Introducing a custom Mission Resilience Lens for the AWS Well-Architected Tool

Mission-critical workloads in defense and national security environments require the highest levels of resilience and operational readiness. These systems must maintain effectiveness across various operational scenarios, including degraded conditions, contested environments, and crisis situations. Today, Amazon Web Services (AWS) is excited to share a custom Mission Resilience Lens (MRL) for the AWS Well-Architected Tool, which provides specialized guidance for architecting resilient mission systems.

Since 2015, AWS customers have used the AWS Well-Architected Framework to build secure, high-performing, resilient, and efficient infrastructure. Although the framework’s core principles apply universally, defense and national security workloads face unique challenges that require specialized architectural considerations.

What is the Mission Resilience Lens?

The Mission Resilience Lens (MRL) is a collection of design considerations and operational practices to enhance the resilience of defense and national security workloads running on AWS. A Well-Architected Custom Lens is a user-defined evaluation framework within the AWS Well-Architected Tool.

This custom lens—developed by AWS solutions architects working in defense and national security—synthesizes years of mission-critical implementation experience with established Well-Architected principles and Operational Readiness Review (ORR) best practices. It can be imported directly into your Well-Architected Tool to evaluate your architectures against domain-specific requirements alongside the standard pillars.

This custom lens is organized around two fundamental aspects: planning and practice. Within these aspects, it addresses four distinct pillars:

1. Planning – Workload architecture
2. Planning – Mission operations
3. Practice – Operations management
4. Practice – Mission readiness

Areas of focus

The Mission Resilience Lens poses targeted questions across several critical domains essential for defense and national security workloads, based on established best practices. In the realm of network resilience and connectivity, the lens includes questions that prompt teams to consider high-availability deployment strategies and network path redundancy. These questions help teams evaluate their current architecture against best practices for maintaining connectivity during disruptions.

For system recovery and continuity, the lens explores crucial aspects of maintaining operational capabilities before, during, and after incidents. Questions in this area cover disaster recovery considerations, backup validation procedures, and the definition of recovery time and point objectives (RTO/RPO). By answering these questions, teams can assess their readiness to restore systems effectively when needed.

The Planning section of the lens covers the broad operational context of defense systems. This includes assessments of cross-domain operations, service level agreements, and the management of critical dependencies. By working through these questions, teams can gain a comprehensive view of their mission resilience across the entire operational landscape.

The Practice section of the lens contains questions designed to evaluate an organization’s approach to proving resilience. These questions address best practices in resiliency testing, verification methods, and the development of failure response procedures. This section helps teams identify gaps in their current validation processes.

To illustrate how the lens addresses these critical areas, let’s examine one of its key recommendations. For defense workloads operating across multiple security domains, cross-domain solution (CDS) dependencies are often mission-critical. The lens provides specific guidance on validating workload behavior during CDS disruptions, including implementing data queuing mechanisms, testing alternative data transfer paths, and documenting degraded operation procedures. This systematic approach helps verify that workloads can maintain essential functions even when cross-domain data transfer capabilities are impaired, a critical consideration for maintaining operational effectiveness in contested environments. The following screenshot shows an MRL question detailing CDS topics in the AWS Well-Architected Tool.

Figure 1: An MRL question in the AWS Well-Architected Tool

To better understand how teams can apply the lens in practice, consider the following example.

When evaluating your backup validation strategy, the MRL doesn’t merely ask whether you perform backups. The lens guides you through a comprehensive evaluation of your restoration capabilities. This includes assessing whether you have regularly scheduled restoration testing with documented procedures, validation of restored data integrity, clear validation of application functionality after restoration, and a transition plan in-place for contract turnover.

Who should use the Mission Resilience Lens?

The MRL is designed for cloud architects supporting defense and national security workloads, mission system engineers and operators, and development teams building mission-critical applications. These teams can use the lens to validate their architectures’ resilience and identify areas for improvement.

We recommend using the lens as part of your regular architectural review process, especially:

• During initial system design
• Before major deployments
• After significant architectural changes
• As part of annual system reviews

Next steps

Download the AWS Mission Resilience Lens today and import it into the AWS Well-Architected Tool by following the installation instructions.

Contact your AWS account team to engage with solutions architects who can help you use the lens and apply these best practices to your mission-critical workloads.

Learn more at Solutions for Defense and National Security.