flowchart TB
Dev["π€ Developer"]
GH["GitHub Repo<br/>+ Actions CI/CD"]
Dev -->|"git push / PR"| GH
subgraph AWS["βοΈ AWS"]
direction TB
subgraph VPC["VPC 10.0.0.0/16"]
direction TB
PubSN["Public Subnets<br/>(NAT, ALB)"]
PrivSN["Private Subnets"]
EC2["EC2 Ubuntu<br/>Telemetry Ingestor<br/>(Ansible-configured)"]
EKS["EKS Cluster<br/>Dashboard Pods<br/>+ IRSA"]
PubSN --> PrivSN
PrivSN --> EC2
PrivSN --> EKS
end
S3[("S3 Bucket<br/>Raw Telemetry")]
IAM["IAM Roles<br/>+ OIDC for GH Actions"]
ECR["ECR<br/>Container Registry"]
EC2 -->|"writes"| S3
EKS -->|"pulls images"| ECR
end
subgraph Azure["βοΈ Azure"]
direction TB
subgraph VNet["VNet 10.1.0.0/16"]
direction TB
WinVM["Windows VM<br/>Dashboard<br/>(Ansible-configured)"]
AVD["Azure Virtual Desktop<br/>Session Hosts"]
end
Blob[("Blob Storage<br/>Telemetry Mirror")]
Entra["Microsoft Entra ID<br/>Users + Groups + App Reg"]
WinVM -->|"reads"| Blob
AVD -.->|"auth"| Entra
WinVM -.->|"auth"| Entra
end
GH ==>|"terraform plan/apply<br/>via OIDC"| AWS
GH ==>|"terraform plan/apply<br/>via OIDC"| Azure
S3 <-->|"Python sync<br/>every 15 min"| Blob
Engineer["π· Energy Engineer"]
Engineer -->|"RDP / AVD client"| AVD
AVD -->|"browses dashboard"| WinVM
classDef awsStyle fill:#FF9900,stroke:#232F3E,color:#000
classDef azureStyle fill:#0078D4,stroke:#003D6B,color:#fff
classDef storage fill:#3F8624,stroke:#1F4D12,color:#fff
classDef identity fill:#7B2D8E,stroke:#3D1647,color:#fff
classDef ci fill:#24292E,stroke:#000,color:#fff
class AWS,VPC,PubSN,PrivSN,EC2,EKS,ECR awsStyle
class Azure,VNet,WinVM,AVD azureStyle
class S3,Blob storage
class IAM,Entra identity
class GH ci
The story: telemetry from "wells" (simulated) lands in S3, gets processed by an EC2 ingestor configured with Ansible, and is replicated to Azure Blob Storage. A dashboard running on Azure VMs (and later EKS) reads the data. Engineers log in via Azure Virtual Desktop, authenticated through Entra ID.