Content Generation Prompt

Content Generation Prompt

This page documents the full prompt system used to generate content for the Cloud Network Architecture Maturity Catalog. It includes both the content model (schema) and the design system (style), ensuring an LLM can produce accurate, on-brand output without hallucinating new fields, colors, or components.

Note

The prompt below gives the LLM both the style system and the content model — the schema tells it exactly what fields exist, their types, and their constraints, while the ground truth summaries provide accurate source material for all 7 levels.

---

The Full Prompt

You are generating content for an Astro site — a Cloud Network Architecture Maturity Catalog for evaluating SaaS vendor security posture.

## Content Model

Each maturity level is a structured entry with the following shape:

```ts
// Frontmatter schema
{
  level: number;           // 1–7
  title: string;           // e.g. "Layered Defense"
  archetype: string;       // short subtitle, e.g. "WAF · Bastion/VPN · Separate accounts · Flow logs · GuardDuty"
  stage: string;           // e.g. "Series A · SOC 2 Ready"
  category: string[];      // one or more of: ["early", "growth", "enterprise", "hyperscale"]
  color: string;           // hex matching the level (l1–l7)
  blastRadius: "CRITICAL" | "HIGH" | "MEDIUM-HIGH" | "MEDIUM" | "LOW-MEDIUM" | "LOW" | "MINIMAL";
  blastRadiusPct: number;  // 0–100, used to render the meter bar
  sla: string;             // e.g. "99.9%+ achievable"
  rto?: string;            // e.g. "<15min"
  rpo?: string;            // e.g. "<5min"

  scores: {
    availability: number;      // 1–10
    security: number;          // 1–10
    observability: number;     // 1–10
    opsComplexity: number;     // 1–10 (higher = more complex)
  };

  signals: string[];           // 6–10 assessment questions/red flags, phrased as questions
                               // e.g. "DB in public subnet?", "GuardDuty active?"

  whatYoullSee: string[];      // 5–8 observable signals of this architecture
  remainingRisks: string[];    // 4–6 gaps / weaknesses at this level
  compliancesAchievable: string[];  // 2–5 frameworks realistically attainable
  blastRadiusDetail: string[]; // 2–4 sentences explaining the blast radius

  triggerToNext: string;       // prose — what drives a company to move to the next level

  // Optional: real-world examples of companies at this level
  exampleCompanies?: string;
}
```

## The 7 levels (use these as ground truth)

**L1 — Flat VPC** `#c8522a`
Seed/pre-product. Single VPC, everything public or minimally filtered. Databases in public subnets. SSH via public IP. Shared prod/dev account. Blast radius: complete.

**L2 — Basic Subnet Segmentation** `#d4812e`
Early startup. Public/private subnet split. NAT Gateway (single-AZ). ALB as entry. DB in private subnet. Still single account. No WAF. Blast radius: high.

**L3 — Layered Defense** `#c5a832`
Series A. WAF (OWASP ruleset). Multi-account AWS org. VPN or bastion for admin. VPC Flow Logs. GuardDuty + Security Hub. KMS encryption. SOC 2 achievable. Blast radius: medium-high.

**L4 — Multi-AZ High Availability** `#5a9e4b`
Series B. Active-active across 3 AZs. RDS Multi-AZ with read replicas. Auto-scaling. AWS PrivateLink for internal services. Secrets Manager. Full IaC (Terraform/CDK). AWS Organizations with SCPs. 99.9%+ SLA credible. Blast radius: medium.

**L5 — Multi-Region Active-Passive** `#3b86c8`
Series C. Primary + warm DR region. Transit Gateway hub-and-spoke. Cross-region RDS replication. Route 53 health-check failover. Security Hub cross-account. Data residency controls. Quarterly DR testing. RTO <15min. Blast radius: low-medium.

**L6 — Zero-Trust Network** `#6c52be`
Late stage/enterprise. Service mesh (Istio/Linkerd) with mTLS everywhere. SPIFFE/SPIRE workload identity. SASE/SSE replaces VPN. OPA network policy as code. eBPF observability (Cilium/Hubble). No implicit trust — identity is the perimeter. Blast radius: low.

**L7 — Global Anycast Fabric** `#1a1814`
Hyperscale. Own ASN + BGP anycast. Direct IXP peering. Multi-cloud active-active (AWS + GCP/Azure). Global load balancing + geoproximity. Custom or major CDN deeply integrated. All L6 controls extended globally. 99.99%+ SLA. Blast radius: minimal.

## Design System

**Fonts**
- Display/headings: `Syne` (800 weight)
- Monospace/labels: `JetBrains Mono` (400/500/700)
- Body: `Lato` (300/400)

**CSS Variables**
```css
--bg: #f5f3ef;
--paper: #faf9f7;
--ink: #1a1814;
--ink-dim: #6b6760;
--border: #ddd9d3;
--border-light: #eae7e2;
--l1: #c8522a; --l2: #d4812e; --l3: #c5a832;
--l4: #5a9e4b; --l5: #3b86c8; --l6: #6c52be; --l7: #1a1814;
```

**Component patterns**
- Eyebrow labels: `JetBrains Mono`, 10–11px, `letter-spacing: 0.2em`, uppercase, level color
- Headings: `Syne` 800, `letter-spacing: -0.03em`
- Body: `Lato` 300, 14–15px, `line-height: 1.7`, `var(--ink-dim)`
- Signal tags: `JetBrains Mono` 10px, `background: var(--paper); border: 1px solid var(--border); padding: 3px 10px`
- Callout boxes: `border-left: 2px solid var(--lN); padding: 10px 14px; background: var(--paper)`
- Score bars: 2px tall, `background: var(--border)`, fill uses level color, width = (score/10 * 100)%
- Dot background: `radial-gradient(circle, #c8c5bf 1px, transparent 1px)` at `24px 24px`, opacity 0.35

**Astro conventions**
- Reusable UI: `.astro` components (LevelCard, SignalTags, ScoreBar, CalloutBox)
- Prose in MDX body; structured data in frontmatter
- Scoped `<style>` in `.astro`; global tokens in `global.css`

## Task

[DESCRIBE YOUR CONTENT HERE]

Stay strictly within the content model and design system above. Do not invent new fields, colors, or components outside what is defined.

---

Key Design Decisions

The prompt above combines several important elements that make LLM-generated content accurate and consistent:

Full TypeScript-Style Frontmatter Schema

The LLM knows exactly what fields exist, their types, and their constraints — so it won’t hallucinate new fields or leave gaps. Every field has a comment explaining its purpose and valid range.

Ground Truth Summaries for All 7 Levels

Rather than letting the LLM make up details about what L4 vs L5 actually means, these summaries give it accurate source material to draw from. Each level includes:

• Company stage mapping
• Key architectural components
• Compliance achievability
• Blast radius classification

Assessment Signals Framed as Questions

The signals field is explicitly noted as “phrased as questions” — this keeps them in the right voice for a security review context. Examples like “DB in public subnet?” and “GuardDuty active?” set the tone.

Trigger and Example Fields

triggerToNext and exampleCompanies make each level feel grounded and actionable rather than abstract. They connect architecture decisions to real business milestones.

---

Content Model Reference

Core Fields

Field	Type	Description
level	number	1–7, the maturity level
title	string	Human-readable level name
archetype	string	Short subtitle with key technologies
stage	string	Company funding/growth stage
category	string[]	Filter categories: early, growth, enterprise, hyperscale
color	string	Hex color from the design system
blastRadius	enum	CRITICAL → MINIMAL severity label
blastRadiusPct	number	0–100, for rendering the visual meter

Reliability Fields

Field	Type	Description
sla	string	Achievable SLA at this level
rto	string?	Recovery Time Objective (optional)
rpo	string?	Recovery Point Objective (optional)

Score Fields

Field	Type	Description
scores.availability	number	1–10, infrastructure resilience
scores.security	number	1–10, defense depth
scores.observability	number	1–10, monitoring/visibility
scores.opsComplexity	number	1–10, operational burden (higher = more)

Content Arrays

Field	Type	Description
signals	string[]	6–10 assessment questions, phrased as questions
whatYoullSee	string[]	5–8 observable architecture signals
remainingRisks	string[]	4–6 gaps/weaknesses at this level
compliancesAchievable	string[]	2–5 attainable compliance frameworks
blastRadiusDetail	string[]	2–4 sentences explaining blast radius
triggerToNext	string	What drives evolution to the next level
exampleCompanies	string?	Real-world examples (optional)

---

Design System Quick Reference

Color Palette

Token	Hex	Usage
--bg	#f5f3ef	Page background
--paper	#faf9f7	Card/panel backgrounds
--ink	#1a1814	Primary text
--ink-dim	#6b6760	Secondary text
--border	#ddd9d3	Standard borders
--border-light	#eae7e2	Subtle borders
--l1	#c8522a	Level 1 — Flat VPC
--l2	#d4812e	Level 2 — Segmented
--l3	#c5a832	Level 3 — Layered Defense
--l4	#5a9e4b	Level 4 — Multi-AZ HA
--l5	#3b86c8	Level 5 — Multi-Region
--l6	#6c52be	Level 6 — Zero-Trust
--l7	#1a1814	Level 7 — Global Fabric

Typography

Role	Font	Weight	Size	Notes
Display / Headings	Syne	800	clamp(32px, 5vw, 64px)	letter-spacing: -0.03em
Labels / Code	JetBrains Mono	400/500/700	9–12px	letter-spacing: 0.1–0.2em, uppercase
Body	Lato	300/400	14–15px	line-height: 1.7

Component Patterns

Eyebrow Labels

font-family: 'JetBrains Mono', monospace;
font-size: 10–11px;
letter-spacing: 0.2em;
text-transform: uppercase;
color: var(--lN); /* level color */

Signal Tags

font-family: 'JetBrains Mono', monospace;
font-size: 10px;
background: var(--paper);
border: 1px solid var(--border);
padding: 3px 10px;

Callout Boxes

border-left: 2px solid var(--lN);
padding: 10px 14px;
background: var(--paper);

Score Bars

height: 2px;
background: var(--border);
/* Fill: */
width: calc(score / 10 * 100%);
background: var(--lN);

Dot Background Pattern

background-image: radial-gradient(circle, #c8c5bf 1px, transparent 1px);
background-size: 24px 24px;
opacity: 0.35;