feat(aws-observability): Add AWS Observability plugin#68
Open
theagenticguy wants to merge 6 commits intoawslabs:mainfrom
Open
feat(aws-observability): Add AWS Observability plugin#68theagenticguy wants to merge 6 commits intoawslabs:mainfrom
theagenticguy wants to merge 6 commits intoawslabs:mainfrom
Conversation
Adds a comprehensive AWS observability plugin combining CloudWatch Logs, Metrics, Alarms, Application Signals (APM), CloudTrail security auditing, and automated codebase observability gap analysis. Includes 4 MCP servers (CloudWatch, Application Signals, CloudTrail, AWS Documentation) and 8 reference files covering incident response, log analysis, alerting, performance monitoring, security auditing, observability gap analysis, and Application Signals setup. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
There was a problem hiding this comment.
Pull request overview
Adds a new aws-observability plugin to the Agent Plugins for AWS repo, providing an operational/observability-focused skill that integrates CloudWatch, Application Signals, CloudTrail, and AWS documentation via MCP servers, with supporting steering/reference docs.
Changes:
- Introduces the
aws-observabilityplugin manifest and MCP server configuration (CloudWatch, Application Signals, CloudTrail, AWS docs). - Adds an
aws-observabilityskill with progressive-disclosure reference files for incident response, log analysis, alerting, APM, security auditing, and codebase gap analysis. - Registers the new plugin in the marketplace registry under the
observabilitycategory.
Reviewed changes
Copilot reviewed 12 out of 12 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| plugins/aws-observability/.claude-plugin/plugin.json | New plugin manifest (metadata, keywords, version, license). |
| plugins/aws-observability/.mcp.json | Defines MCP servers used by the plugin (stdio via uvx). |
| plugins/aws-observability/skills/aws-observability/SKILL.md | Main skill entrypoint: prerequisites, configuration, capability overview, and reference index. |
| plugins/aws-observability/skills/aws-observability/references/incident-response.md | Incident response workflows and cross-signal correlation guidance. |
| plugins/aws-observability/skills/aws-observability/references/log-analysis.md | CloudWatch Logs Insights syntax/patterns and tool parameter guidance. |
| plugins/aws-observability/skills/aws-observability/references/alerting-setup.md | CloudWatch alarm configuration patterns and best practices. |
| plugins/aws-observability/skills/aws-observability/references/performance-monitoring.md | Application Signals concepts, tool entrypoints, and troubleshooting workflows. |
| plugins/aws-observability/skills/aws-observability/references/security-auditing.md | CloudTrail data-source priority and security/compliance query patterns. |
| plugins/aws-observability/skills/aws-observability/references/observability-gap-analysis.md | Multi-language codebase observability gap analysis framework and templates. |
| plugins/aws-observability/skills/aws-observability/references/application-signals-setup.md | Application Signals enablement guidance using the MCP server enablement tool. |
| plugins/aws-observability/skills/aws-observability/references/cloudtrail-data-source-selection.md | Utility guide describing CloudTrail Lake/Logs/LookupEvents priority strategy. |
| .claude-plugin/marketplace.json | Registers aws-observability in the marketplace. |
plugins/aws-observability/skills/aws-observability/references/security-auditing.md
Outdated
Show resolved
Hide resolved
plugins/aws-observability/skills/aws-observability/references/security-auditing.md
Outdated
Show resolved
Hide resolved
plugins/aws-observability/skills/aws-observability/references/alerting-setup.md
Outdated
Show resolved
Hide resolved
krokoko
previously approved these changes
Feb 27, 2026
- Replace wildcard IAM permissions with least-privilege read-only actions in SKILL.md (Copilot review comment awslabs#5) - Add missing `| limit 100` to Performance Analysis query example in SKILL.md (Copilot review comment awslabs#4) - Fix DynamoDB Throttles alarm pattern to use ReadThrottleEvents / WriteThrottleEvents instead of UserErrors (Copilot review comment awslabs#3) - Fix lookup_events example to use 90-day window matching API limits (Copilot review comment awslabs#1) - Remove orphaned pattern numbering ("Pattern 2/3/4" with no Pattern 1) in security-auditing.md (Copilot review comment awslabs#2) - Replace all "steering file" terminology with "reference" across all 8 reference files for consistency with plugin conventions Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace awslabs.aws-documentation-mcp-server (local stdio via uvx) with awsknowledge (remote HTTP at knowledge-mcp.global.api.aws), matching the pattern used by deploy-on-aws plugin. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 12 out of 12 changed files in this pull request and generated 10 comments.
You can also share your feedback on Copilot code review. Take the survey.
Comment on lines
+338
to
+344
| **Investigation**: | ||
|
|
||
| - Check CloudWatch Metrics for resource utilization | ||
| - Query logs for timeout errors | ||
| - Review Application Signals for latency increases | ||
| - Check Cost Explorer for usage spikes | ||
|
|
There was a problem hiding this comment.
This reference instructs the agent/user to “Check Cost Explorer for usage spikes” and includes “Cost Impact (Cost Explorer)” in the end-to-end workflow, but the plugin’s .mcp.json doesn’t configure a Cost Explorer-related MCP server (and the PR description notes Cost Explorer integration is out of scope). Please either remove/replace these steps with CloudWatch-based cost signals, or explicitly mark them as manual console/CLI checks.
plugins/aws-observability/skills/aws-observability/references/security-auditing.md
Show resolved
Hide resolved
plugins/aws-observability/skills/aws-observability/references/performance-monitoring.md
Show resolved
Hide resolved
plugins/aws-observability/skills/aws-observability/references/log-analysis.md
Show resolved
Hide resolved
plugins/aws-observability/skills/aws-observability/references/log-analysis.md
Show resolved
Hide resolved
plugins/aws-observability/skills/aws-observability/references/log-analysis.md
Show resolved
Hide resolved
plugins/aws-observability/skills/aws-observability/references/log-analysis.md
Show resolved
Hide resolved
plugins/aws-observability/skills/aws-observability/references/incident-response.md
Show resolved
Hide resolved
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds a new aws-observability plugin providing a comprehensive AWS observability platform combining CloudWatch Logs, Metrics, Alarms, Application Signals (APM), CloudTrail security auditing, and automated codebase observability gap analysis.
Related
Changes
New plugin:
aws-observability(12 files, 4300 lines).claude-plugin/plugin.json): name, description, keywords, Apache-2.0 license.mcp.json): 4 stdio servers from AWS Labs:awslabs.cloudwatch-mcp-server- CloudWatch Logs, Metrics, Alarmsawslabs.cloudwatch-applicationsignals-mcp-server- Application Signals APM, SLOs, tracingawslabs.cloudtrail-mcp-server- CloudTrail security auditingawslabs.aws-documentation-mcp-server- AWS documentation accessskills/aws-observability/SKILL.md, ~155 lines): Auto-triggers on observability intent (monitoring, troubleshooting, incident response, log analysis, security audit, etc.) with progressive disclosure via reference file linksskills/aws-observability/references/):incident-response.md- Incident management workflows with multi-tool correlationlog-analysis.md- CloudWatch Logs Insights query patterns and syntax referencealerting-setup.md- Intelligent alarm configurations with AWS best practicesperformance-monitoring.md- Application Signals APM, SLOs, distributed tracingsecurity-auditing.md- CloudTrail security analysis and complianceobservability-gap-analysis.md- Codebase observability audit across 6 languagesapplication-signals-setup.md- Application Signals enablement guidecloudtrail-data-source-selection.md- CloudTrail data source priority strategy.claude-plugin/marketplace.json): Addedaws-observabilityentry with categoryobservabilityBuild validation: All checks pass (markdown lint, manifest validation, cross-reference validation, formatting, security scans).
Acknowledgment
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of the project license.