top of page
Search

Intent-Driven Engineering vs Hub-and-Spoke Architecture: Who Really Owns the System?

  • Writer: Mark Kendall
    Mark Kendall
  • 2 hours ago
  • 3 min read


Intent-Driven Engineering vs Hub-and-Spoke Architecture: Who Really Owns the System?




Introduction



Enterprise architecture is evolving—again.


Teams are debating PrivateLink vs Transit Gateway, designing Hub-and-Spoke topologies, and centralizing traffic through API gateways. On the surface, it looks like progress.


But underneath, a deeper question is emerging:


Are we designing better systems… or just better wiring?


Because no matter how advanced the network becomes, one truth remains:


👉 Infrastructure does not define behavior—intent does.


This is where Intent-Driven Engineering takes control of the conversation.





What Is Hub-and-Spoke Architecture?



Hub-and-Spoke is an infrastructure pattern where:


  • A central hub (API Gateway, shared services, ingress layer) manages traffic

  • Multiple spokes (application VPCs, microservices, EKS clusters) handle execution

  • Communication flows through controlled, centralized entry points



Teams typically implement this using:


  • AWS PrivateLink (service-level isolation)

  • AWS Transit Gateway (network-level connectivity)



It’s clean. It’s scalable. It’s widely adopted.


But it’s also incomplete.





The Missing Layer: Intent



Hub-and-Spoke answers:


  • Where does traffic go?

  • How do systems connect?



But it does NOT answer:


  • Why is this interaction happening?

  • What does this request mean to the business?

  • Who governs the behavior across systems?



Without those answers, teams fall into a familiar trap:


They build a well-structured network… and then recreate chaos inside it.





Intent-Driven Engineering: The Control Plane Above the Network



Intent-Driven Engineering introduces a higher-order abstraction:

Intent → Canonical Model → Adapter Execution

Where:


  • Intent defines what the business wants to achieve

  • Canonical Model normalizes and governs meaning

  • Adapters execute against systems (Salesforce, ServiceNow, APIs, etc.)



This sits above Hub-and-Spoke—not competing with it, but controlling it.





How Hub-and-Spoke Fits Inside Intent-Driven Architecture



Let’s connect the two worlds:

Internet

   ↓

API Gateway (Hub)

   ↓

Inbound Adapter (Intent Entry Point)

   ↓

Canonical Core (System Brain)

   ↓

Outbound Adapters

   ↓

Spoke Services / External Systems

Now the architecture has meaning.


  • The Hub is no longer just routing traffic


    👉 It becomes the Intent Ingestion Layer

  • The Spokes are no longer isolated services


    👉 They become execution targets governed by intent

  • The Network is no longer the system


    👉 It becomes the transport layer of a governed system






PrivateLink vs Transit Gateway: The Wrong Debate



Most teams get stuck here:


  • PrivateLink = security and isolation

  • Transit Gateway = scalability and simplicity



This is a valid infrastructure discussion.


But from an Intent-Driven perspective:


It doesn’t matter.


Because:


  • Both are just transport mechanisms

  • Neither defines behavior, orchestration, or governance



The real decision is not:


“How should services connect?”


The real decision is:


“Who controls the meaning of those connections?”





Why This Matters (More Than Ever)



Without an intent-driven layer:


  • Teams create point-to-point integrations inside a hub

  • API Gateway becomes a pass-through, not a control point

  • Microservices drift into inconsistent behavior

  • Governance becomes reactive instead of designed



With Intent-Driven Engineering:


  • Every request is interpreted before execution

  • Every system interaction is governed by a canonical model

  • Every integration becomes predictable, reusable, and scalable






The Enterprise Shift: From Network-Centric to Intent-Centric



We are witnessing a shift:

Old Model

New Model

Network defines architecture

Intent defines architecture

Services connect directly

Adapters mediate all interactions

API Gateway routes traffic

API Gateway ingests intent

Integration is point-to-point

Integration is canonical and governed

Hub-and-Spoke is still valuable—but only as a foundation.





Key Takeaways



  • Hub-and-Spoke architecture solves connectivity, not meaning

  • PrivateLink vs TGW is an implementation detail, not a strategy

  • Intent-Driven Engineering introduces a control plane above infrastructure

  • The real power lies in governing behavior, not just routing traffic

  • Enterprises that adopt intent-driven models move from integration chaos to engineered systems






Final Thought



You can build the most elegant Hub-and-Spoke architecture in the world…


But if every team is still wiring services together independently, you haven’t built a platform—you’ve built a prettier version of the same problem.


Intent is the architecture. Everything else is implementation.





 
 
 

Recent Posts

See All
The AI Renaissance: From Governance to Empowerment

The AI Renaissance: From Governance to Empowerment Intro For most of my career, enterprise technology came with a trade-off. If you wanted to build something great, you had to work around the system:

 
 
 

Comments

Rated 0 out of 5 stars.
No ratings yet
Add a rating
Post: Blog2_Post

Subscribe Form

Thanks for submitting!

©2020 by LearnTeachMaster DevOps. Proudly created with Wix.com

bottom of page