AWS devopsagent documentation change
Summary
Added detailed explanations about production operations capabilities including monitoring integration, topology-based correlation, incident analysis, and setup steps. Enhanced release management feedback loop content.
Security assessment
The changes describe operational workflows and integration capabilities without addressing vulnerabilities or security weaknesses. While IAM policies are mentioned as an example of incident patterns, this is part of general operational best practices rather than addressing a specific security flaw.
Diff
diff --git a/devopsagent/latest/userguide/working-with-devops-agent-production-operations-index.md b/devopsagent/latest/userguide/working-with-devops-agent-production-operations-index.md index 62830c425..412e95bea 100644 --- a//devopsagent/latest/userguide/working-with-devops-agent-production-operations-index.md +++ b//devopsagent/latest/userguide/working-with-devops-agent-production-operations-index.md @@ -15 +15,7 @@ Production operations is the set of capabilities that help you detect, respond t -TODO: How the agent monitors your production environment, integrates with your observability tools and ticketing systems, and uses your application topology to correlate signals during investigations. +AWS DevOps Agent monitors your production environment by integrating with your observability platforms — Amazon CloudWatch, Datadog, Dynatrace, Grafana, New Relic, and Splunk — along with ticketing systems like ServiceNow and PagerDuty, and communication tools like Slack. When an alert fires or a support ticket arrives, the agent begins investigating immediately. + +The agent uses your application topology — an automatically generated map of your resources and their relationships — to correlate signals across services during an investigation. It traces metrics, logs, traces, code changes, and deployment history through the dependency graph to identify root cause, assess blast radius, and determine which downstream services may be affected. + +Between incidents, the agent analyzes patterns across your investigation history to identify systemic improvements. It generates targeted recommendations across observability, infrastructure, governance, and code optimization that address root causes rather than symptoms. + +For more information about how the agent discovers your infrastructure, see [What is a DevOps Agent Topology?](./about-aws-devops-agent-what-is-a-devops-agent-topology.html). For details on connecting your monitoring tools, see [Connecting telemetry sources](./configuring-integrations-and-knowledge-connecting-telemetry-sources-index.html). @@ -19 +25,16 @@ TODO: How the agent monitors your production environment, integrates with your o -TODO: First-use walkthrough — prerequisites (Agent Space with connected monitoring tools), connecting your first alerting source, triggering or waiting for your first investigation, and understanding the results. +To begin using production operations capabilities: + + 1. **Create an Agent Space** — An Agent Space is the logical container that defines what AWS DevOps Agent can access and investigate. Configure your primary AWS account and set up operator access for your team. See [Creating an Agent Space](./getting-started-with-aws-devops-agent-creating-an-agent-space.html). + + 2. **Connect your telemetry sources** — Connect your monitoring platforms so the agent can access metrics, logs, and traces during investigations. AWS DevOps Agent supports built-in integrations with Amazon CloudWatch, Datadog, Dynatrace, Grafana, New Relic, and Splunk, plus webhook and MCP server integrations for other tools. See [Connecting telemetry sources](./configuring-integrations-and-knowledge-connecting-telemetry-sources-index.html). + + 3. **Connect ticketing and communication tools (optional)** — Connect ServiceNow, PagerDuty, or Slack to enable automated investigation triggering from incidents and real-time status updates back to your team. See [Connecting to ticketing and chat](./configuring-integrations-and-knowledge-connecting-to-ticketing-and-chat-index.html). + + 4. **Wait for topology discovery** — After connecting your accounts, the agent automatically discovers your resources and builds an application topology. This typically completes within minutes and provides the context the agent uses to correlate signals during investigations. + + 5. **Start your first investigation** — Investigations can start automatically from connected alerting sources, via webhooks, or manually from the Incident Response tab in the DevOps Agent web app. Try starting a manual investigation by describing an issue or choosing a pre-configured starting point such as "Latest alarm" or "Error rate spike." See [Autonomous incident response](./production-operations-autonomous-incident-response.html). + + + + +Once your first investigation completes, you can provide feedback on the root cause analysis, review the investigation timeline, and explore proactive recommendations on the Improvements page. @@ -36 +57,9 @@ Production operations includes three core capabilities: -TODO: Explain how incident patterns and prevention recommendations inform release readiness code reviews and QA testing — creating a feedback loop that makes pre-production validation smarter over time. +Production operations and release management form a continuous feedback loop. Insights from production incidents inform pre-production validation, making your release process smarter over time. + +**Incident patterns shape release reviews** — When the agent identifies recurring root causes through proactive incident prevention — such as missing error handling, inadequate retry logic, or over-permissioned IAM policies — these patterns inform what release readiness code reviews look for. The agent's growing understanding of what causes production failures in your environment makes future code reviews more relevant to your actual risk profile. + +**Prevention recommendations drive code changes** — Proactive incident prevention generates agent-ready specifications that describe code and configuration improvements with specific file paths and implementation plans. These specifications can be handed to a coding agent during the release management workflow, closing the loop from production issue to validated fix. + +**Topology knowledge improves dependency analysis** — The application topology built during production operations — including service relationships, request paths, and deployment boundaries — feeds directly into the cross-repository dependency analysis performed during release readiness reviews. The agent uses the same understanding of how your services interact to assess blast radius both during incident response and during code review. + +**Investigation feedback refines learned skills** — Feedback you provide on investigations and the accuracy of recommendations updates the agent's learned skills. As these skills improve, both incident investigations and release reviews benefit from more accurate knowledge about your environment, operational patterns, and effective investigation techniques.