π Architecture Compliance & Required Documentation¶
Aligned with Azure Well-Architected Framework
This document defines the mandatory and optional documentation artifacts, architectural controls, and technical standards required for all solutions deployed on Azure.
It applies to: - APIs - Microservices - Workers / Jobs - Gateways - Platforms - Infrastructure components
This document acts as: - Architecture governance baseline - Release gate - Audit and compliance reference
π Compliance Legend (Mandatory at Project Start)¶
All requirements in this document are classified using the following indicators. Every item is aligned to one or more Azure Well-Architected Framework pillars.
| Indicator | Meaning |
|---|---|
| β | Mandatory (release blocker if missing) |
| βπ‘οΈ | Mandatory by international or security standards |
| βπ | Mandatory by internal best practices |
| βπ | Mandatory for security reasons |
| ββ οΈ | Conditional (architecture, workload, or context-based) |
| β | Recommended (non-blocking) |
| π€βοΈ | Team or product decision |
ποΈ Azure Well-Architected Pillars Mapping¶
| Pillar | Primary Audience | Focus |
|---|---|---|
| Reliability | SysOps / SRE | Availability, resilience, recovery |
| Security | SecOps / DevSecOps | Identity, secrets, compliance |
| Cost Optimization | FinOps | Cost control, efficiency |
| Operational Excellence | DevOps / Platform | CI/CD, automation, governance |
| Performance Efficiency | Developers | Code quality, performance |
β Architecture Compliance Checklist¶
This checklist defines the minimum mandatory controls per Azure Well-Architected pillar.
β If a mandatory (β) control is not met, the solution must not be released.
π Cross-Cutting Required Documentation¶
These artifacts are required regardless of workload type.
π§βπ» Technical Documentation β Developers¶
- βπ API documentation (OpenAPI / Swagger)
- βπ Technical README (Markdown)
- π€βοΈ Project-specific development guidelines
𧩠Functional Documentation¶
- β Process flow diagrams
- β UML diagrams (when applicable)
- β Documentation portal (public or private, depending on context)
π Management Documentation β Product / SCRUM¶
- βπ Documented user stories
- βπ Acceptance criteria defined
- π€βοΈ Roadmap and prioritized backlog
π Reliability β SysOps / SRE¶
| Obligation | Control |
|---|---|
| β | Services deployed across at least two zones or regions |
| β | Health checks and readiness/liveness probes |
| β | Automated backups with tested restore procedures |
| βπ | Documented Disaster Recovery (DR) plan |
| βπ | SLIs, SLOs, and SLAs defined |
| β | Critical alerts configured and validated |
| βπ | Incident response runbooks available |
π Security β SecOps / DevSecOps¶
| Obligation | Control |
|---|---|
| βπ | Centralized authentication (SSO / IAM) |
| βπ | Least privilege access enforced |
| βπ | Secrets stored in secure vault (e.g., Azure Key Vault) |
| βπ‘οΈ | SAST integrated into CI pipelines |
| ββ οΈ | DAST enabled when workload requires it |
| βπ‘οΈ | Dependency and container image scanning |
| β | Compliance with corporate security policies |
π° Cost Optimization β FinOps¶
| Obligation | Control |
|---|---|
| β | Budgets and cost alerts configured |
| βπ | Resources tagged according to cost governance standards |
| β | Automatic shutdown of non-production environments |
| ββ οΈ | Savings plans or reservations evaluated |
| βπ | Periodic cost reviews documented |
| β | Cost metrics visible to delivery teams |
βοΈ Operational Excellence β DevOps / Platform¶
| Obligation | Control |
|---|---|
| β | CI/CD pipelines defined and versioned as code |
| β | Infrastructure defined as Code (IaC) |
| β | Automated deployments enabled |
| βπ | Rollback strategy documented or automated |
| β | Artifacts versioned and traceable |
| β | Environment parity (dev / qa / prod) |
| β | Observability, logging, and monitoring integrated |
π Performance & Quality β Developers¶
| Obligation | Control |
|---|---|
| βπ | Coding standards defined and enforced |
| β | Minimum automated test coverage met |
| βπ‘οΈ | Quality gates configured (SonarQube or equivalent) |
| β | Performance and load analysis |
| β | Proper error and exception handling |
| βπ | Minimum technical documentation available |
π Final Notes¶
- Applies to new developments
- Applies to major architectural or functional changes
- Must be reviewed on every release
π« Non-compliance blocks the release.