Skip to content

AZ1600/cloudops-command-center

Repository files navigation

CloudOps Command Center

Overview

CloudOps Command Center is an AI-powered platform engineering assistant that detects infrastructure risks, explains their impact, recommends safe remediation steps, routes issues to the correct service owner, and executes only after approval.

The project demonstrates a production-style platform engineering workflow for cloud teams. It combines infrastructure signal ingestion, service ownership, risk explanation, runbooks, approval gates, simulated execution, and audit history in one command center.


Problem It Solves

Cloud and platform teams receive signals from many places:

  • GitHub Actions
  • AWS
  • Kubernetes
  • Terraform
  • Monitoring systems

The challenge is not only seeing alerts. The real challenge is knowing:

  • What is risky?
  • Why does it matter?
  • Which service is affected?
  • Who owns it?
  • What is the safe fix?
  • Should the fix be executed now?
  • Is there an audit trail?

CloudOps Command Center turns disconnected infrastructure signals into explainable, owner-routed, approval-gated remediation workflows.


Core Workflow

User / Platform Engineer ↓ Infrastructure Signals ↓ AI Risk Engine ↓ Evidence + Impact Explanation ↓ Service Owner Routing ↓ Runbook-Based Remediation ↓ Approval Queue ↓ Simulated Execution ↓ Audit Log


Features

Risk Inbox

  • Detects infrastructure risks from mock cloud signals
  • Classifies risks by severity and category
  • Shows business and technical impact
  • Displays raw evidence behind every recommendation
  • Shows confidence score for each risk

Approval Workflow

  • Risks require approval before execution
  • Approved risks move into the approval queue
  • Dismissed risks are removed from active review
  • Metrics update as decisions are made

Execution Log

  • Simulates approved remediation execution
  • Records safety checks
  • Captures command preview
  • Stores execution history for auditability

Owner Routing

  • Routes each risk to the correct owner/team
  • Tracks active risks per owner
  • Shows urgent, waiting, and completed work

Service Catalog

  • Tracks owned platform assets
  • Shows owner, runtime, environment, health, last change, linked integrations, and active risk count
  • Demonstrates a Backstage-style service ownership model

Integrations Status

  • Shows infrastructure signal sources
  • Tracks mock/connected/not connected status
  • Displays last sync time, signal count, and what each integration provides

Runbooks

  • Documents remediation procedures
  • Includes safety checks and rollback plans
  • Connects risks to controlled operational procedures

Demo Risk Sources

The current MVP uses mock and live-ingested signals for:

  • Failed GitHub Actions deployment
  • Live GitHub Actions workflow run failures
  • Public S3 bucket access risk
  • Kubernetes CrashLoopBackOff
  • Unattached AWS volumes increasing cost
  • Terraform drift in a security group
  • Terraform plan JSON security, cost, and change risks

Architecture

CloudOps Command Center is currently implemented as a frontend-first platform engineering MVP:

  • Next.js app renders the command center UI
  • TypeScript models infrastructure signals, risks, services, integrations, runbooks, execution events, and audit events
  • Mock data simulates cloud integrations while live GitHub Actions and Terraform import flows demonstrate production-style ingestion
  • Risk engine transforms signals into explainable risks
  • React state manages approval, dismissal, execution, metrics, owner routing, and audit history
  • API routes persist platform state, import GitHub Actions failures, and classify Terraform plan JSON
  • Vitest validates risk logic and data relationships
  • GitHub Actions workflow validates lint, typecheck, tests, and build

Technologies Used

  • Next.js
  • React
  • TypeScript
  • Vitest
  • GitHub Actions
  • CSS
  • Vercel-ready deployment structure

Validation

The project can be validated with:

npm run lint
npm run typecheck
npm run test
npm run build

Current validation coverage checks:

  • Risk engine output
  • Evidence availability
  • Runbook coverage
  • Integration catalog coverage
  • Service catalog coverage
  • Terraform plan risk import
  • GitHub Actions failure import

Local Development

Install dependencies:

npm install

Run locally:

npm run dev

Open:

http://localhost:3000

Production Foundation

The app now includes the first production-readiness layer:

  • Optional Clerk auth provider with demo fallback
  • Workspace and team role model
  • Owner/Admin approval permissions
  • Neon Postgres-ready schema
  • Repository layer with Postgres when DATABASE_URL is configured
  • Demo in-memory fallback when no database is configured
  • API routes for platform state, risk scans, and approval actions
  • Terraform plan JSON import with infrastructure risk detection
  • GitHub Actions workflow run import with failed deployment risk detection

Environment variables for production mode:

NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY=
CLERK_SECRET_KEY=
DATABASE_URL=
DATABASE_SSL=true
GITHUB_TOKEN=

GITHUB_TOKEN is optional for public repositories, but recommended for private repositories and higher API limits.

Apply the Neon schema after setting DATABASE_URL:

npm run db:apply

Future Improvements

  • Add AWS read-only integration
  • Add Kubernetes read-only cluster integration
  • Add Prometheus or Alertmanager webhook ingestion
  • Add pull request generation for approved remediations
  • Add Slack or email notifications for routed owners
  • Add billing and workspace support for SaaS readiness

Screenshots

Dashboard / Risk Scan Complete

Dashboard Risk Scan Complete

Risk Inbox

Dashboard Risk Inbox

Evidence View

Evidence View

Approval + Execution Flow

Approval Execution Flow

GitHub Actions Risk Import

GitHub Actions Risk Import

Owner Routing

Owner Routing

Service Catalog

Service Catalog

Integrations Status

Integrations Status

Runbooks

Runbooks


Skills Demonstrated

Platform Engineering

  • Service ownership
  • Runbooks
  • Approval workflows
  • Auditability
  • Operational safety

Cloud Engineering

  • AWS risk modeling
  • Infrastructure signal design
  • Cost, security, reliability, and deployment risk categories

DevOps

  • GitHub Actions CI
  • TypeScript validation
  • Build verification
  • Deployment-ready project structure

Product Engineering

  • SaaS-style dashboard
  • Workflow-driven UX
  • Explainable AI interface
  • Portfolio-ready documentation

Author

Olawale Azeez

AWS Certified Solutions Architect - Associate
AWS Certified Cloud Practitioner
Cloud Engineer | Platform Engineer | DevOps Engineer

About

AI platform engineering assistant that detects infrastructure risks, explains impact, routes issues to owners, and executes remediation only after approval.

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors