Purpose

The deployment view shows how the logical architecture maps to real infrastructure, making operational concerns visible: availability zones, network boundaries, scaling groups, and security zones. It is essential for operations teams and capacity planning.

When to Use

Create during beta when infrastructure decisions are being made. Update as the deployment topology evolves. Essential for operations handover and disaster recovery planning.

How to Build

Start with the infrastructure topology: cloud regions, availability zones, VPCs/VNets, subnets, and network boundaries. Show the network segmentation and security zones.

Map each logical component to its deployment target: which container, serverless function, VM, or managed service hosts it. Show the runtime environment (container image, runtime version).

Show load balancers, API gateways, CDNs, and other networking components that route traffic. Include DNS entries and certificate management.

Document scaling configuration: auto-scaling groups, minimum/maximum instances, scaling triggers. Show how the system handles increased load.

Include data stores with their deployment configuration: multi-AZ, read replicas, backup configuration. Show how data is replicated for availability.

Tips

  • Use cloud provider icons/shapes for clarity — AWS, Azure, or GCP architecture diagram conventions.
  • Show network boundaries and security groups to make the security posture visible.
  • Include CI/CD pipeline deployment targets to show how code reaches each environment.
  • Document the differences between environments (dev, staging, production) if significant.
  • Show monitoring and logging infrastructure as part of the deployment view.

Common Mistakes

  • Not showing network boundaries and security zones, hiding the security architecture.
  • Omitting managed services (databases, queues, caches) that are critical infrastructure.
  • Not documenting scaling configuration, making capacity planning impossible.
  • Showing only production — other environments may have different topologies.
  • Not including disaster recovery infrastructure and failover paths.

Government Context

In UK government, deployment views must show compliance with NCSC cloud security principles. They should demonstrate multi-AZ deployment for availability, encryption in transit and at rest, and network segmentation. For services on the PSN (Public Services Network), show the network connectivity. Crown Hosting or approved cloud platforms (AWS, Azure, GCP) should be clearly identified.

Related Artifacts