# Architectural Principles for Cloud-Agnostic DPI

The following principles guide cloud-agnostic DPI architecture. For each principle, we identify the open standards and frameworks that enable portable implementation.

<figure><img src="/files/32zUxXlmilmggqrfbuuL" alt=""><figcaption></figcaption></figure>

The diagram above illustrates the four layers of a portable DPI stack.

* Layer 1 (Cloud Platform) represents the interchangeable deployment target — any major cloud provider or an on-premises national data center.
* Layer 2 (Orchestration & Runtime) provides the common abstraction that makes this interchangeability possible, anchored by Kubernetes and OCI container standards.
* Layer 3 (Self-Hosted Infrastructure Components) covers the open-source middleware — databases, identity providers, API gateways, and observability tools — that replace proprietary managed services.
* Layer 4 (DPI Application Services) is where the building blocks sit: Digital Identity, Verifiable Credentials, Data Exchange, Payments, Registries, and Consent Management, all communicating through open standards like W3C VC, OID4VCI, OID4VP, and mDL/mDoc.
* Running vertically across all layers are four cross-cutting pillars: Infrastructure as Code, Security & Zero Trust, Data Portability, and Governance — disciplines that must be applied at every level rather than bolted on at one.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.cdpi.dev/technical-notes/cloud-agnostic-deployment-of-dpi-and-data-portability/architectural-principles-for-cloud-agnostic-dpi.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.