Azure Well-Architected Review Assessment Updates

Microsoft is excited to announce a significant update to the Azure Well-Architected Review assessment helps you build and optimize workloads. It walks you through a series of questions about your workload. Based on your responses, it generates tailored and prioritized recommendations to improve your workload design. The guidance is actionable and applicable to nearly every workload. It aligns with the latest best practices across the five key pillars of reliability, security, cost optimization, operational excellence, and performance efficiency (see figure 1).

Figure 1. The landing page for the Azure Well-Architected Review assessment.

Overview of the assessment updates

The assessment updates reflect the insights of experts around the world. After years of collaborating with customers, these experts provided targeted updates to reflect the most critical needs of customers in the current technical landscape. Every question, answer, and recommendation now feature the latest best practices in workload management across the five pillars.

In the Azure Well-Architected Review assessment, there are five different workload types to choose from. The updates discussed here apply to the Core Well-Architected Review option only (see figure 2).

Figure 2. The workload options in the Azure Well-Architected Review assessment. Discussed updates only apply to the Core Well-Architected Review.

The Core Well-Architected Review focuses on the workload design principles applicable to every workload and workload team. It’s structured around the five pillars of the Azure Well-Achitected Framework guidance. Let's explore the specific changes in each pillar of the Core-Well Architected Review:

• Reliability includes defining health states, recovery processes, and redundancy design. It offers insights into conducting disaster recovery drills and monitoring health states with alerts, helping to improve workload reliability.
• Security covers key topics such as securing high-impact accounts, firewall implementation, and distributed denial of service (DDoS) protection. It provides recommendations for maintaining up-to-date software and infrastructure, along with training in hardening techniques, to enhance the security posture of your Azure workload.
• Cost Optimization addresses strategies for optimizing licensing costs and managing financial expectations, including access control for spending. It offers guidance on workload cost estimation, aligning usage with billing increments, and resource consolidation to achieve cost efficiency.
• Operational Excellence focuses on safe deployment practices, workload responsibility, and infrastructure-as-code utilization. It emphasizes the importance of process documentation, standardized coding practices, and task automation to achieve operational consistency in Azure environments.
• Performance Efficiency involves evaluating performance requirements, analyzing testing results, and strategies for effective scaling. Recommendations cover designing scalable infrastructure and applications, and for ongoing performance optimization.

For any assessment, you can select one or all the pillars to work through. You receive the greatest benefit by addressing all the pillars, then starting new milestones to improve targeted areas (see figure 3).

Figure 3. The core pillar selection page.

Benefits of the assessment update

The assessment updates target universal workload design best practices. You can run the assessment on any workload in any platform, not only those in Azure. The assessment covers more aspects of your workload at a deeper technical level. Even though it’s more comprehensive, it’s also faster to complete. It has 20+ more unique recommendations (375 total) than the previous version of the assessment, but it also has 124 fewer choices to work through. This means you get more tailored guidance with less input required. Even the wording of the assessment provides a better experience. There’s a consistent style and structure in the wording (see figure 4).

Figure 4. Example of the updated assessment style and structure consistency. Viewing the assessment question that aligns with SE:05 Identity and access management.

The new wording makes the assessment easier to understand and faster to complete. Together, these changes provide more nuanced guidance to improve your workload with less effort required to complete the assessment. It frees you to revisit the assessment more often.

The guidance you receive at the end of an assessment aligns with the revised Azure Well-Architected Framework.

The assessment follows the same structure as the framework, and every recommendation has guidance in the framework. It’s important to note that the guidance in the Azure Well-Architected Framework incorporates important The priority for each recommendation has also been updated to reflect their priority in the current technology landscape (see figure 5).

Figure 5. Sample of the recommended actions after completing an assessment.

Each recommendation starts with a code, such as “SE:05”. The code is an abbreviation for the pillar name it corresponds to and a number that indicates the specific articles in the Azure Well-Architected Framework it pulls from. For example, the code “SE:05” corresponds to the guidance on identity and access management in the Azure Well-Architected Framework (see figure 6).

Figure 6. The checklist from the Security pillar. It shows how the recommendation code aligns with the guidance in each pillar. The code in the Checklist table has corresponding guides in the table of contents on the left.

The codes for each pillar are “RE” for reliability, “SE” for security, “CO” for cost optimization, “OE” for operational excellence, and “PE” for performance efficiency. There are one or more articles in the framework associated with each code. Because a code corresponds to a broad topic, like Identity and access management, a single code precedes multiple assessment recommended actions.

Features the assessment updates didn’t change

Despite the comprehensive updates, the key functionalities of the assessment remain unchanged. You can still initiate new assessments, create milestones, and access the latest recommendations based on their responses. The to view all recommendations and export recommendations to a downloadable CSV (see figure 7).

Figure 7. The ability to export the recommendations for your workload to a CSV that you can download.

It will still integrate with Azure Advisor, and the ability to name assessments and milestones remains the same.

All new assessments and milestones will automatically revert to the new assessment updates. Your previous session responses will still be available, but prior responses won’t be applied to the new milestones to ensure alignment with the most current guidance.

Conclusion

In summary, the updated Azure Well-Architected Review assessment reflects a move towards a more detailed, nuanced approach across all pillars. These improvements demonstrate Microsoft's commitment to helping customers build and maintain efficient, secure, and resilient cloud architectures.

To learn more about the WAF refresh, see the new hub page for the Well-Architected Framework: aka.ms/waf; 

or Uli Homann's blog post: https://aka.ms/whatsnewinwaf

Dom Allen has also created a great, 6-minute video on the Azure Enablement Show.