AWS Well-Architected Framework Available in Upwind

Continuous Compliance for Cloud Security Teams

The AWS Well-Architected Framework is now available in Upwind. The framework helps organizations evaluate architectural decisions and align workloads with AWS best practices across 6 pillars: Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability.

The Well-Architected Framework was designed by AWS as a consistent way for teams to evaluate their cloud workloads against proven architectural best practices. Organizations use it to identify risks early, reduce technical debt, and make more informed decisions about how their infrastructure is built and maintained.

By bringing this framework into Upwind, customers can continuously assess cloud environments against architectural best practices, better understand architectural gaps, and prioritize improvements directly within their security posture workflows.

What’s Included in Upwind?

You get full visibility into AWS Well-Architected categories, controls, compliance status, finding severity, and impacted assets, all inside Upwind’s Configurations module. 

Compliance scores per control. View the percentage of scanned resources compliant with a control, the number of compliant vs. non-compliant assets, and a breakdown of the severity of findings generated by the controls (e.g., High, Critical, and Other). 

Control-level detail. To learn more about a specific control or investigate specific issues you can click into any control to access greater detail, such as when a violation was last detected, its severity, and its risk category.

Compliance trends over time. The statistics tab shows whether you’re improving or drifting on any given control. Users can select a time frame and toggle compliance types to better match requirements. 

Violating controls. View related controls from the AWS Well-Architected Framework or others, such as NIST CSF, DORA, PCI-DSS and more, along with their respective compliance status.

Control status. Analyze your compliance status for a specific control. View counts and percentages of compliant vs non-compliant assets, and filter on non-compliant assets to investigate further. 

Finding Details. Evaluate the risk of specific security aspects for a given resource type. Findings explain why a resource is non-compliant by identifying the specific configuration leading to a security risk. 

Remediation guidance. Learn how to resolve your security issues and bring your environment into compliance with the control. Step-by-step guidance per asset type is provided. Pick the remediation method that works for your environment.

Who Benefits from Access to this Framework?

Security and platform teams get a continuously updated view of where their AWS environment stands against an AWS-authored benchmark, without waiting for a manual review cycle.

For security engineers, it means architectural gaps and security findings live in the same place. No switching tools to cross-reference a Well-Architected violation with an active misconfiguration.

For CISOs and security leaders, the framework provides a credible, structured way to report on architectural risk to leadership. Here’s where we stand, here’s what we’ve fixed, here’s what’s still open.

Upwind and AWS

Upwind is an AWS Security Competency partner, supports 100+ integrations with AWS services, and is one of a select few vendors on AWS Security Hub Extended, meaning your Well-Architected findings sit inside a broader AWS security ecosystem that’s deeply integrated with how Upwind works.

To learn more about our AWS partnership, visit our AWS partner page. 

Or read about how Upwind is one of the select few vendors that’s integrated into AWS Security Hub Extended.