Please enable JavaScript.
Coggle requires JavaScript to display documents.
Architectural Design Record - Coggle Diagram
Architectural Design Record
What is an ADR?
Structured way of recording decisions that are made related to design
Helps record historical decisions, spread the tribal knowledge (ex. wtbts.net)
Answers the why?
Makes the information accessible in a centralized location
Helps assist with training new members
When Israelites crossed into the promised land, they would erect piles of rocks, for future generations
help learn from past mistakes
Captures the consequences of the decision, both positive and negative
Capture the rationale of a decision, and sets guardrails for future decisions
Not a support document, troubleshooting guide, or a how-to
ADR should reflect reality, not intention
Design principles are not ADR's
Where are these?
Write clearly, simply and quickly
Better to get something published that agonize over wording
What do we want?
New
Public client flow: What is acceptable config?
Customizing claims for service principles (contingent on what is allowed from the Azure api's)
Using Terraform to configure Entra, and Gitlab CI to deploy changes (rather than manual changes)
Password policies (complexity and expiration)
Elevation of Admin Access
JEA/JIT
PIM
Record preference for OIDC over SAML, but we will still allow SAML
Secret rotation (related to admin access?)
How do we enable app registration development for service owners?
Do we allow pre-production app registrations in the production tenant?
ADR for decision to migrate Entra to cloud auth (remove trust with ADFS)
Use groups for granting access (as opposed to access directly assigned to users)
Capture decisions we have stuck to > User permissions vs Application Permissions