Package com.cloudforgeci.api.observability

package com.cloudforgeci.api.observability

Observability and security monitoring components for CloudForge infrastructure.

This package provides comprehensive monitoring, logging, and security protection for your Jenkins infrastructure. Everything automatically adapts to your security profile (DEV, STAGING, or PRODUCTION) with sensible defaults.

What's Included

Alarms and Notifications

AlarmFactory creates CloudWatch alarms to alert you when things go wrong - like too many 5xx errors from your load balancer.

Security Monitoring

SecurityMonitoringFactory watches for security issues like high CPU usage, failed logins, or unusual API activity. Thresholds are stricter in production and more relaxed in dev.

Web Application Firewall (WAF)

WafFactory protects your Jenkins from common web attacks like SQL injection and cross-site scripting. It uses AWS managed rules tuned specifically for Jenkins to avoid false positives.

Logging

• FlowLogFactory - Captures network traffic for security analysis and troubleshooting
• LoggingCwFactory - Centralizes application logs in CloudWatch for easy searching and alerting

Compliance and Auditing

ComplianceFactory sets up CloudTrail, AWS Config, and Audit Manager for compliance frameworks like PCI-DSS, HIPAA, SOC2, and GDPR. Perfect for regulated industries.

Threat Detection

GuardDutyFactory enables AWS GuardDuty for intelligent threat detection using machine learning.

Getting Started

Most factories work automatically when you extend BaseFactory and use the @SystemContext annotation to inject your security profile:

 public class MyMonitoring extends BaseFactory {
     @SystemContext("security")
     private SecurityProfile security;

     @Override
     public void create() {
         // Security profile automatically injected
         // Configuration automatically loaded
     }
 }
 

Everything is configured through your security profile. For custom settings, override values in your deployment context:

 cfc.put("wafEnabled", true);
 cfc.put("enableMonitoring", true);
 cfc.put("logRetentionDays", 90);
 

For Sales and Business Users

This package delivers enterprise-grade observability out of the box:

• Security monitoring that meets compliance requirements
• Automated alerting that catches issues before they impact users
• Audit trails for regulatory compliance (PCI-DSS, HIPAA, SOC2)
• Threat detection using AWS machine learning
• Cost optimization through environment-specific configurations

Development environments get basic monitoring to save costs, while production gets comprehensive protection. All configurable without code changes.

See Also:

• SecurityProfile
• SecurityProfileConfiguration

Classes

Class	Description
AlarmFactory	Creates CloudWatch alarms for application health monitoring.
AlarmFactory.Props	Configuration properties for alarm creation.
ComplianceFactory	Factory for creating compliance and audit resources (CloudTrail, AWS Config, AWS Audit Manager).
FlowLogFactory	VPC Flow Log Factory using annotation-based context injection.
GuardDutyFactory	Factory for AWS GuardDuty threat detection and compliance automation.
LoggingCwFactory	CloudWatch Logging Factory using annotation-based context injection.
SecurityMonitoringFactory	Factory for creating security monitoring and alerting configurations.
SharedResourceRegistry	Registry for shared/account-level resources that should be reused across stacks.
WafFactory	Factory for creating AWS WAF WebACL resources.