Architecture overview
Architecture diagram
Deploying this solution with the default parameters deploys the following components in your AWS account.
This solution runs the following workflow:
-
A developer initiates an activity in an AWS CI/CD pipeline, such as pushing a code change to AWS CodeCommit
or deploying an application using AWS CodeDeploy . These activities create events. If a multi-account multi-Region feature is activated, the events can be generated from multiple AWS accounts and multiple AWS Regions. For development using GitHub repository, git push events are generated. -
An Amazon EventBridge
events rule detects the events based on predefined event patterns and then sends the event data to an Amazon Data Firehose delivery stream. One event rule is created per event source. For activities in AWS CodeBuild , a CloudWatch metric stream is set up to capture CloudWatch metrics and deliver them to a Firehose delivery stream in the monitoring account. For GitHub push events, an Amazon API endpoint is created to post these events and deliver them to a Firehose delivery stream. -
An Amazon EventBridge events rule is also created to capture events from an Amazon CloudWatch alarm that monitors the status of an Amazon CloudWatch synthetics canary or Amazon CodePipeline
, if you have set up the alarm for the canary or pipeline respectively in your account. This alarm is needed to gather data for calculating MTTR metrics. -
Amazon Data Firehose uses an AWS Lambda function for data transformation. The Lambda function extracts relevant data to each metric and sends it to a central Amazon S3 bucket in the monitoring account for downstream processing.
-
The data in Amazon S3 is linked to an Amazon Athena database, which runs queries against this data and returns query results to Amazon QuickSight
. -
Amazon QuickSight obtains the query results and builds dashboard visualizations for your management team.