Implementing the Amazon Well-Architected Custom Lens lifecycle in your organization

{"value":"In this blog post, we present a lifecycle that helps you build, validate, and improve your own [AWS Well-Architected Custom Lens](https://docs.aws.amazon.com/wellarchitected/latest/userguide/lenses-custom.html), in order to roll it out across your whole organization. The AWS Well-Architected Custom Lens is a new feature of the [AWS Well-Architected Tool ](https://aws.amazon.com/well-architected-tool)that lets you bring your own best practices to complement the [existing Well-Architected Framework.](https://docs.aws.amazon.com/wellarchitected/latest/framework/welcome.html)\n\n\n### **The Custom Lens lifecycle: how a Custom Lens can benefit your organization**\n\n\n\n\nFigure 1. The AWS Well-Architected Custom Lens lifecycle\n\nEach organization has its own requirements, processes, best practices, and tools, but the information can be spread over many systems and knowledge bases. A Custom Lens can capture the specifics of a working environment and let coworkers access this information in a single place—from the AWS console—without the need to go to a separate tool. A Custom Lens can be created in a central management account and securely shared with other accounts.\n\nA Custom Lens can be updated periodically as either a major or minor version. If it is a minor version, the change is automatically applied to all accounts that the lens has been shared with. If it is a major version, the user has to accept the updated Custom Lens and a summary of the changes is displayed to the user. Accepting the changes then applies the update for existing workload reviews, and prompts the user to review the workload. Thus, updating a Custom Lens is an effective mechanism to continuously inform teams about new best practices.\n\nIn addition, maintaining and improving a Custom Lens continuously helps to identify gaps in organization-wide tooling, guidance, or documentation. You can aggregate feedback and metrics from reviews that have been performed and use it to drive the improvement process of the content. More importantly, the gathered metrics help measure the overall adherence to best practices and requirements in your organization. If you focus on creating clear, concise, and actionable content for your Custom Lens, the time needed to identify and implement improvements is reduced. As teams realize the value of the Custom Lens, more reviews will be performed, and you will receive more data to construct a comprehensive view.\n\n##### **1. Plan**\n\nThe Plan phase identifies the benefits that a Custom Lens can provide your organization by identifying current gaps. You also define the scope of your Custom Lens, which is the type of content that supports your desired business outcomes. Depending on the scope, you need to identify the appropriate stakeholders and gain support for the initiative.\n\n##### **2. Implement**\n\nIn the Implement phase, content is created for the Custom Lens with a working group. While doing this, you can identify missing supplementary artefacts, like documentation or tooling. If that is the case, you can create these artefacts and link to them from the Custom Lens Improvement Plan.\n\nAs part of the implementation, the Custom Lens is created by uploading a JSON file in the appropriate [format ](https://docs.aws.amazon.com/wellarchitected/latest/userguide/lenses-format-specification.html)to a central management account, then, sharing the lens with the organization’s AWS accounts. You can share the Custom Lens with IAM Principals, such as users, roles, and AWS accounts. For broader and more efficient sharing, you now have the ability to [scale by sharing your Custom Lens with individual organizational units or the entire AWS Organizations](https://aws.amazon.com/about-aws/whats-new/2022/06/aws-well-architected-tool-organizations-integration/). This feature reduces management overhead and removes the need for a custom automation.\n\n##### **3. Measure**\n\nThe Measure phase aggregates feedback and metrics from reviews that have been performed with your Custom Lens; this information is used to drive the improvement process.\n\nThe Well-Architected Tool offers a way to [share workload ](https://docs.aws.amazon.com/wellarchitected/latest/userguide/workloads-sharing.html)reviews, and you can use this to share all reviews with a central AWS account. You can then analyze the reviews in the central account by extracting the data and analyzing it, for example, by building a dashboard. The [Well-Architected Lab for building custom reports](https://www.wellarchitectedlabs.com/well-architectedtool/300_labs/300_building_custom_aws_well-architected_reports_with_amazon_athena_and_amazon_quicksight/) provides a solution that can be implemented.\n\n##### **4. Improve**\n\nIn the Improve phase, the gathered metrics and feedback are used to identify areas for future improvement. For example, you might find common gaps among the performed workload reviews, where the same best practices are not fulfilled. When you investigate the root cause, you can learn that the existing content lacks clarity or that the suggested tools are difficult to use.\n\nIn addition, improvements, such as content gaps that were not addressed during the first iteration of the Custom Lens, can be added to the backlog before you repeat the cycle.\n\nTo roll out changes of your Custom Lens in an automated and repeatable fashion, you can implement the architecture depicted in Figure 2.\n\n\n\nFigure 2. Combining [AWS CodeCommit](https://aws.amazon.com/cn/codecommit/?trk=cndc-detail) with [AWS Lambda](https://aws.amazon.com/cn/lambda/?trk=cndc-detail) to update your Custom Lens whenever a file change is pushed to the code repository\n\nThis architecture enables automated releases of new versions of your Custom Lens whenever you commit an updated JSON file to the code repository. In detail, the steps are:\n\n1. The JSON file of your Custom Lens is stored in an [AWS CodeCommit](https://aws.amazon.com/codecommit/) repository. An author pushes an updated version of the file to the repository.\n2. The CodeCommit repository is configured with a trigger action that invokes an [AWS Lambda](https://aws.amazon.com/lambda/) function on each commit.\n3. The Lambda function downloads the updated file by using the [GetFile ](https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetFile.html)API of CodeCommit. Then, the Lambda function imports the updated Custom Lens and publishes it as a new version by using [ImportLens ](https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ImportLens.html)and [CreateLensVersion ](https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_CreateLensVersion.html)APIs of the [AWS Well-Architected Tool](https://aws.amazon.com/cn/well-architected-tool/?trk=cndc-detail), then shares the Custom Lens using [CreateLensShare](https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_CreateLensShare.html).\n4. The updated Custom Lens is available in all accounts that the lens has been shared with.\n5. Reviewers can create new workload reviews with the Custom Lens or upgrade to the newest version for existing workload reviews.\n\n\n### **Conclusion**\n\n\nIn this blog post, we walked you through the Custom Lens lifecycle, a process to create and continuously improve a Custom Lens for your organization. If you have a special software development lifecycle, a customized security and compliance framework, or other highly specific requirements or best practices that you want disseminated and measurable, [learn more about how to create a Custom Lens in the Well-Architected Tool](https://aws.amazon.com/blogs/aws/well-architected-custom-lenses-internal-best-practices/).\n\n[AWS Well-Architected](https://aws.amazon.com/architecture/well-architected/) is a set of guiding design principles developed by AWS to help organizations build secure, high-performing, resilient, and efficient infrastructure for a variety of applications and workloads. Use the [AWS Well-Architected Tool](http://aws.amazon.com/well-architected-tool/) to review your workloads periodically to address important design considerations and ensure that they follow the best practices and guidance of the AWS Well-Architected Framework. For follow up questions or comments, join our growing community on[ AWS re:Post](https://www.repost.aws/topics/TA5g9gZfzuQoWLsZ3wxihrgw/well-architected-framework).\n\nTAGS: [AWS Well-Architected Lenses](AWS Well-Architected Lenses)\n\n\n\n### **Robert Hoffman**\n\nRobert Hoffmann is a Senior Solutions Architect at AWS. Before, he worked for top smart device and telecommunication brands, pioneering cloud native applications during the early days of Docker and Kubernetes. At AWS, he is supporting some of the world’s largest sports brands on their cloud journey. Robert is passionate about observability, infrastructure as code, and developer productivity. You can find him discussing these topics at conferences and on Twitter (@robhoffmax).\n\n\n\n\n### **Duncan Bell**\n\nDuncan Bell is a Geo Solutions Architect on the AWS Well-Architected team covering EMEA and part of the Cloud Operations specialism area. His career has spanned various roles from support, software engineering, DevOps and Solutions Architecture specializing in server provisioning to IaC, configuration management, DevOps, CI/CD automation, and improving teams' ways of working, including the whole software delivery lifecycle.","render":"<p>In this blog post, we present a lifecycle that helps you build, validate, and improve your own <a href=\\"https://docs.aws.amazon.com/wellarchitected/latest/userguide/lenses-custom.html\\" target=\\"_blank\\">AWS Well-Architected Custom Lens</a>, in order to roll it out across your whole organization. The AWS Well-Architected Custom Lens is a new feature of the <a href=\\"https://aws.amazon.com/well-architected-tool\\" target=\\"_blank\\">AWS Well-Architected Tool </a>that lets you bring your own best practices to complement the <a href=\\"https://docs.aws.amazon.com/wellarchitected/latest/framework/welcome.html\\" target=\\"_blank\\">existing Well-Architected Framework.</a></p>\\n<h3><a id=\\"The_Custom_Lens_lifecycle_how_a_Custom_Lens_can_benefit_your_organization_3\\"></a><strong>The Custom Lens lifecycle: how a Custom Lens can benefit your organization</strong></h3>\\n<p><img src=\\"https://dev-media.amazoncloud.cn/07405ef6a18d4dc78b9019a470ea72b6_image.png\\" alt=\\"image.png\\" /></p>\n<p>Figure 1. The AWS Well-Architected Custom Lens lifecycle</p>\n<p>Each organization has its own requirements, processes, best practices, and tools, but the information can be spread over many systems and knowledge bases. A Custom Lens can capture the specifics of a working environment and let coworkers access this information in a single place—from the AWS console—without the need to go to a separate tool. A Custom Lens can be created in a central management account and securely shared with other accounts.</p>\n<p>A Custom Lens can be updated periodically as either a major or minor version. If it is a minor version, the change is automatically applied to all accounts that the lens has been shared with. If it is a major version, the user has to accept the updated Custom Lens and a summary of the changes is displayed to the user. Accepting the changes then applies the update for existing workload reviews, and prompts the user to review the workload. Thus, updating a Custom Lens is an effective mechanism to continuously inform teams about new best practices.</p>\n<p>In addition, maintaining and improving a Custom Lens continuously helps to identify gaps in organization-wide tooling, guidance, or documentation. You can aggregate feedback and metrics from reviews that have been performed and use it to drive the improvement process of the content. More importantly, the gathered metrics help measure the overall adherence to best practices and requirements in your organization. If you focus on creating clear, concise, and actionable content for your Custom Lens, the time needed to identify and implement improvements is reduced. As teams realize the value of the Custom Lens, more reviews will be performed, and you will receive more data to construct a comprehensive view.</p>\n<h5><a id=\\"1_Plan_16\\"></a><strong>1. Plan</strong></h5>\\n<p>The Plan phase identifies the benefits that a Custom Lens can provide your organization by identifying current gaps. You also define the scope of your Custom Lens, which is the type of content that supports your desired business outcomes. Depending on the scope, you need to identify the appropriate stakeholders and gain support for the initiative.</p>\n<h5><a id=\\"2_Implement_20\\"></a><strong>2. Implement</strong></h5>\\n<p>In the Implement phase, content is created for the Custom Lens with a working group. While doing this, you can identify missing supplementary artefacts, like documentation or tooling. If that is the case, you can create these artefacts and link to them from the Custom Lens Improvement Plan.</p>\n<p>As part of the implementation, the Custom Lens is created by uploading a JSON file in the appropriate <a href=\\"https://docs.aws.amazon.com/wellarchitected/latest/userguide/lenses-format-specification.html\\" target=\\"_blank\\">format </a>to a central management account, then, sharing the lens with the organization’s AWS accounts. You can share the Custom Lens with IAM Principals, such as users, roles, and AWS accounts. For broader and more efficient sharing, you now have the ability to <a href=\\"https://aws.amazon.com/about-aws/whats-new/2022/06/aws-well-architected-tool-organizations-integration/\\" target=\\"_blank\\">scale by sharing your Custom Lens with individual organizational units or the entire AWS Organizations</a>. This feature reduces management overhead and removes the need for a custom automation.</p>\\n<h5><a id=\\"3_Measure_26\\"></a><strong>3. Measure</strong></h5>\\n<p>The Measure phase aggregates feedback and metrics from reviews that have been performed with your Custom Lens; this information is used to drive the improvement process.</p>\n<p>The Well-Architected Tool offers a way to <a href=\\"https://docs.aws.amazon.com/wellarchitected/latest/userguide/workloads-sharing.html\\" target=\\"_blank\\">share workload </a>reviews, and you can use this to share all reviews with a central AWS account. You can then analyze the reviews in the central account by extracting the data and analyzing it, for example, by building a dashboard. The <a href=\\"https://www.wellarchitectedlabs.com/well-architectedtool/300_labs/300_building_custom_aws_well-architected_reports_with_amazon_athena_and_amazon_quicksight/\\" target=\\"_blank\\">Well-Architected Lab for building custom reports</a> provides a solution that can be implemented.</p>\\n<h5><a id=\\"4_Improve_32\\"></a><strong>4. Improve</strong></h5>\\n<p>In the Improve phase, the gathered metrics and feedback are used to identify areas for future improvement. For example, you might find common gaps among the performed workload reviews, where the same best practices are not fulfilled. When you investigate the root cause, you can learn that the existing content lacks clarity or that the suggested tools are difficult to use.</p>\n<p>In addition, improvements, such as content gaps that were not addressed during the first iteration of the Custom Lens, can be added to the backlog before you repeat the cycle.</p>\n<p>To roll out changes of your Custom Lens in an automated and repeatable fashion, you can implement the architecture depicted in Figure 2.</p>\n<p><img src=\\"https://dev-media.amazoncloud.cn/ac7d76c398934090845fd918973da8c1_image.png\\" alt=\\"image.png\\" /></p>\n<p>Figure 2. Combining AWS CodeCommit with AWS Lambda to update your Custom Lens whenever a file change is pushed to the code repository</p>\n<p>This architecture enables automated releases of new versions of your Custom Lens whenever you commit an updated JSON file to the code repository. In detail, the steps are:</p>\n<ol>\\n<li>The JSON file of your Custom Lens is stored in an <a href=\\"https://aws.amazon.com/codecommit/\\" target=\\"_blank\\">AWS CodeCommit</a> repository. An author pushes an updated version of the file to the repository.</li>\\n<li>The CodeCommit repository is configured with a trigger action that invokes an <a href=\\"https://aws.amazon.com/lambda/\\" target=\\"_blank\\">AWS Lambda</a> function on each commit.</li>\\n<li>The Lambda function downloads the updated file by using the <a href=\\"https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetFile.html\\" target=\\"_blank\\">GetFile </a>API of CodeCommit. Then, the Lambda function imports the updated Custom Lens and publishes it as a new version by using <a href=\\"https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ImportLens.html\\" target=\\"_blank\\">ImportLens </a>and <a href=\\"https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_CreateLensVersion.html\\" target=\\"_blank\\">CreateLensVersion </a>APIs of the [AWS Well-Architected Tool](https://aws.amazon.com/cn/well-architected-tool/?trk=cndc-detail), then shares the Custom Lens using <a href=\\"https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_CreateLensShare.html\\" target=\\"_blank\\">CreateLensShare</a>.</li>\\n<li>The updated Custom Lens is available in all accounts that the lens has been shared with.</li>\n<li>Reviewers can create new workload reviews with the Custom Lens or upgrade to the newest version for existing workload reviews.</li>\n</ol>\\n<h3><a id=\\"Conclusion_53\\"></a><strong>Conclusion</strong></h3>\\n<p>In this blog post, we walked you through the Custom Lens lifecycle, a process to create and continuously improve a Custom Lens for your organization. If you have a special software development lifecycle, a customized security and compliance framework, or other highly specific requirements or best practices that you want disseminated and measurable, <a href=\\"https://aws.amazon.com/blogs/aws/well-architected-custom-lenses-internal-best-practices/\\" target=\\"_blank\\">learn more about how to create a Custom Lens in the Well-Architected Tool</a>.</p>\\n<p><a href=\\"https://aws.amazon.com/architecture/well-architected/\\" target=\\"_blank\\">AWS Well-Architected</a> is a set of guiding design principles developed by AWS to help organizations build secure, high-performing, resilient, and efficient infrastructure for a variety of applications and workloads. Use the <a href=\\"http://aws.amazon.com/well-architected-tool/\\" target=\\"_blank\\">AWS Well-Architected Tool</a> to review your workloads periodically to address important design considerations and ensure that they follow the best practices and guidance of the AWS Well-Architected Framework. For follow up questions or comments, join our growing community on<a href=\\"https://www.repost.aws/topics/TA5g9gZfzuQoWLsZ3wxihrgw/well-architected-framework\\" target=\\"_blank\\"> AWS re:Post</a>.</p>\\n<p>TAGS: [AWS Well-Architected Lenses](AWS Well-Architected Lenses)</p>\n<p><img src=\\"https://dev-media.amazoncloud.cn/205b3b67f5864c09bc043765ed15dc67_image.png\\" alt=\\"image.png\\" /></p>\n<h3><a id=\\"Robert_Hoffman_64\\"></a><strong>Robert Hoffman</strong></h3>\\n<p>Robert Hoffmann is a Senior Solutions Architect at AWS. Before, he worked for top smart device and telecommunication brands, pioneering cloud native applications during the early days of Docker and Kubernetes. At AWS, he is supporting some of the world’s largest sports brands on their cloud journey. Robert is passionate about observability, infrastructure as code, and developer productivity. You can find him discussing these topics at conferences and on Twitter (@robhoffmax).</p>\n<p><img src=\\"https://dev-media.amazoncloud.cn/577a57864f9d4203bd781a0904ac0eaf_image.png\\" alt=\\"image.png\\" /></p>\n<h3><a id=\\"Duncan_Bell_71\\"></a><strong>Duncan Bell</strong></h3>\\n<p>Duncan Bell is a Geo Solutions Architect on the AWS Well-Architected team covering EMEA and part of the Cloud Operations specialism area. His career has spanned various roles from support, software engineering, DevOps and Solutions Architecture specializing in server provisioning to IaC, configuration management, DevOps, CI/CD automation, and improving teams’ ways of working, including the whole software delivery lifecycle.</p>\n"}