Skip to content

Cloud Architecture Checklist

For each topic, need to answer to : What ? Why ? How ?

Integration

  • App datas flow :
    • From / to
    • Who initiate the connectivity ?
  • "In App" Users :
    • Users provisionnning & management (= users I/O)
    • Authentication management (IdP, delegation)
  • Process & tools for the developers (code repo, tools, CI, CD, CM...)
  • Process & tools for the ops (monitoring / CM, backup, enforced / desired configuration...)
  • Others relationship to on-premise / other apps

Security

App-level security

  • Code security
  • 3rd parties lib security
  • Security in DevOps

Cloud setup & run Users

  • Access, rights / roles, limits
  • Policies

Encryption

  • datas in compute
  • datas in transit
  • datas at rest

Key Management

  • Key Vault
  • Managed identities / SPN to access to Key Vault
  • Least privileges on these identities ?

Environments & Network => identify & protect endpoints

  • Workload isolation
  • env management
  • Public endpoint filtering / access
  • Layer 7 filtering (WAF...)
  • Layer 3/4 filtering
  • Network link with on-premise / other networks

Performances & Availability

  • Performance management :
    • Objectives on performance :
      • Right-sizing / Pricing tier
      • CDN
      • Multi-region...
      • Network bandwith :
        • App requests (either from UI or API)
          • average page size
          • peak time : load, length
          • ...
        • DB transactions
        • Messaging requests
        • Authentication requests
      • Network latency
    • Cloud pattern & Anti-pattern
  • Availability, Business Continuity / Disaster Recovery (BC/DR) management
    • SLA on uptime :
      • High Availability (HA) management
      • Reducing the downtime
    • Definition of RPO & RTO
    • Multi-region / multi-sites deployment (even global deployment)
    • Backup & restore policies (targeting the RPO)
    • Network availability

Governance

  • Organization :
    • Impact on people overall
    • Impact on specific teams (delivery) - skill debts
    • Impact on processes
    • Impact on culture
  • Timeline
  • Work-load / FTE / People for delivery (any WBS ?)
  • Any organization constraints (hybrid, reversibility...)
  • Definition of the Azure provider (direct, through SI ?)
  • Billing consideration / chargeback requirements
  • Licencing management
  • Costing & optimization :
    • Public pricing
    • RIs
    • scaling (up/down, in/out)
    • auto-shutdown / auto-start
    • Engineering on SLA
    • Right-sizing
    • Right-region / Compliance and regulatory requirements