Project

Architect

A design tool for cloud architecture — a curated knowledge base, retrieval that refuses to miss the parts that matter, and a language model that drafts the decision records, diagrams, and reports.


Why

Cloud-architecture work is less about writing prose than about not forgetting things. Every review turns on the same questions asked in a particular order — what does this provider require, which compliance regime applies, where does this pattern usually fail — and the cost of missing one is real.

A language model is happy to write a confident architecture document. It is much less reliable about covering the checklist that actually matters, and it will invent a service limit or a security control if you let it. I do this kind of work for a living, and I wanted the tool I kept wishing existed: something that drafts the artifacts, but grounded in a real body of knowledge rather than the model’s memory — so the coverage is guaranteed and the citations are honest.


How it works

The heart of it is a knowledge library — a few hundred curated files across everything a review has to account for: forty-odd vendors, the recurring architecture patterns, a dozen compliance regimes, the well-architected frameworks, and a small collection of real-world failures.

Retrieval runs two ways at once. A rule-based pass loads every file that applies to the active scope, so nothing marked critical for the chosen provider, pattern, or regime can be quietly dropped. A vector search — local embeddings, nothing leaving the machine — runs alongside it for the cross-cutting things a strict rule set would never think to connect. The first guarantees coverage; the second finds what you didn’t know to ask for.

On top of that sits a conversational interface that records decisions as ADRs, tracks the open questions per project, and produces the deliverables: diagrams, styled documents, and PDF reports with a cover page, a table of contents, and the diagrams embedded.

In practice

Say you’re reviewing a healthcare app on AWS. The rule-based pass pulls in the HIPAA controls that aren’t optional — protected data encrypted at rest and in transit, audit logging on, access scoped and reviewed — next to the AWS-specific facts that catch people out, like which services are even covered by Amazon’s Business Associate Addendum and which quietly aren’t. The vector search, meanwhile, surfaces a failure from an unrelated corner — a managed database whose default leaves backups unencrypted — that no HIPAA checklist would have thought to mention. One makes sure the critical-but-obvious never gets skipped; the other catches what you didn’t know to ask.


Under the hood

FastAPI and Python on the back, React on the front, PostgreSQL with pgvector holding the embeddings, WeasyPrint rendering the PDFs, the whole thing running on Kubernetes. It’s built spec-first — the API, the data model, and the behavior written as specs and tests before the code, which is the only way I’ve found to keep a system like this honest as it grows.

A lighter door

There’s a companion for when you don’t want the whole system: the same knowledge library, published as a small MCP server you can point any compatible AI tool at — a tiny package that starts instantly and just exposes the curated checklists. The light path to the same knowledge the full tool leans on.


Links