Architecture Documentation
Start here to understand how Loan Defenders is built and deployed.
🎯 Start Here (New to the Project?)
Read in this order:
- System Architecture - Multi-agent loan processing overview
- Azure Deployment Architecture - 4-layer Azure deployment
- Architecture Decisions - Why we made key choices
- Start with: ADR-041 (4-layer), ADR-049 (ACI), ADR-050 (Bastion)
- Complete ADR Index - All 61 architecture decisions
📚 Core Architecture
| Document | Description |
|---|---|
| System Architecture | Multi-agent loan processing system |
| MCP Servers | Tool servers (verification, documents, calculations) |
| Data Models | Pydantic business models |
| Orchestration | Agent coordination and workflow |
| Observability | Logging, tracing, monitoring with OpenTelemetry |
| Security | Zero Trust, RBAC, secrets management |
☁️ Deployment & Infrastructure
| Document | Description |
|---|---|
| Azure Deployment | 4-layer deployment: Foundation, Substrate, AI Models, Apps |
| 4-Layer Cake | Visual guide to deployment layers |
| Network Architecture | VNet, subnets, NSGs, private endpoints |
| Azure Authentication | Managed Identity, RBAC, service principals |
| Bastion VM Configuration | Developer access via Azure Bastion |
| Observability | Application Insights, logging, monitoring |
🔒 Security
| Document | Description |
|---|---|
| Security | Platform-wide security: Zero Trust, RBAC, secrets |
| AI Security | AI-specific: guard rails, prompt injection, testing |
| MCP Deployment Security | MCP server security: OAuth2, network isolation |
Key Security ADRs: - ADR-047: Layer-Specific RBAC - ADR-038: Service Principal Least Privilege
📖 Related Documentation
- Getting Started - Local, Docker, Azure deployment
- Deployment Guides - Step-by-step infrastructure setup
- Product Guide - Business context and user experience
Last Updated: 2025-11-28
Maintained By: Architecture Team
Review Cycle: After major architectural changes