| IAM, who and what is authenticating, how and what permissions will it have. What data is coming into your system and it’s variety, velocity and volume. Do you really need NoSQL, probably not. Do you really need that ORM and all the schema, migrations and ops to go with it, known the pros and cons. Are your boundaries defined well? Networking, firewalls etc? Are or do they need to be identity aware? Are you logging what you need to log, where you need to log it and do the right people have access to it? Maybe metrics are really what you need. What’s the dev story like? Can I run things locally or easily without spending days recreating an environment? IAC is one thing, but debugging some Python locally vs deploying and print statements sucks. Have a good readme and leave the repo better than you found it. Tackle the hard problems first, then create reproducible developer story, then hand it off to someone Jr. so they can do the grunt work and you can help them out in a jiff. CI/CD, incrementally improve it over time and don’t spend time boiling the ocean here. A simple bash script to deploy may suffice for an SRE to take it to the next step as IAC or to drop it into some CI tool. Apply the practice of least privilege from the very start. KISS, if what you are building is too confusing, it’s because you need to spend more time writing about it vs actually writing it. |