How to create an AWS System Design?

System Design is an early phase in software development process, especially for project that build new system or re-structure an existing one. However, in many projects, people not aware enough about the important of System Design.

As a Cloud Solution Architect who has experience in Consulting, Design and Implement big system for customer since 2015, I will share with you some reasons why System Design is so important
- No.1: At the early phase of any project, the customer concern about high-level architect of the system rather than detail implementation. System Design will help you to tell the idea to the customer, get feedback about their needs and avoid miss-understanding.
Having experience on System Design make your company competitiveness more stronger than other opponents and then increase the wining rate on bidding.
-No.2: Making System Design require skill in real projects of building or restructure a system. Ability of making System Design make customer confident when they assign you a full-life-cycle project.
-No.3: Having a System Design make everything clear before you start to implement and make sure all member (DevOps Engineer, SRE) do not go wrong way. In big project, we need to get agreement from customer for the System Design before start anything because if Change Requirement (CR) happen on system level, we must spent much effort to recover.
-No.4: System Design help project estimation become easy, avoid under-estimation because we can see all tasks that must be done base on System Structure (like Network structure, number of resource, monitoring and backup setting,...).
-No.5: System Design help new member who join the project easily to know about system structure, it also helpful when the implementation phase finished and we need to transfer to Operation team. How can we explain the system to other people when we do not have a System Design?

In this article, I will show you step-by-step to create an AWS System Design follow AWS Standard.

Step1: Download AWS Icon.
Go to google.com then type "aws icon ppt", you will see the result will have one page like this: https://aws.amazon.com/architecture/icons/?nc1=h_ls
Download PPT file into your local computer.

*NOTE: If you want to use other tools like draw.io instead of Powerpoint, there is no need to download above ppt file. However, I strongly recommend that you download the file, then read the AWS guideline,  see some sample architect before you start to draw you own architect.

Step2: Read AWS Guideline in ppt slide
- Introduction
- System
- Guidelines
- Examples
- Element: Just take a quick look in each service groups because you don't need to remember all services icons, just Ctrl+F to search when needed.

Some principle and rule that you MUST remember and avoid to make mistake when you design your architect (as my experience):
- Should NOT use Dark theme. Even AWS provide a dark theme icons, it is not suitable to use to make a presentation to customer. I never use it for my presentation however using Dark theme in some event like Hackathon or Company private event is acceptable.
- Avoid using wrong icon. Some AWS Icon look similar together (like EC2 and Container both have orange tone, Network Load Balancer and Application Load Balancer look very similar together). Using wrong icon make customer see that you are not professional.
- Use the same size for all icon in your design and DO NOT resize the ratio of icon (example change from square to rectangle...).
- DO NOT change the original color of the icon.
- Put resource icon in the correct place. For example S3, ECR, SNS, SQS must be placed out site of the VPC; EC2, ECS, Database must be placed inside of the VPC. To ensure that, you must have enough knowledge about service you plan to use.
- Avoid putting every thing in to one diagram. If you want to describe more detail about other aspects of the system like Security, Monitoring, Backup & Restore, just create another diagram.

Step3: Start from some simple architect
When you have read guideline and see some example from Step 2, it's time to start design your own system.

Tip when working with draw.io
Click "More Shaps" -> select "AWS 19" then click [Apply] button.

From now you can easily find and drag & drop needed icon to you diagram like this


Step by step to draw a system design diagram
(1) Start to draw AWS Cloud box from the out site of the system
(2) Select Region then draw region name like "Virginia Region"
(3) Select number of Availability Zone (normally 2-3 zones is OK). In this example, I use 2 zone to make it simple for you. Put the name for availability zones.

(4) Draw VPC. Note: VPC is a resource that cross over Availability Zone, you must draw it above and overlaps all zone.
(5) Draw subnets. There are two main strategy for design networking: 2 subnets and 4 subnets. I prefer to use 4 subnets architect as AWS recommendation. The 4 subnet type architect suitable for almost system on AWS no master it simple or complicated.


(6) Putting all needed resources icons. Make sure you put it in to the right place.
- Application Load Balancer is a cross subnet resource, we put it in the middle of public-subnet-1 and 2.
- Add more resource like Database,  App server, Bastion Server.
NOTE: Make sure you put resource in the right place:
 +Resource must be placed inside VPC: EC2, RDS, ECS, ElastiCache, ELB,...
 +Resource must be placed outside VPC: S3, SNS, SQS, ECR, WAF, Route53,...
- Connect all resource together.

(7) Draw some more external component like Mobile client, Development team

Step 4: Draw Other Diagrams if needed
Using more than 1 diagram to describe difference aspects of you system.
Above diagram basically shown main component of the system. However other aspect like Monitoring, Backup & Restore, Security, CICD has not been described yet.
If we continue to putting those component into the diagram, it will make it difficult to view. Below are some sample system diagrams for the system in other aspect.

Monitoring diagram
Monitoring diagram describe how to collect metrics and monitor components in the system. How alarm is notified to the person-in-charge.

Backup & Restore diagram
A diagram to describe how backup is implemented for each component that need backed-up (like EC2, Database, S3, CloudWatch,...)

Security diagram
A diagram to describe how traffic between client and server or between system's layers are controlled. Any service will be used to enhance the security level of the system.

CICD diagram
Describe how Delivery process is implemented, strategy to deploy in to multi environment.

Conclusion
In this article, I have shown you why System Design is important and how to start design you own System Architect. Hope you will be confident when using design tool to share your idea to everyone.
Of course when you starting to draw somethings, it can be wrong or will not work as you imagined like some services cannot be combined together... By reading AWS document about the service carefully before start, practice more and more in real project will make you able to design a system without big mistake.