BMAD-METHOD/expansion-packs/bmad-infrastructure-devops/templates/infrastructure-architecture-tmpl.yaml

# <!-- Powered by BMAD™ Core -->
template:
  id: infrastructure-architecture-template-v2
  name: Infrastructure Architecture
  version: 2.0
  output:
    format: markdown
    filename: docs/infrastructure-architecture.md
    title: "{{project_name}} Infrastructure Architecture"

workflow:
  mode: interactive
  elicitation: advanced-elicitation
  custom_elicitation:
    title: "Infrastructure Architecture Elicitation Actions"
    sections:
      - id: infrastructure-overview
        options:
          - "Multi-Cloud Strategy Analysis - Evaluate cloud provider options and vendor lock-in considerations"
          - "Regional Distribution Planning - Analyze latency requirements and data residency needs"
          - "Environment Isolation Strategy - Design security boundaries and resource segregation"
          - "Scalability Patterns Review - Assess auto-scaling needs and traffic patterns"
          - "Compliance Requirements Analysis - Review regulatory and security compliance needs"
          - "Cost-Benefit Analysis - Compare infrastructure options and TCO"
          - "Proceed to next section"

sections:
  - id: initial-setup
    instruction: |
      Initial Setup

      1. Replace {{project_name}} with the actual project name throughout the document
      2. Gather and review required inputs:
         - Product Requirements Document (PRD) - Required for business needs and scale requirements
         - Main System Architecture - Required for infrastructure dependencies
         - Technical Preferences/Tech Stack Document - Required for technology choices
         - PRD Technical Assumptions - Required for cross-referencing repository and service architecture

      If any required documents are missing, ask user: "I need the following documents to create a comprehensive infrastructure architecture: [list missing]. Would you like to proceed with available information or provide the missing documents first?"

      3. <critical_rule>Cross-reference with PRD Technical Assumptions to ensure infrastructure decisions align with repository and service architecture decisions made in the system architecture.</critical_rule>

      Output file location: `docs/infrastructure-architecture.md`

  - id: infrastructure-overview
    title: Infrastructure Overview
    instruction: |
      Review the product requirements document to understand business needs and scale requirements. Analyze the main system architecture to identify infrastructure dependencies. Document non-functional requirements (performance, scalability, reliability, security). Cross-reference with PRD Technical Assumptions to ensure alignment with repository and service architecture decisions.
    elicit: true
    custom_elicitation: infrastructure-overview
    template: |
      - Cloud Provider(s)
      - Core Services & Resources
      - Regional Architecture
      - Multi-environment Strategy
    examples:
      - |
        - **Cloud Provider:** AWS (primary), with multi-cloud capability for critical services
        - **Core Services:** EKS for container orchestration, RDS for databases, S3 for storage, CloudFront for CDN
        - **Regional Architecture:** Multi-region active-passive with primary in us-east-1, DR in us-west-2
        - **Multi-environment Strategy:** Development, Staging, UAT, Production with identical infrastructure patterns

  - id: iac
    title: Infrastructure as Code (IaC)
    instruction: Define IaC approach based on technical preferences and existing patterns. Consider team expertise, tooling ecosystem, and maintenance requirements.
    template: |
      - Tools & Frameworks
      - Repository Structure
      - State Management
      - Dependency Management

      <critical_rule>All infrastructure must be defined as code. No manual resource creation in production environments.</critical_rule>

  - id: environment-configuration
    title: Environment Configuration
    instruction: Design environment strategy that supports the development workflow while maintaining security and cost efficiency. Reference the Environment Transition Strategy section for promotion details.
    template: |
      - Environment Promotion Strategy
      - Configuration Management
      - Secret Management
      - Feature Flag Integration
    sections:
      - id: environments
        repeatable: true
        title: "{{environment_name}} Environment"
        template: |
          - **Purpose:** {{environment_purpose}}
          - **Resources:** {{environment_resources}}
          - **Access Control:** {{environment_access}}
          - **Data Classification:** {{environment_data_class}}

  - id: environment-transition
    title: Environment Transition Strategy
    instruction: Detail the complete lifecycle of code and configuration changes from development to production. Include governance, testing gates, and rollback procedures.
    template: |
      - Development to Production Pipeline
      - Deployment Stages and Gates
      - Approval Workflows and Authorities
      - Rollback Procedures
      - Change Cadence and Release Windows
      - Environment-Specific Configuration Management

  - id: network-architecture
    title: Network Architecture
    instruction: |
      Design network topology considering security zones, traffic patterns, and compliance requirements. Reference main architecture for service communication patterns.

      Create Mermaid diagram showing:
      - VPC/Network structure
      - Security zones and boundaries
      - Traffic flow patterns
      - Load balancer placement
      - Service mesh topology (if applicable)
    template: |
      - VPC/VNET Design
      - Subnet Strategy
      - Security Groups & NACLs
      - Load Balancers & API Gateways
      - Service Mesh (if applicable)
    sections:
      - id: network-diagram
        type: mermaid
        mermaid_type: graph
        template: |
          graph TB
              subgraph "Production VPC"
                  subgraph "Public Subnets"
                      ALB[Application Load Balancer]
                  end
                  subgraph "Private Subnets"
                      EKS[EKS Cluster]
                      RDS[(RDS Database)]
                  end
              end
              Internet((Internet)) --> ALB
              ALB --> EKS
              EKS --> RDS
      - id: service-mesh
        title: Service Mesh Architecture
        condition: Uses service mesh
        template: |
          - **Mesh Technology:** {{service_mesh_tech}}
          - **Traffic Management:** {{traffic_policies}}
          - **Security Policies:** {{mesh_security}}
          - **Observability Integration:** {{mesh_observability}}

  - id: compute-resources
    title: Compute Resources
    instruction: Select compute strategy based on application architecture (microservices, serverless, monolithic). Consider cost, scalability, and operational complexity.
    template: |
      - Container Strategy
      - Serverless Architecture
      - VM/Instance Configuration
      - Auto-scaling Approach
    sections:
      - id: kubernetes
        title: Kubernetes Architecture
        condition: Uses Kubernetes
        template: |
          - **Cluster Configuration:** {{k8s_cluster_config}}
          - **Node Groups:** {{k8s_node_groups}}
          - **Networking:** {{k8s_networking}}
          - **Storage Classes:** {{k8s_storage}}
          - **Security Policies:** {{k8s_security}}

  - id: data-resources
    title: Data Resources
    instruction: |
      Design data infrastructure based on data architecture from main system design. Consider data volumes, access patterns, compliance, and recovery requirements.

      Create data flow diagram showing:
      - Database topology
      - Replication patterns
      - Backup flows
      - Data migration paths
    template: |
      - Database Deployment Strategy
      - Backup & Recovery
      - Replication & Failover
      - Data Migration Strategy

  - id: security-architecture
    title: Security Architecture
    instruction: Implement defense-in-depth strategy. Reference security requirements from PRD and compliance needs. Consider zero-trust principles where applicable.
    template: |
      - IAM & Authentication
      - Network Security
      - Data Encryption
      - Compliance Controls
      - Security Scanning & Monitoring

      <critical_rule>Apply principle of least privilege for all access controls. Document all security exceptions with business justification.</critical_rule>

  - id: shared-responsibility
    title: Shared Responsibility Model
    instruction: Clearly define boundaries between cloud provider, platform team, development team, and security team responsibilities. This is critical for operational success.
    template: |
      - Cloud Provider Responsibilities
      - Platform Team Responsibilities
      - Development Team Responsibilities
      - Security Team Responsibilities
      - Operational Monitoring Ownership
      - Incident Response Accountability Matrix
    examples:
      - |
        | Component            | Cloud Provider | Platform Team | Dev Team       | Security Team |
        | -------------------- | -------------- | ------------- | -------------- | ------------- |
        | Physical Security    | ✓              | -             | -              | Audit         |
        | Network Security     | Partial        | ✓             | Config         | Audit         |
        | Application Security | -              | Tools         | ✓              | Review        |
        | Data Encryption      | Engine         | Config        | Implementation | Standards     |

  - id: monitoring-observability
    title: Monitoring & Observability
    instruction: Design comprehensive observability strategy covering metrics, logs, traces, and business KPIs. Ensure alignment with SLA/SLO requirements.
    template: |
      - Metrics Collection
      - Logging Strategy
      - Tracing Implementation
      - Alerting & Incident Response
      - Dashboards & Visualization

  - id: cicd-pipeline
    title: CI/CD Pipeline
    instruction: |
      Design deployment pipeline that balances speed with safety. Include progressive deployment strategies and automated quality gates.

      Create pipeline diagram showing:
      - Build stages
      - Test gates
      - Deployment stages
      - Approval points
      - Rollback triggers
    template: |
      - Pipeline Architecture
      - Build Process
      - Deployment Strategy
      - Rollback Procedures
      - Approval Gates
    sections:
      - id: progressive-deployment
        title: Progressive Deployment Strategy
        condition: Uses progressive deployment
        template: |
          - **Canary Deployment:** {{canary_config}}
          - **Blue-Green Deployment:** {{blue_green_config}}
          - **Feature Flags:** {{feature_flag_integration}}
          - **Traffic Splitting:** {{traffic_split_rules}}

  - id: disaster-recovery
    title: Disaster Recovery
    instruction: Design DR strategy based on business continuity requirements. Define clear RTO/RPO targets and ensure they align with business needs.
    template: |
      - Backup Strategy
      - Recovery Procedures
      - RTO & RPO Targets
      - DR Testing Approach

      <critical_rule>DR procedures must be tested at least quarterly. Document test results and improvement actions.</critical_rule>

  - id: cost-optimization
    title: Cost Optimization
    instruction: Balance cost efficiency with performance and reliability requirements. Include both immediate optimizations and long-term strategies.
    template: |
      - Resource Sizing Strategy
      - Reserved Instances/Commitments
      - Cost Monitoring & Reporting
      - Optimization Recommendations

  - id: bmad-integration
    title: BMad Integration Architecture
    instruction: Design infrastructure to specifically support other BMad agents and their workflows. This ensures the infrastructure enables the entire BMad methodology.
    sections:
      - id: dev-agent-support
        title: Development Agent Support
        template: |
          - Container platform for development environments
          - GitOps workflows for application deployment
          - Service mesh integration for development testing
          - Developer self-service platform capabilities
      - id: product-architecture-alignment
        title: Product & Architecture Alignment
        template: |
          - Infrastructure implementing PRD scalability requirements
          - Deployment automation supporting product iteration speed
          - Service reliability meeting product SLAs
          - Architecture patterns properly implemented in infrastructure
      - id: cross-agent-integration
        title: Cross-Agent Integration Points
        template: |
          - CI/CD pipelines supporting Frontend, Backend, and Full Stack development workflows
          - Monitoring and observability data accessible to QA and DevOps agents
          - Infrastructure enabling Design Architect's UI/UX performance requirements
          - Platform supporting Analyst's data collection and analysis needs

  - id: feasibility-review
    title: DevOps/Platform Feasibility Review
    instruction: |
      CRITICAL STEP - Present architectural blueprint summary to DevOps/Platform Engineering Agent for feasibility review. Request specific feedback on:

      - **Operational Complexity:** Are the proposed patterns implementable with current tooling and expertise?
      - **Resource Constraints:** Do infrastructure requirements align with available resources and budgets?
      - **Security Implementation:** Are security patterns achievable with current security toolchain?
      - **Operational Overhead:** Will the proposed architecture create excessive operational burden?
      - **Technology Constraints:** Are selected technologies compatible with existing infrastructure?

      Document all feasibility feedback and concerns raised. Iterate on architectural decisions based on operational constraints and feedback.

      <critical_rule>Address all critical feasibility concerns before proceeding to final architecture documentation. If critical blockers identified, revise architecture before continuing.</critical_rule>
    sections:
      - id: feasibility-results
        title: Feasibility Assessment Results
        template: |
          - **Green Light Items:** {{feasible_items}}
          - **Yellow Light Items:** {{items_needing_adjustment}}
          - **Red Light Items:** {{items_requiring_redesign}}
          - **Mitigation Strategies:** {{mitigation_plans}}

  - id: infrastructure-verification
    title: Infrastructure Verification
    sections:
      - id: validation-framework
        title: Validation Framework
        content: |
          This infrastructure architecture will be validated using the comprehensive `infrastructure-checklist.md`, with particular focus on Section 12: Architecture Documentation Validation. The checklist ensures:

          - Completeness of architecture documentation
          - Consistency with broader system architecture
          - Appropriate level of detail for different stakeholders
          - Clear implementation guidance
          - Future evolution considerations
      - id: validation-process
        title: Validation Process
        content: |
          The architecture documentation validation should be performed:

          - After initial architecture development
          - After significant architecture changes
          - Before major implementation phases
          - During periodic architecture reviews

          The Platform Engineer should use the infrastructure checklist to systematically validate all aspects of this architecture document.

  - id: implementation-handoff
    title: Implementation Handoff
    instruction: Create structured handoff documentation for implementation team. This ensures architecture decisions are properly communicated and implemented.
    sections:
      - id: adrs
        title: Architecture Decision Records (ADRs)
        content: |
          Create ADRs for key infrastructure decisions:

          - Cloud provider selection rationale
          - Container orchestration platform choice
          - Networking architecture decisions
          - Security implementation choices
          - Cost optimization trade-offs
      - id: implementation-validation
        title: Implementation Validation Criteria
        content: |
          Define specific criteria for validating correct implementation:

          - Infrastructure as Code quality gates
          - Security compliance checkpoints
          - Performance benchmarks
          - Cost targets
          - Operational readiness criteria
      - id: knowledge-transfer
        title: Knowledge Transfer Requirements
        template: |
          - Technical documentation for operations team
          - Runbook creation requirements
          - Training needs for platform team
          - Handoff meeting agenda items

  - id: infrastructure-evolution
    title: Infrastructure Evolution
    instruction: Document the long-term vision and evolution path for the infrastructure. Consider technology trends, anticipated growth, and technical debt management.
    template: |
      - Technical Debt Inventory
      - Planned Upgrades and Migrations
      - Deprecation Schedule
      - Technology Roadmap
      - Capacity Planning
      - Scalability Considerations

  - id: app-integration
    title: Integration with Application Architecture
    instruction: Map infrastructure components to application services. Ensure infrastructure design supports application requirements and patterns defined in main architecture.
    template: |
      - Service-to-Infrastructure Mapping
      - Application Dependency Matrix
      - Performance Requirements Implementation
      - Security Requirements Implementation
      - Data Flow to Infrastructure Correlation
      - API Gateway and Service Mesh Integration

  - id: cross-team-collaboration
    title: Cross-Team Collaboration
    instruction: Define clear interfaces and communication patterns between teams. This section is critical for operational success and should include specific touchpoints and escalation paths.
    template: |
      - Platform Engineer and Developer Touchpoints
      - Frontend/Backend Integration Requirements
      - Product Requirements to Infrastructure Mapping
      - Architecture Decision Impact Analysis
      - Design Architect UI/UX Infrastructure Requirements
      - Analyst Research Integration

  - id: change-management
    title: Infrastructure Change Management
    instruction: Define structured process for infrastructure changes. Include risk assessment, testing requirements, and rollback procedures.
    template: |
      - Change Request Process
      - Risk Assessment
      - Testing Strategy
      - Validation Procedures

  - id: final-review
    instruction: Final Review - Ensure all sections are complete and consistent. Verify feasibility review was conducted and all concerns addressed. Apply final validation against infrastructure checklist.
    content: |
      ---

      _Document Version: 1.0_
      _Last Updated: {{current_date}}_
      _Next Review: {{review_date}}_