Why Architecture Decisions Compound

In software, architectural decisions are the ones that are costly to reverse. Choosing the wrong tenancy model, skipping event sourcing in an audit-critical domain, or building a synchronous monolith when you need real-time features — these are decisions whose consequences compound monthly. We have seen organisations spend 6–12 months re-architecting products because of decisions made in week one. This checklist is what we work through with every client before writing a line of application code.

Data Architecture (Decisions 1–6)

1. Tenancy model: Single database + row-level security, schema-per-tenant, or database-per-tenant? Each has different isolation, compliance, cost, and operational implications. 2. Data residency: Do you have legal requirements about where data is stored? GDPR, HIPAA, and country-specific data sovereignty laws may constrain your cloud region choices. 3. Event sourcing vs state: For audit-critical domains, do you need an immutable event log? 4. Read model separation: Will you use CQRS to separate read and write models? 5. Analytics store: Will OLTP queries serve your analytics needs, or do you need a separate data warehouse? 6. Soft delete vs hard delete: What happens to related data when a user or tenant is deleted?

API Design (Decisions 7–10)

7. REST vs GraphQL vs tRPC: REST for simplicity and cacheability; GraphQL for complex, deeply nested queries from multiple clients; tRPC for type-safe TypeScript monorepos. 8. Versioning strategy: URL path (/v1/, /v2/) vs header-based versioning from day one — retrofitting is painful. 9. Authentication: JWT stateless tokens vs opaque tokens + server-side sessions — understand the security trade-offs. 10. Rate limiting: Per-user, per-tenant, or per-endpoint? Where does the limit state live (Redis)?

Infrastructure (Decisions 11–15)

11. Compute model: EC2/ECS long-running containers vs Lambda serverless? Consider cold-starts, execution duration limits, and pricing at scale. 12. Deployment model: Blue-green, canary, or feature-flag-based releases? Blue-green is simplest for zero-downtime. 13. Queue infrastructure: Redis/SQS/RabbitMQ — consider ordering guarantees, dead letter queues, and retry semantics. 14. File storage: S3-compatible object storage with CDN from day one — never store files on application servers. 15. Secrets management: AWS Secrets Manager or HashiCorp Vault — never in environment variables committed to version control.

Observability & Compliance (Decisions 16–18)

16. Logging strategy: Structured JSON logs from day one. Where do they go? CloudWatch, Datadog, Grafana Loki? 17. Compliance scope: Identify compliance requirements (SOC 2, HIPAA, GDPR) before the first line of application code — not at audit time. 18. Incident response: On-call rotation, runbooks, and escalation paths should be defined before go-live, not after the first 3am incident.