How do you approach cloud compliance (SOC2, ISO27001) in architecture design?

Compliance is controls + evidence. Architect for: - Strong IAM and auditing - Encryption and key management - Network segmentation - Change management via IaC Automate evidence collection (logs, configs). Build guardrails so teams can ship fast without repeatedly reinventing compliance.