Architectural decision guides

The architectural decision guides in the Cloud Adoption Framework describe patterns and models that help when creating cloud governance design guidance. Each decision guide focuses on one core infrastructure component of cloud deployments and lists patterns and models that can support specific cloud deployment scenarios.

When you begin to establish cloud governance for your organization, actionable governance journeys provide a baseline roadmap. These journeys make assumptions about requirements and priorities that might not reflect those of your organization.

These decision guides supplement the sample governance journeys by providing alternative patterns and models that help you align the architectural design choices made in the example design guidance with your own requirements.

Decision guidance categories

The following categories represent foundational technologies for all cloud deployments. The sample governance journeys make design decisions related to these technologies based on the needs of example businesses, and some of these decisions might not match your organization's needs. The following sections discuss alternative options for each category, allowing you to choose a pattern or model better suited to your requirements.

Subscriptions: Plan your cloud deployment's subscription design and account structure to match your organization's ownership, billing, and management capabilities.

Identity: Integrate cloud-based identity services with your existing identity resources to support authorization and access control within your IT environment.

Policy enforcement: Define and enforce organizational policy rules for cloud-deployed resources and workloads that align with your governance requirements.

Resource consistency: Ensure that deployment and organization of your cloud-based resources align to enforce resource management and policy requirements.

Resource tagging: Organize your cloud-based resources to support billing models, cloud accounting approaches, management, and to optimize resource utilization and cost. Resource tagging requires a consistent and well-organized naming and metadata scheme.

Software Defined Networking: Deploy secure workloads to the cloud using rapid deployment and modification of virtualized networking capabilities. Software-defined networks can support agile workflows, isolate resources, and integrate cloud-based systems with your existing IT infrastructure.

Encryption: Secure your sensitive data using encryption to align with your organization's compliance and security policy requirements.

Logging and reporting: Monitor log data generated by cloud-based resources. Analyzing data provides health-related insights into the operations, maintenance, and compliance status of workloads.

Next steps

Learn how subscriptions and accounts serve as the base of a cloud deployment.