AWS Public Sector Blog

NHS England scales review of critical services using AWS Well-Architected Framework

AWS branded background design with text overlay that says "NHS England scales review of critical services using AWS Well-Architected Framework"

The Amazon Web Services (AWS) Well-Architected Framework is designed to help build resilient, secure, and efficient solutions. It is structured around six pillars: operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability. Understanding this framework can greatly benefit AWS customers looking to enhance and refine their cloud environments.

From left to right are the six plillars of the AWS Well-Architected Framework: operational excellence, security, reliability, performance efficiency, cost optimization, sustainability

Figure 1. The six pillars of the AWS Well-Architected framework.

This post shares insights into how NHS England, responsible for running the vital national IT systems which support health and social care, revolutionized their approach to the AWS Well-Architected Framework review process. By embracing a scalable approach through the use of Well-Architected templates and integrating these practices directly into the AWS Well-Architected Tool (AWS WA Tool), NHS England markedly improved the efficiency and effectiveness of their cloud solution management.

The challenge

Throughout 2023, NHS England delivery teams, supported by AWS, undertook 10 Well-Architected reviews on critical services. This data was used by the NHS England Cloud Centre of Excellence (CCoE) to proactively identify common opportunities for improvement. The CCoE was able to prioritize their response and strategically deliver improvements through centralized changes to the NHS England landing zone or through enablement of delivery teams. This scalable approach has improved standards and observability across the organisation’s portfolio of cloud services.

The CCoE found that where NHS England solutions and processes are delivered centrally, such as incident management, delivery teams were unable to consistently describe the process, which falsely identified risks. The CCoE wanted to reduce false positives but continue to support independent reviews by sharing stock answers on centrally delivered solutions.

Implementing a scalable templating solution

NHS England’s CCoE adopted a Well-Architected templating solution to enable a consistent review mechanism and adoption of best practices across delivery teams. This solution enabled delivery teams to have autonomy in conducting reviews while concurrently taking advantage of templated answers where there is a shared responsibility. Teams have the ability to verify these prepopulated answers, adding additional data or context where appropriate.

NHS England trailblazed an AWS solution to create template stock answers for questions in the Well-Architected review, using the GitHub sample AWS Well-Architected Tool template automation. In this solution, the CCoE uses the AWS WA Tool to create and configure workloads named “CentralTemplate.” This initiates an automated process where AWS Lambda functions and Amazon Simple Notification Service (Amazon SNS) topics facilitate the sharing of these templates with AWS accounts owned by delivery teams. Subsequent updates to the templates trigger an AWS Step Functions workflow, ensuring all application workloads are consistently updated.

This streamlined process uses Lambda, Amazon SNS, and Step Functions to efficiently manage workload reviews, ensuring architectural consistency and providing accurate insights across all applications. This solution made the review process more scalable and efficient by allowing for standardized responses managed by the CCoE, thus simplifying the review process for delivery teams and addressing the inconsistency in responses.

Figure 2. Diagram illustrating the templated solution for automating Well-Architected reviews at scale. Key components include central and workload accounts, AWS Step Functions, Lambda functions, EventBridge, Amazon SNS Topics, and CloudTrail. The process enhances review efficiency across accounts by automating milestone setting and workload updates.

AWS WA Tool: Native support for templating

In October 2023, centralized templating became a native capability of the AWS WA tool. This feature allows customers to directly use this functionality within the tool, promoting better collaboration and consistency across reviews. This integration meant that deploying the template automation solution separately became unnecessary, scaling the capability to all AWS customers.

Figure 3. Screenshot of the CCoE Central Template within the AWS WA Tool, showing the review templates section. This interface is used to manage and apply standardized templates for conducting Well-Architected reviews at scale.

NHS England has adeptly harnessed the AWS WA Tool’s capabilities, particularly for sharing templates from a central account across the organization. These standardized templates are distributed to all organizational units (OUs), enabling workload owners to perform reviews with consistency. This practice fosters a scalable and transparent review process and showcases the effective use of the Well-Architected Framework in managing NHS England’s cloud solutions.

AWS WA Tool: Custom lens

Further enhancing their approach, the NHS England CCoE has completed sections of the framework’s pillars based on centrally implemented controls and integrated a custom lens within the review template. This lens incorporates a wide range of NHS internal policies, including disaster recovery (DR) and backup, ensuring compliance across all new workloads.

Figure 4. Screenshot of the CCoE Central Template within the AWS WA Tool, used to manage and apply custom lenses for conducting Well-Architected reviews.

“Adopting this scalable approach within the Well-Architected Tool has been crucial in proactively addressing potential risks and inefficiencies across various workloads,” said Andy Bray, a cloud solutions architect at NHS England.

Conclusion

NHS England’s use of the templating features of the AWS WA Tool has enabled them to scale the process across the organization with greater efficiency. This has increased adoption of the review process across delivery teams, and as a result, the organization has greater visibility of opportunities for improvement.

To learn more about the AWS Well-Architected Tool, refer to the documentation. For more information on the AWS Well-Architected Framework, refer to the AWS Well-Architected Framework documentation.

Andy Bray

Andy Bray

Andy Bray is a cloud solutions architect at NHS England's Cloud Centre of Excellence (CCoE). He is passionate about designing and implementing cloud-based solutions and standards that transform healthcare delivery within the NHS. Working with key stakeholders, Andy helps drive cloud adoption strategies, ensuring compliance, and optimising cloud infrastructure for security and efficiency.

Mohammed Atiq

Mohammed Atiq

Atiq is a solutions architect at Amazon Web Services (AWS). He currently supports UK healthcare customers within the public sector. Atiq assists healthcare organizations in architecting robust solutions for the cloud, among other innovative technologies, enhancing their operational effectiveness and digital transformation.

Steve Faro

Steve Faro

Steve brings two decades of experience to his role as a senior solutions architect for the UK healthcare team at Amazon Web Services (AWS). His expertise centers on assisting large government healthcare organizations in harnessing AWS capabilities for enhanced operational efficiency. Throughout his career, Steve has played a pivotal role in leading national healthcare transformation projects.