessing capacity, manage change IN your automation system (CloudFormation!)
3. Performance Efficiency - Choose the appropriate product for the application in question (eg. SSD vs HDD in EBS). Consider tradeoffs. (Don't buy a Porsche if you need a toyota). Go serverless, Experiment, Have mechanical sympathy.
4. Cost Optimization - Use cost effective resources (don't go with EBS block storage if you can get away with S3 object storage), match supply with demand (autoscale), track and optimize over time. AWS Cost Explorer, AWS Trusted Advisor. Prefer managed serves (eg. use RDS instead of an EC2 instance with a DB installed).
5. Operational excellence - Automate, have standards
- Create budget and send alarms when costs exceeds the budget
- 3 types of budgets: Usage, Cost, Reservation
- For Reservation Instances (RI)
- Up to 5 SNS notification per __
Can filter by: Service, Linked Account, Tag, Purchase Option, Instance Type, Region, Availability Zone, API Operation, Etc...