What is Cloud Architecture Diagramming? | Datadog
What is Cloud Architecture Diagramming? How it Works & Use Cases

applications

What is Cloud Architecture Diagramming? How it Works & Use Cases

Make use of cloud architecture diagrams for collaboration, planning, and a shared view at scale for new architectures, cloud migrations, cost evaluations, and optimizations for existing environments.

on this page

What are cloud architecture diagrams?

Cloud architecture diagrams are visualizations of organizations’ cloud computing services through private or public cloud service providers (CSPs). Like road maps, cloud architecture diagrams use standardized symbols to readily reference and identify cloud-based connections, servers, resources, user groups, and more. Diagramming is essential for planners designing new architectures, DevOps teams mapping out releases and migrations, compliance and security teams auditing access, cloud architects reviewing complex technology stacks, and systems engineers optimizing and scaling infrastructure and environments.

The importance of cloud architecture diagramming

The complexity and dynamic nature of cloud computing and technology stacks makes it difficult for teams to track all resources devoted to an organization’s environment. This information is especially important to distributed teams that desire a complete and detailed picture of the cloud boundary and components.

Cloud architecture diagrams can provide accurate and up-to-date documentation for external and internal audiences. By maintaining diagrams that represent the current state of the cloud architecture, companies can prepare for compliance and security audits. This preparation might involve validating the security of products and services for SOC 2 reports and penetration tests. Diagrams can illustrate the traffic between resources, and they can show the security controls in place. Diagrams are also useful for procurement processes during requests for information and when customers need information about the underlying architecture when determining scalability, performance, and security requirements. For internal audiences, diagrams provide a shared view of cloud architectures to improve communication and collaboration across teams. Diagrams can also help with onboarding by providing a detailed illustration of, and information about, the resources and services, so that new team members understand the overall structure and key components and dependencies of the system.

As environments evolve, resources can become isolated, unused, or over-provisioned, which can have security and cost implications. With cloud architecture diagrams, teams are able to spot resources that might need to be reconfigured or removed. By overlaying performance and cost metrics on top of these views, companies can make informed decisions about how to optimize their designs and plans for future states. Cloud architecture diagrams are also useful for troubleshooting when incidents arise. Architecture diagrams help DevOps, security, and network engineers understand and track the millions of cloud objects and assets that make up an organization’s cloud computing architecture. By illustrating how resources interact and providing live metrics, companies can identify bottlenecks and points of failure, understand dependencies, triangulate the source of an issue, and design improvements to fix performance issues.

The components of cloud architecture diagramming

A cloud architecture diagram is organized by symbols and shapes. Symbols are used to represent defined components, such as gateways, content-delivery networks (CDNs), servers, storage buckets, and load balancers. Components are grouped or enclosed by colored areas and shapes to represent regions, virtual private clouds (VPCs), security groups, subnets, and so on. Lines and arrows indicate relationships between groups or components and represent the flow of information.

Many CSPs, including Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), Oracle Cloud Infrastructure (OCI), Alibaba Cloud, and others have their own architecture design templates.

Automated diagrams versus manually-created diagrams

If an organization’s existing environment is connected to a CSP environment such as AWS or Azure, automated diagramming tools can connect to the CSP to produce a real-time architecture diagram. One such tool is Cloudcraft from Datadog.

At the scale where organizations operate, automated cloud architecture diagramming is becoming a necessity. With the Cloudcraft platform, an automated diagram’s output can be filtered dynamically including specific resources, regions, connectivity, and access groups. Clickable symbols and shapes within the diagram can present configuration details, live performance metrics, and cost-analysis information. For example, clicking on a resource shows CSP costs associated with connectivity, storage, servers, and other components. Automated diagrams and their information can also be exported, saved, and distributed to individuals or teams. Among the more important benefits of using automated charting tools is that the diagram represents an accurate picture of the cloud architecture as needed.

There are cases where manual diagramming might be more suitable. For example, planning a new architecture, building an architecture on top of an existing structure, or planning a migration. These diagrams can be as detailed as needed, and they can be manually kept accurate until they are no longer needed, or they can be replaced with automation.

Scenarios for cloud architecture diagrams

Some of the more specific uses for cloud architecture diagrams come from services and teams such as DevOps, but these tools can also be used to provide previews of network operations and security requirements.

Note: Datadog offers specific tools and platforms for network operations and cloud security management that have their own detailed diagramming features. For more information refer to Datadog Network Traffic Visualization and Datadog Cloud Security Management.

  1. DevOps. Cloud architecture diagrams are vital for DevOps teams to maintain a high-level view and knowledge of their cloud environments and those environments’ connectivity with organizations’ infrastructures. A diagram is vital for understanding resource allocation and troubleshooting issues.

  2. Networking. Network operations must be able to consult and review cloud architecture in conjunction with the network infrastructure for an organization. A cloud architecture diagram illustrates VPCs, load balancers, CDN connections, network accounts, and the flow of information from one location to the next. A diagram can be useful to understand network traffic patterns and resolve bottlenecks. While cloud architecture diagrams serve as a starting point, they’re best used with a network monitoring solution to deepen investigations.

  3. Security. A cloud architecture diagram is useful for security teams to recognize, trace, and verify account and user access throughout the cloud computing surface. An automated diagram connected to a CSP can provide information on services and access rules, and it can help pinpoint unused accounts and isolated or abandoned servers. Using cloud architecture diagrams helps teams review and minimize security risks to their organizations’ infrastructures. For more in-depth security information, organizations may want to supplement cloud architecture diagrams with a dedicated cloud security management solution.

Industry changes and challenges with cloud architecture diagramming

Several shifts across the industry are influencing the usefulness of cloud architecture diagrams. Many of these shifts reflect changes in computing platforms and greater demands placed on IT infrastructure.

  1. Multicloud and hybrid cloud adoption: Organizations are increasingly using multiple cloud providers or combining public and private clouds. This reality requires more complex diagrams to represent diverse environments and integrations.

  2. Microservices and containerization: The shift towards microservices and containerized applications has added new layers to cloud architecture diagrams. These diagrams now need to show how microservices interact and scale.

  3. FinOps and the costs of cloud computing: Cloud computing costs greatly figure into new architecture proposals and expansions. FinOps teams can perform their budgetary analyses with greater acuity though cloud architecture diagramming of proposed changes and costs. To help teams plan, manage, and communicate their cloud strategies, cloud architecture diagrams must become more dynamic and detailed.

As the size and complexity of IT architectures increases, organizations might find they have too many resources across different teams to consistently track, or they might even have resources that might have been forgotten. Manually creating cloud architecture diagrams is a time-consuming process that requires collecting information on thousands of resources, connectivity, and access groups and then diagramming those components with charting tools. A manually created cloud architecture diagram must be continuously updated and refreshed, and it must be consistently distributed to all the people and teams who require that information.

In some cases, information about cloud service resources can be obtained through the CSP’s dashboard or console. However, switching back and forth from a dashboard screen to diagramming software can lead to a lack of context continuity and a fragmented view. As stated before, any change to the environment also requires an update of the current diagram to keep the information from becoming outdated.

Costs for resources cannot be readily kept up to date while maintaining a manually created cloud architecture diagram. Cloud service pricing for resources depends on fluctuating scales of usage, maintenance, electricity, and cooling costs. Trying to keep a diagram current regarding costs can be an exercise in frustration.

Features and solutions for cloud architecture diagramming

Important features and solutions to consider for cloud architecture diagramming include:

  1. Automated diagramming: A cloud architecture diagramming tool should securely connect to your cloud provider with minimal access to automatically generate diagrams. The auto-generated layout needs to be well-organized and intuitive for all user groups.

  2. Flexible editing: Region, resource, and tag filters offer a dynamic way to tailor your diagram to your needs. This can be accelerated by preset views that apply different groupings and filters to your diagram based on best practices. When planning changes, it’s important to be able to add, remove, or move resources and the diagramming tool should have a wide library of standard icons.

  3. Budget information: Cost information at an aggregate and resource level enables informed decisions. Costing should be included during the design process so adjustments can be made dynamically to test different scenarios. Cost information can help with forecasting, reporting, and cost optimization.

  4. Configuration details and live metrics: Diagrams should provide detailed information about how resources are configured and their performance. A diagram should be able to adjust from a high-level overview to a detailed view of a specific resource, providing key context when troubleshooting.

  5. Collaboration tools: To facilitate collaboration, tools should allow multiple users to simultaneously edit a diagram. Diagrams can be exported as static files to provide a general use snapshot, while live links ensure everyone is working off the latest version. Embedding views within documentation tools can increase visibility and convenience by putting those views into existing workflows.

  6. Version history: Version history is vital for tracking changes made to diagrams, which are useful for reviewing updates or restoring past versions. This capability is helpful when multiple people are working on a design to determine who made changes and when.

  7. APIs and SDKs: APIs and SDKs enable you to programmatically create, edit, and update diagrams while also allowing for integration into continuous integration/continuous delivery (CI/CD) pipelines to generate snapshots of pre- and post-deployment diagrams.

Cloudcraft by Datadog contains several important features for teams interested in automated cloud architecture diagrams:

  1. Optimized for AWS and Azure, Cloudcraft can generate real-time diagrams for these CSPs.

  2. Manage costs through refactoring architecture and view resulting cost estimates in the diagram.

  3. Export and share architecture documentation for synchronized collaboration among teams, even users not connected to Cloudcraft.

  4. Filter diagrams by resource type or tags for granular visibility.

Additionally, enhancements to Cloudcraft add support for new architecture objects and new ways to navigate between Cloudcraft diagrams and various Datadog monitoring tools. For more information, see the Cloudcraft by Datadog web page.

Related Content

Learn about Datadog at your own pace with these on-demand resources.

solutions/201909-new/solutionsbriefs_hybridcloud_web_final_2880x1000

solutions

Hybrid Cloud Monitoring
Read More
/blog/cloud-architecture-diagrams-cost-compliance-cloudcraft-datadog/cloudcraft-hero

BLOG

Plan new architectures and track your cloud footprint with Cloudcraft by Datadog
Read More
/blog/cloud-network-monitoring-datadog/npm-cloud-tips-hero

BLOG

Monitor your cloud architecture and app dependencies with Datadog NPM
Read More
Get free unlimited monitoring for 14 days