Cloud Architect Assessment Framework
Cloud architect is one of the most expensive hires in Indian IT staffing — and one of the easiest to get wrong. A real cloud architect designs for cost, security, scale, and operational simplicity simultaneously. A fake one designs reference architectures from cloud-vendor blog posts and never operates them. This guide focuses on testable signal, not credentials.
Key skills
Must-have
Multi-account / multi-region experience
Has designed cloud setups beyond single-account, single-region. Knows AWS Organizations / GCP folders / Azure management groups.
Production-grade IAM
Has designed real IAM policies, role assumption flows, cross-account access. Not just "I gave the team admin."
Cost awareness
Has reviewed real cloud bills. Knows the top 5 cost drivers in their workloads. Has executed at least one major cost reduction.
Networking depth
VPC design, subnetting, peering, transit gateways/VPN, private endpoints. Not just "I clicked the wizard."
Nice-to-have
Multi-cloud experience
Some clients want AWS+Azure or AWS+GCP. Premium for true multi-cloud architects.
Compliance background
SOC2, ISO 27001, PCI, HIPAA. Reduces ramp on regulated workloads.
Migration experience
Lift-and-shift, refactor, rebuild — has owned at least one large migration.
Hands-on coding
Architects who code (Python, Go, occasional Java) consistently produce better designs than pure-PowerPoint architects.
Interview questions (7)
Walk me through a cloud architecture you designed end-to-end. What were the requirements, the trade-offs, and the operational outcomes?
What to listen for
Specific design + specific trade-offs + specific operational metrics (cost, uptime, deployment velocity). PowerPoint-only architects fail this.
A team is spending $50K/month on AWS. Walk me through how you would identify cost reduction opportunities.
What to listen for
Cost Explorer, Trusted Advisor, RI/Savings Plans, idle resources, S3 lifecycle, RDS rightsizing. Specific levers, not "we would optimize."
How do you design IAM for a 50-engineer team across 5 environments?
What to listen for
Identity federation, role-based access, least privilege, service control policies. Not "everyone gets PowerUser."
Describe a security incident in the cloud you have responded to.
What to listen for
Specific incident, blast radius, response, prevention. Cloud architects who claim they have never seen one are inexperienced.
How do you decide between RDS, Aurora, DynamoDB, and self-managed PostgreSQL on EC2?
What to listen for
Workload characteristics (read/write ratio, scaling, ops capacity, cost). Real trade-off conversation.
Walk me through your disaster recovery design for a critical workload.
What to listen for
RPO, RTO, multi-region, failover testing cadence. Has actually tested DR, not just designed it.
What is one cloud anti-pattern you see frequently and why is it wrong?
What to listen for
Specific anti-pattern (e.g., "treating VPCs as security boundary instead of IAM"). Reveals depth.
Evaluation rubric
Score each candidate against these weighted criteria. Total: 100%.
| Criterion | Weight | Signal |
|---|---|---|
| Production architecture experience | 30% | Has designed and operated real architectures, not just diagrams. |
| IAM + security design | 20% | Real IAM design experience. Awareness of common cloud security pitfalls. |
| Cost discipline | 20% | Has reviewed bills and executed cost reductions. Can name top cost drivers. |
| Networking + connectivity | 15% | Has designed VPC topology beyond defaults. Knows hybrid/on-prem patterns. |
| Operational mindset | 15% | Designs for day-2 operations, not just day-0 deployment. |
Red flags
Architecture diagrams only — has never operated what they designed
Cannot describe a real cost optimization they executed
Has never responded to a real cloud security incident
Believes "cloud-native" means "use every AWS service we can"
Is hostile to multi-cloud or disagrees on dogma rather than trade-offs
Apply this rubric automatically with CVPRO
Upload Cloud Architect CVs and let AI score every candidate against the same 42-point evidence rubric.
Try CVPRO Free