ITSM OPS — Effective ADLC Usage
8-step ITSM ticket lifecycle (intake → discover → classify → cross-validate → decide → implement → operate → govern) executed via
cloudops/.adlcsubmodule consumption with PII-gated AWSO/ notebooks and real-time JIRA OPS board sync.
Project Identity
| Aspect | Value |
|---|---|
| Repository | /Volumes/Working/projects/cloudops |
| JIRA Board | OPS (https://1xops.atlassian.net/jira/software/c/projects/OPS/) |
| Confluence Space | OPS (https://1xops.atlassian.net/wiki/spaces/OPS) |
| Sub-Product | CloudOps (CO-* story prefixes) |
| Data Boundary | AWSO/ folder (gitignored; customer account IDs, PII, $) |
Consumption Pattern
The cloudops project symlinks to .adlc framework:
.claude→.adlc/.claude(all 38 agents, 141 commands, 128 skills inherited)- Local AWSO/ notebooks extend with customer-specific queries
- JIRA OPS board = source-of-truth for ticket lifecycle
- Confluence OPS = runbook + knowledge base for on-call teams
Daily Workflow: ITSM Ticket Lifecycle
Every OPS ticket flows through 8-step pipeline (see golden path docs/docs/golden-paths/itsm-lifecycle.md):
- Intake → sre-engineer extracts: service type, environment, accounts, resource IDs
- Discover → Multi-account infrastructure inventory (Cost Explorer, Config Aggregator, CloudTrail, SSM)
- Classify → JIRA label taxonomy: 6-prefix (URGENCY, SERVICE, ENVIRONMENT, IMPACT, PRIORITY, RESOLUTION)
- Cross-Validate → 4-way verification: API vs Console vs Config Agg vs CLI READONLY profiles
- Decide → Change scheduling eligibility, blast radius, CAB routing
- Implement → Create change record (CR) with change request number
- Operate → Configure monitoring, alarms, escalation per Change Advisory Board decision
- Govern → Cost impact summary, compliance evidence trail
P0/P1 Only: If incident severity ≥ P0, generate Post-Incident Review (PIR) → potential product story (SPM) if pattern recurs.
Effective Commands (This Project)
| Command | Purpose | Input | Output |
|---|---|---|---|
/itsm:lifecycle OPS-NNN | Full 8-step ticket processing with preview | JIRA ticket key | JIRA description updated with findings |
/itsm:classify OPS-NNN | Auto-assign labels + priority + service type | Ticket description | Label recommendations in JIRA |
/itsm:cross-validate OPS-NNN | 4-way accuracy check (99.5% target) | Ticket scope | Cross-validation report in Confluence |
/itsm:create-change OPS-NNN | Generate change record for CAB approval | Classification + decision | JIRA change request (subtask) |
/itsm:create-pir OPS-NNN | Blameless post-incident review (P0/P1) | Resolved ticket + timeline | PIR document in Confluence + product story candidate |
/sync:jira-pull | Fetch latest OPS tickets (batch) | JIRA JQL filter | Local CSV cache for analysis |
/sync:jira-push | Sync local ticket changes → JIRA | Evidence JSON + markdown | JIRA ticket updated, activity logged |
/documentation:confluence-publish | Publish runbooks + analysis → Confluence OPS space | Markdown source file | Live Confluence page with metadata |
All commands default to preview mode. Add --execute to apply changes to JIRA + Confluence.
2-Way Sync: JIRA ↔ Local SSOT
| Direction | Cadence | Mechanism | SSOT |
|---|---|---|---|
| JIRA → Local | Daily standup (morning) | /sync:jira-pull with JIRA Query Language filter | Live JIRA board state |
| Local → JIRA | Per-ticket resolution | /sync:jira-push with rsid label idempotency | Local evidence files (evidence/) |
| OPS → SPM | Escalation on pattern recurs | PIR tool flags product stories | product-owner agent reviews + stories.csv |
Idempotency: Every JIRA sync operation includes rsid:{uuid} label. Running /sync:jira-push twice on same evidence = idempotent (no duplicates).
PII Boundary (Critical)
- Gitignored:
AWSO/folder contains customer names, account IDs, cost figures, sensitive runbooks - Not tracked: Customer-specific Jupyter notebooks, live environment secrets, billing data
- Tracked: Framework logic (Python), patterns (lessons learned), generic runbooks (without account IDs)
- Publishing rule: All Confluence pages auto-scrub account IDs → replace with
{account-id},{region}placeholders
CxO Personas
Each ITSM output targets specific stakeholder:
| Persona | Needs | Output Format |
|---|---|---|
| CFO (Cost) | Cost of incident (downtime × rate) + mitigation spend | Executive summary: 3 bullets + 1 $ impact |
| CTO (Architecture) | Root cause + fix duration + preventive design change | Technical runbook with architecture diagram |
| CloudOps Engineer (On-Call) | Step-by-step remediation + escalation matrix | Runbook.md with Rich CLI output examples |
| Customer Success | Timeline of impact + communication + resolution proof | Incident closure report with timestamps |
Effective Hooks (ADLC Enforcement)
| Hook | Trigger | Blocks | Purpose |
|---|---|---|---|
enforce-coordination.sh | PreToolUse (ITSM commands) | Requires PO+CA logs | Prevents standalone execution on customer tickets |
validate-bash.sh | Bash calls with AWS API | Blocks mutation verbs (delete, terminate) without HITL | READONLY only for autonomous team execution |
validate-component-counts.sh | End of session | Audit trail | Verifies ITSM + SPM board state consistency |
Quality Gates (ITSM-Specific)
- Real-Time MCP Validation — Every JIRA ticket updated via MCP atlassian-tools (exact name:
atlassian-tools>=0.21.0) - INVEST Adherence — Escalated product stories must meet INVEST criteria (stories.csv only)
- Change Request Routing — CR blast radius determines CAB escalation + approval level
- 4-Way Cross-Validation — READONLY AWS profile + Config Aggregator + Cost Explorer + Console output must agree ≥99.5%
Anti-Patterns Specific to ITSM
| Anti-Pattern | Example | Prevention |
|---|---|---|
CONFLUENCE_DUPLICATE_PAGE | PIR runbook created twice without title search | Hook blocks on title search before create |
MCP_ADF_FIDELITY_LOSS | Rich taskList lost in JIRA description (MCP markdown→ADF) | Use REST API v3 for interactive checklists |
JIRA_HIERARCHY_ASSUMPTION | Attaching PIR as child to resolved ticket, assuming hierarchy | Query parent type first; only Epics + Stories support children |
JSON_ONLY_NATO | Evidence JSON updated without updating Confluence runbook | Rules-layer: update both in same session |
Real Software Deliverables (2026-2030)
- Per-Customer Jupyter Notebooks (AWSO/) — Interactive analysis, READONLY cloud queries
- Inventory CSVs (AWSO/data/) — Account mappings, resource indices, historical snapshots
- Confluence Runbooks (OPS space) — Generic + customer-specific playbooks, PIRs
- JIRA Tickets (OPS board) — Live incident tracking, CR routing, resolution evidence
- Sync Evidence (evidence/) — JSON files for audit trails, traceability
References
- Golden Path:
docs/docs/golden-paths/itsm-lifecycle.md(end-to-end flow, 8 steps) - Framework:
CLAUDE.md(root) →.adlcsubmodule configuration - Anti-Patterns:
.claude/rules/governance/anti-patterns-catalog.md(100 patterns, ITSM-specific callouts) - JIRA Integration:
.claude/rules/engineering/atlassian-integration-standards.md(API, MCP, sync patterns) - READONLY AWS:
.claude/rules/governance/operational-efficiency.mdRule 8 (autonomous execution with provided profiles)