Architectural decision guides

The Cloud Adoption Framework's architectural decision guides describe patterns and models that can help you create your own cloud governance design. Each decision guide focuses on one core infrastructure component of cloud deployments and lists patterns and models that can support specific cloud deployment scenarios.

Actionable governance journeys provide a baseline roadmap for you to establish cloud governance for your organization. These journeys make assumptions about requirements and priorities. Your organization's situation can be different than the ones described in the governance journeys.

Architectural decision guides help you navigate these potential differences. Each guide supplements the sample governance journeys by providing alternate patterns and models, which can help you align the architectural design choices in the examples with the requirements your specific situation.

Decision guidance categories

The following architectural decision guides cover foundational technology components for all cloud deployments. Use these guides along with the cloud governance example journeys to choose a solution that suits your organization's unique needs.

Subscriptions: Design your cloud deployment's subscription design and account structure to meet your organization's ownership, billing, and management capabilities.

Identity: Integrate cloud-based identity services with your organization's identity resources to manage control and authorization within your IT environment.

Policy enforcement: Define and enforce policy rules that align with your organization's governance requirements for cloud-deployed resources and workloads.

Resource consistency: Ensure that the deployment and organization of your cloud-based resources enforce your organization's resource management and policy requirements.

Resource tagging: Organize your cloud-based resources to optimize resource utilization and cost, and to support your organization's billing models, cloud accounting approaches, and management. Resource tagging requires consistent and well-organized naming and metadata practices.

Software Defined Networking: Use rapid deployment along with modification of virtualized networking capabilities to deploy secure workloads to the cloud. Software-defined networks can support agile workflows, isolate resources, and integrate cloud-based systems with your organization's existing IT infrastructure.

Encryption: Secure your sensitive data using encryption that meets your organization's compliance and security policy requirements.

Logging and reporting: Monitor log data generated by your organization's cloud-based resources. Analyzing log data provides insights into the health of operations, maintenance, and workload compliance status.

Next steps

Learn how subscriptions and accounts form the base foundation of a cloud deployment.