feat: add shared reusable components for trace details v3

Adds reusable components to periscope and DetailsPanel:

- PrettyView: JSON tree viewer with search and pinning
- JsonView: Monaco-based JSON viewer
- DataViewer: Pretty/JSON mode switcher
- FloatingPanel: Draggable/resizable panel (react-rnd)
- ResizableBox: Vertical/horizontal resize with handle
- KeyValueLabel: Key-value display (column/row)
- DetailsPanel: Drawer infrastructure and header

cmd/community/server.go

@@ -8,6 +8,7 @@ import (
 
 	"github.com/SigNoz/signoz/cmd"
 	"github.com/SigNoz/signoz/pkg/analytics"
+	"github.com/SigNoz/signoz/pkg/auditor"
 	"github.com/SigNoz/signoz/pkg/authn"
 	"github.com/SigNoz/signoz/pkg/authz"
 	"github.com/SigNoz/signoz/pkg/authz/openfgaauthz"
@@ -17,15 +18,11 @@ import (
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/gateway"
 	"github.com/SigNoz/signoz/pkg/gateway/noopgateway"
-	"github.com/SigNoz/signoz/pkg/global"
 	"github.com/SigNoz/signoz/pkg/licensing"
 	"github.com/SigNoz/signoz/pkg/licensing/nooplicensing"
-	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
-	"github.com/SigNoz/signoz/pkg/modules/cloudintegration/implcloudintegration"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
-	"github.com/SigNoz/signoz/pkg/modules/serviceaccount"
 	"github.com/SigNoz/signoz/pkg/querier"
 	"github.com/SigNoz/signoz/pkg/query-service/app"
 	"github.com/SigNoz/signoz/pkg/queryparser"
@@ -33,7 +30,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/sqlschema"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
 	"github.com/SigNoz/signoz/pkg/version"
 	"github.com/SigNoz/signoz/pkg/zeus"
 	"github.com/SigNoz/signoz/pkg/zeus/noopzeus"
@@ -98,12 +94,12 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 		func(_ licensing.Licensing) factory.ProviderFactory[gateway.Gateway, gateway.Config] {
 			return noopgateway.NewProviderFactory()
 		},
+		func(_ licensing.Licensing) factory.NamedMap[factory.ProviderFactory[auditor.Auditor, auditor.Config]] {
+			return signoz.NewAuditorProviderFactories()
+		},
 		func(ps factory.ProviderSettings, q querier.Querier, a analytics.Analytics) querier.Handler {
 			return querier.NewHandler(ps, q, a)
 		},
-		func(_ cloudintegrationtypes.Store, _ global.Global, _ zeus.Zeus, _ gateway.Gateway, _ licensing.Licensing, _ serviceaccount.Module, _ cloudintegration.Config) (cloudintegration.Module, error) {
-			return implcloudintegration.NewModule(), nil
-		},
 	)
 	if err != nil {
 		logger.ErrorContext(ctx, "failed to create signoz", errors.Attr(err))

cmd/enterprise/server.go

@@ -8,6 +8,7 @@ import (
 	"github.com/spf13/cobra"
 
 	"github.com/SigNoz/signoz/cmd"
+	"github.com/SigNoz/signoz/ee/auditor/otlphttpauditor"
 	"github.com/SigNoz/signoz/ee/authn/callbackauthn/oidccallbackauthn"
 	"github.com/SigNoz/signoz/ee/authn/callbackauthn/samlcallbackauthn"
 	"github.com/SigNoz/signoz/ee/authz/openfgaauthz"
@@ -16,8 +17,6 @@ import (
 	"github.com/SigNoz/signoz/ee/gateway/httpgateway"
 	enterpriselicensing "github.com/SigNoz/signoz/ee/licensing"
 	"github.com/SigNoz/signoz/ee/licensing/httplicensing"
-	"github.com/SigNoz/signoz/ee/modules/cloudintegration/implcloudintegration"
-	"github.com/SigNoz/signoz/ee/modules/cloudintegration/implcloudintegration/implcloudprovider"
 	"github.com/SigNoz/signoz/ee/modules/dashboard/impldashboard"
 	eequerier "github.com/SigNoz/signoz/ee/querier"
 	enterpriseapp "github.com/SigNoz/signoz/ee/query-service/app"
@@ -26,19 +25,16 @@ import (
 	enterprisezeus "github.com/SigNoz/signoz/ee/zeus"
 	"github.com/SigNoz/signoz/ee/zeus/httpzeus"
 	"github.com/SigNoz/signoz/pkg/analytics"
+	"github.com/SigNoz/signoz/pkg/auditor"
 	"github.com/SigNoz/signoz/pkg/authn"
 	"github.com/SigNoz/signoz/pkg/authz"
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/gateway"
-	"github.com/SigNoz/signoz/pkg/global"
 	"github.com/SigNoz/signoz/pkg/licensing"
-	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
-	pkgcloudintegration "github.com/SigNoz/signoz/pkg/modules/cloudintegration/implcloudintegration"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	pkgimpldashboard "github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
-	"github.com/SigNoz/signoz/pkg/modules/serviceaccount"
 	"github.com/SigNoz/signoz/pkg/querier"
 	"github.com/SigNoz/signoz/pkg/queryparser"
 	"github.com/SigNoz/signoz/pkg/signoz"
@@ -46,7 +42,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/sqlstore"
 	"github.com/SigNoz/signoz/pkg/sqlstore/sqlstorehook"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
 	"github.com/SigNoz/signoz/pkg/version"
 	"github.com/SigNoz/signoz/pkg/zeus"
 )
@@ -132,6 +127,7 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 				return nil, err
 			}
 			return openfgaauthz.NewProviderFactory(sqlstore, openfgaschema.NewSchema().Get(ctx), openfgaDataStore, licensing, dashboardModule), nil
+
 		},
 		func(store sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, queryParser queryparser.QueryParser, querier querier.Querier, licensing licensing.Licensing) dashboard.Module {
 			return impldashboard.NewModule(pkgimpldashboard.NewStore(store), settings, analytics, orgGetter, queryParser, querier, licensing)
@@ -139,25 +135,19 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 		func(licensing licensing.Licensing) factory.ProviderFactory[gateway.Gateway, gateway.Config] {
 			return httpgateway.NewProviderFactory(licensing)
 		},
+		func(licensing licensing.Licensing) factory.NamedMap[factory.ProviderFactory[auditor.Auditor, auditor.Config]] {
+			factories := signoz.NewAuditorProviderFactories()
+			if err := factories.Add(otlphttpauditor.NewFactory(licensing, version.Info)); err != nil {
+				panic(err)
+			}
+			return factories
+		},
 		func(ps factory.ProviderSettings, q querier.Querier, a analytics.Analytics) querier.Handler {
 			communityHandler := querier.NewHandler(ps, q, a)
 			return eequerier.NewHandler(ps, q, communityHandler)
 		},
-		func(store cloudintegrationtypes.Store, global global.Global, zeus zeus.Zeus, gateway gateway.Gateway, licensing licensing.Licensing, serviceAccount serviceaccount.Module, config cloudintegration.Config) (cloudintegration.Module, error) {
-			defStore := pkgcloudintegration.NewServiceDefinitionStore()
-			awsCloudProviderModule, err := implcloudprovider.NewAWSCloudProvider(defStore)
-			if err != nil {
-				return nil, err
-			}
-			azureCloudProviderModule := implcloudprovider.NewAzureCloudProvider()
-			cloudProvidersMap := map[cloudintegrationtypes.CloudProviderType]cloudintegration.CloudProviderModule{
-				cloudintegrationtypes.CloudProviderTypeAWS:   awsCloudProviderModule,
-				cloudintegrationtypes.CloudProviderTypeAzure: azureCloudProviderModule,
-			}
-
-			return implcloudintegration.NewModule(store, global, zeus, gateway, licensing, serviceAccount, cloudProvidersMap, config)
-		},
 	)
+
 	if err != nil {
 		logger.ErrorContext(ctx, "failed to create signoz", errors.Attr(err))
 		return err

conf/example.yaml

@@ -365,9 +365,33 @@ serviceaccount:
     # toggle service account analytics
     enabled: true
 
-##################### Cloud Integration #####################
-cloudintegration:
-  # cloud integration agent configuration
-  agent:
-    # The version of the cloud integration agent.
-    version: v0.0.8
+##################### Auditor #####################
+auditor:
+  # Specifies the auditor provider to use.
+  # noop: discards all audit events (community default).
+  # otlphttp: exports audit events via OTLP HTTP (enterprise).
+  provider: noop
+  # The async channel capacity for audit events. Events are dropped when full (fail-open).
+  buffer_size: 1000
+  # The maximum number of events per export batch.
+  batch_size: 100
+  # The maximum time between export flushes.
+  flush_interval: 1s
+  otlphttp:
+    # The target scheme://host:port/path of the OTLP HTTP endpoint.
+    endpoint: http://localhost:4318/v1/logs
+    # Whether to use HTTP instead of HTTPS.
+    insecure: false
+    # The maximum duration for an export attempt.
+    timeout: 10s
+    # Additional HTTP headers sent with every export request.
+    headers: {}
+    retry:
+      # Whether to retry on transient failures.
+      enabled: true
+      # The initial wait time before the first retry.
+      initial_interval: 5s
+      # The upper bound on backoff interval.
+      max_interval: 30s
+      # The total maximum time spent retrying.
+      max_elapsed_time: 60s

ee/modules/cloudintegration/implcloudintegration/implcloudprovider/awscloudprovider.go

@@ -1,132 +0,0 @@
-package implcloudprovider
-
-import (
-	"context"
-	"fmt"
-	"net/url"
-	"sort"
-
-	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
-	"github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
-)
-
-type awscloudprovider struct {
-	serviceDefinitions cloudintegrationtypes.ServiceDefinitionStore
-}
-
-func NewAWSCloudProvider(defStore cloudintegrationtypes.ServiceDefinitionStore) (cloudintegration.CloudProviderModule, error) {
-	return &awscloudprovider{serviceDefinitions: defStore}, nil
-}
-
-func (provider *awscloudprovider) GetConnectionArtifact(ctx context.Context, account *cloudintegrationtypes.Account, req *cloudintegrationtypes.GetConnectionArtifactRequest) (*cloudintegrationtypes.ConnectionArtifact, error) {
-	baseURL := fmt.Sprintf(cloudintegrationtypes.CloudFormationQuickCreateBaseURL.StringValue(), req.Config.Aws.DeploymentRegion)
-	u, _ := url.Parse(baseURL)
-
-	q := u.Query()
-	q.Set("region", req.Config.Aws.DeploymentRegion)
-	u.Fragment = "/stacks/quickcreate"
-
-	u.RawQuery = q.Encode()
-
-	q = u.Query()
-	q.Set("stackName", cloudintegrationtypes.AgentCloudFormationBaseStackName.StringValue())
-	q.Set("templateURL", fmt.Sprintf(cloudintegrationtypes.AgentCloudFormationTemplateS3Path.StringValue(), req.Config.AgentVersion))
-	q.Set("param_SigNozIntegrationAgentVersion", req.Config.AgentVersion)
-	q.Set("param_SigNozApiUrl", req.Credentials.SigNozAPIURL)
-	q.Set("param_SigNozApiKey", req.Credentials.SigNozAPIKey)
-	q.Set("param_SigNozAccountId", account.ID.StringValue())
-	q.Set("param_IngestionUrl", req.Credentials.IngestionURL)
-	q.Set("param_IngestionKey", req.Credentials.IngestionKey)
-
-	return &cloudintegrationtypes.ConnectionArtifact{
-		Aws: &cloudintegrationtypes.AWSConnectionArtifact{
-			ConnectionURL: u.String() + "?&" + q.Encode(), // this format is required by AWS
-		},
-	}, nil
-}
-
-func (provider *awscloudprovider) ListServiceDefinitions(ctx context.Context) ([]*cloudintegrationtypes.ServiceDefinition, error) {
-	return provider.serviceDefinitions.List(ctx, cloudintegrationtypes.CloudProviderTypeAWS)
-}
-
-func (provider *awscloudprovider) GetServiceDefinition(ctx context.Context, serviceID cloudintegrationtypes.ServiceID) (*cloudintegrationtypes.ServiceDefinition, error) {
-	serviceDef, err := provider.serviceDefinitions.Get(ctx, cloudintegrationtypes.CloudProviderTypeAWS, serviceID)
-	if err != nil {
-		return nil, err
-	}
-
-	// override cloud integration dashboard id
-	for index, dashboard := range serviceDef.Assets.Dashboards {
-		serviceDef.Assets.Dashboards[index].ID = cloudintegrationtypes.GetCloudIntegrationDashboardID(cloudintegrationtypes.CloudProviderTypeAWS, serviceID.StringValue(), dashboard.ID)
-	}
-
-	return serviceDef, nil
-}
-
-func (provider *awscloudprovider) BuildIntegrationConfig(
-	ctx context.Context,
-	account *cloudintegrationtypes.Account,
-	services []*cloudintegrationtypes.StorableCloudIntegrationService,
-) (*cloudintegrationtypes.ProviderIntegrationConfig, error) {
-	// Sort services for deterministic output
-	sort.Slice(services, func(i, j int) bool {
-		return services[i].Type.StringValue() < services[j].Type.StringValue()
-	})
-
-	compiledMetrics := new(cloudintegrationtypes.AWSMetricsCollectionStrategy)
-	compiledLogs := new(cloudintegrationtypes.AWSLogsCollectionStrategy)
-	var compiledS3Buckets map[string][]string
-
-	for _, storedSvc := range services {
-		svcCfg, err := cloudintegrationtypes.NewServiceConfigFromJSON(cloudintegrationtypes.CloudProviderTypeAWS, storedSvc.Config)
-		if err != nil {
-			return nil, err
-		}
-
-		svcDef, err := provider.GetServiceDefinition(ctx, storedSvc.Type)
-		if err != nil {
-			return nil, err
-		}
-
-		strategy := svcDef.TelemetryCollectionStrategy.AWS
-		logsEnabled := svcCfg.IsLogsEnabled(cloudintegrationtypes.CloudProviderTypeAWS)
-
-		// S3Sync: logs come directly from configured S3 buckets, not CloudWatch subscriptions
-		if storedSvc.Type == cloudintegrationtypes.AWSServiceS3Sync {
-			if logsEnabled && svcCfg.AWS.Logs.S3Buckets != nil {
-				compiledS3Buckets = svcCfg.AWS.Logs.S3Buckets
-			}
-			// no need to go ahead as the code block specifically checks for the S3Sync service
-			continue
-		}
-
-		if logsEnabled && strategy.Logs != nil {
-			compiledLogs.Subscriptions = append(compiledLogs.Subscriptions, strategy.Logs.Subscriptions...)
-		}
-
-		metricsEnabled := svcCfg.IsMetricsEnabled(cloudintegrationtypes.CloudProviderTypeAWS)
-
-		if metricsEnabled && strategy.Metrics != nil {
-			compiledMetrics.StreamFilters = append(compiledMetrics.StreamFilters, strategy.Metrics.StreamFilters...)
-		}
-	}
-
-	collectionStrategy := new(cloudintegrationtypes.AWSTelemetryCollectionStrategy)
-
-	if len(compiledMetrics.StreamFilters) > 0 {
-		collectionStrategy.Metrics = compiledMetrics
-	}
-	if len(compiledLogs.Subscriptions) > 0 {
-		collectionStrategy.Logs = compiledLogs
-	}
-	if compiledS3Buckets != nil {
-		collectionStrategy.S3Buckets = compiledS3Buckets
-	}
-
-	return &cloudintegrationtypes.ProviderIntegrationConfig{
-		AWS: &cloudintegrationtypes.AWSIntegrationConfig{
-			EnabledRegions:              account.Config.AWS.Regions,
-			TelemetryCollectionStrategy: collectionStrategy,
-		},
-	}, nil
-}

ee/modules/cloudintegration/implcloudintegration/implcloudprovider/azurecloudprovider.go

@@ -1,34 +0,0 @@
-package implcloudprovider
-
-import (
-	"context"
-
-	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
-	"github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
-)
-
-type azurecloudprovider struct{}
-
-func NewAzureCloudProvider() cloudintegration.CloudProviderModule {
-	return &azurecloudprovider{}
-}
-
-func (provider *azurecloudprovider) GetConnectionArtifact(ctx context.Context, account *cloudintegrationtypes.Account, req *cloudintegrationtypes.GetConnectionArtifactRequest) (*cloudintegrationtypes.ConnectionArtifact, error) {
-	panic("implement me")
-}
-
-func (provider *azurecloudprovider) ListServiceDefinitions(ctx context.Context) ([]*cloudintegrationtypes.ServiceDefinition, error) {
-	panic("implement me")
-}
-
-func (provider *azurecloudprovider) GetServiceDefinition(ctx context.Context, serviceID cloudintegrationtypes.ServiceID) (*cloudintegrationtypes.ServiceDefinition, error) {
-	panic("implement me")
-}
-
-func (provider *azurecloudprovider) BuildIntegrationConfig(
-	ctx context.Context,
-	account *cloudintegrationtypes.Account,
-	services []*cloudintegrationtypes.StorableCloudIntegrationService,
-) (*cloudintegrationtypes.ProviderIntegrationConfig, error) {
-	panic("implement me")
-}

ee/modules/cloudintegration/implcloudintegration/module.go

@@ -1,513 +0,0 @@
-package implcloudintegration
-
-import (
-	"context"
-	"fmt"
-	"sort"
-	"time"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/gateway"
-	"github.com/SigNoz/signoz/pkg/global"
-	"github.com/SigNoz/signoz/pkg/licensing"
-	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
-	"github.com/SigNoz/signoz/pkg/modules/serviceaccount"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
-	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
-	"github.com/SigNoz/signoz/pkg/types/serviceaccounttypes"
-	"github.com/SigNoz/signoz/pkg/types/zeustypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-	"github.com/SigNoz/signoz/pkg/zeus"
-)
-
-type module struct {
-	store             cloudintegrationtypes.Store
-	gateway           gateway.Gateway
-	zeus              zeus.Zeus
-	licensing         licensing.Licensing
-	global            global.Global
-	serviceAccount    serviceaccount.Module
-	cloudProvidersMap map[cloudintegrationtypes.CloudProviderType]cloudintegration.CloudProviderModule
-	config            cloudintegration.Config
-}
-
-func NewModule(
-	store cloudintegrationtypes.Store,
-	global global.Global,
-	zeus zeus.Zeus,
-	gateway gateway.Gateway,
-	licensing licensing.Licensing,
-	serviceAccount serviceaccount.Module,
-	cloudProvidersMap map[cloudintegrationtypes.CloudProviderType]cloudintegration.CloudProviderModule,
-	config cloudintegration.Config,
-) (cloudintegration.Module, error) {
-	return &module{
-		store:             store,
-		global:            global,
-		zeus:              zeus,
-		gateway:           gateway,
-		licensing:         licensing,
-		serviceAccount:    serviceAccount,
-		cloudProvidersMap: cloudProvidersMap,
-		config:            config,
-	}, nil
-}
-
-// GetConnectionCredentials returns credentials required to generate connection artifact. eg. apiKey, ingestionKey etc.
-// It will return creds it can deduce and return empty value for others.
-func (module *module) GetConnectionCredentials(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType) (*cloudintegrationtypes.Credentials, error) {
-	// get license to get the deployment details
-	license, err := module.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return nil, errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	var ingestionURL string
-
-	globalConfig := module.global.GetConfig(ctx)
-	if globalConfig != nil {
-		ingestionURL = globalConfig.IngestionURL
-	}
-
-	// get deployment details from zeus, ignore error
-	respBytes, _ := module.zeus.GetDeployment(ctx, license.Key)
-
-	var signozAPIURL string
-
-	if len(respBytes) > 0 {
-		// parse deployment details, ignore error, if client is asking api url every time check for possible error
-		deployment, _ := zeustypes.NewGettableDeployment(respBytes)
-		if deployment != nil {
-			signozAPIURL = deployment.SignozAPIUrl
-		}
-	}
-
-	// ignore error
-	apiKey, _ := module.getOrCreateAPIKey(ctx, orgID, provider)
-
-	// ignore error
-	ingestionKey, _ := module.getOrCreateIngestionKey(ctx, orgID, provider)
-
-	return &cloudintegrationtypes.Credentials{
-		SigNozAPIURL: signozAPIURL,
-		SigNozAPIKey: apiKey,
-		IngestionURL: ingestionURL,
-		IngestionKey: ingestionKey,
-	}, nil
-}
-
-func (module *module) CreateAccount(ctx context.Context, account *cloudintegrationtypes.Account) error {
-	_, err := module.licensing.GetActive(ctx, account.OrgID)
-	if err != nil {
-		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	storableCloudIntegration, err := cloudintegrationtypes.NewStorableCloudIntegration(account)
-	if err != nil {
-		return err
-	}
-
-	return module.store.CreateAccount(ctx, storableCloudIntegration)
-}
-
-func (module *module) GetConnectionArtifact(ctx context.Context, account *cloudintegrationtypes.Account, req *cloudintegrationtypes.GetConnectionArtifactRequest) (*cloudintegrationtypes.ConnectionArtifact, error) {
-	cloudProviderModule, err := module.getCloudProvider(account.Provider)
-	if err != nil {
-		return nil, err
-	}
-
-	req.Config.AddAgentVersion(module.config.Agent.Version)
-
-	return cloudProviderModule.GetConnectionArtifact(ctx, account, req)
-}
-
-func (module *module) GetAccount(ctx context.Context, orgID valuer.UUID, accountID valuer.UUID, provider cloudintegrationtypes.CloudProviderType) (*cloudintegrationtypes.Account, error) {
-	_, err := module.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return nil, errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	storableAccount, err := module.store.GetAccountByID(ctx, orgID, accountID, provider)
-	if err != nil {
-		return nil, err
-	}
-
-	return cloudintegrationtypes.NewAccountFromStorable(storableAccount)
-}
-
-// ListAccounts return only agent connected accounts.
-func (module *module) ListAccounts(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType) ([]*cloudintegrationtypes.Account, error) {
-	_, err := module.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return nil, errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	storableAccounts, err := module.store.ListConnectedAccounts(ctx, orgID, provider)
-	if err != nil {
-		return nil, err
-	}
-
-	return cloudintegrationtypes.NewAccountsFromStorables(storableAccounts)
-}
-
-func (module *module) AgentCheckIn(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType, req *cloudintegrationtypes.AgentCheckInRequest) (*cloudintegrationtypes.AgentCheckInResponse, error) {
-	_, err := module.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return nil, errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	connectedAccount, err := module.store.GetConnectedAccount(ctx, orgID, provider, req.ProviderAccountID)
-	if err != nil && !errors.Ast(err, errors.TypeNotFound) {
-		return nil, err
-	}
-
-	// If a different integration is already connected to this provider account ID, reject the check-in.
-	// Allow re-check-in from the same integration (e.g. agent restarting).
-	if connectedAccount != nil && connectedAccount.ID != req.CloudIntegrationID {
-		errMessage := fmt.Sprintf("provider account id %s is already connected to cloud integration id %s", req.ProviderAccountID, connectedAccount.ID)
-		return nil, errors.New(errors.TypeAlreadyExists, cloudintegrationtypes.ErrCodeCloudIntegrationAlreadyConnected, errMessage)
-	}
-
-	account, err := module.store.GetAccountByID(ctx, orgID, req.CloudIntegrationID, provider)
-	if err != nil {
-		return nil, err
-	}
-
-	// update account with cloud provider account id and agent report (heartbeat)
-	account.Update(&req.ProviderAccountID, cloudintegrationtypes.NewAgentReport(req.Data))
-
-	err = module.store.UpdateAccount(ctx, account)
-	if err != nil {
-		return nil, err
-	}
-
-	// If account has been removed (disconnected), return a minimal response with empty integration config.
-	// The agent doesn't act on config for removed accounts.
-	if account.RemovedAt != nil {
-		return &cloudintegrationtypes.AgentCheckInResponse{
-			CloudIntegrationID: account.ID.StringValue(),
-			ProviderAccountID:  req.ProviderAccountID,
-			IntegrationConfig:  new(cloudintegrationtypes.ProviderIntegrationConfig),
-			RemovedAt:          account.RemovedAt,
-		}, nil
-	}
-
-	// Get account as domain object for config access (enabled regions, etc.)
-	domainAccount, err := cloudintegrationtypes.NewAccountFromStorable(account)
-	if err != nil {
-		return nil, err
-	}
-
-	cloudProvider, err := module.getCloudProvider(provider)
-	if err != nil {
-		return nil, err
-	}
-
-	storedServices, err := module.store.ListServices(ctx, req.CloudIntegrationID)
-	if err != nil {
-		return nil, err
-	}
-
-	// Delegate integration config building entirely to the provider module
-	integrationConfig, err := cloudProvider.BuildIntegrationConfig(ctx, domainAccount, storedServices)
-	if err != nil {
-		return nil, err
-	}
-
-	return &cloudintegrationtypes.AgentCheckInResponse{
-		CloudIntegrationID: account.ID.StringValue(),
-		ProviderAccountID:  req.ProviderAccountID,
-		IntegrationConfig:  integrationConfig,
-		RemovedAt:          account.RemovedAt,
-	}, nil
-}
-
-func (module *module) UpdateAccount(ctx context.Context, account *cloudintegrationtypes.Account) error {
-	_, err := module.licensing.GetActive(ctx, account.OrgID)
-	if err != nil {
-		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	storableAccount, err := cloudintegrationtypes.NewStorableCloudIntegration(account)
-	if err != nil {
-		return err
-	}
-
-	return module.store.UpdateAccount(ctx, storableAccount)
-}
-
-func (module *module) DisconnectAccount(ctx context.Context, orgID valuer.UUID, accountID valuer.UUID, provider cloudintegrationtypes.CloudProviderType) error {
-	_, err := module.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	return module.store.RemoveAccount(ctx, orgID, accountID, provider)
-}
-
-func (module *module) ListServicesMetadata(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType, integrationID *valuer.UUID) ([]*cloudintegrationtypes.ServiceMetadata, error) {
-	_, err := module.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return nil, errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	cloudProvider, err := module.getCloudProvider(provider)
-	if err != nil {
-		return nil, err
-	}
-
-	serviceDefinitions, err := cloudProvider.ListServiceDefinitions(ctx)
-	if err != nil {
-		return nil, err
-	}
-
-	enabledServiceIDs := map[string]bool{}
-	if integrationID != nil {
-		storedServices, err := module.store.ListServices(ctx, *integrationID)
-		if err != nil {
-			return nil, err
-		}
-
-		for _, svc := range storedServices {
-			serviceConfig, err := cloudintegrationtypes.NewServiceConfigFromJSON(provider, svc.Config)
-			if err != nil {
-				return nil, err
-			}
-
-			if serviceConfig.IsServiceEnabled(provider) {
-				enabledServiceIDs[svc.Type.StringValue()] = true
-			}
-		}
-	}
-
-	resp := make([]*cloudintegrationtypes.ServiceMetadata, 0, len(serviceDefinitions))
-	for _, serviceDefinition := range serviceDefinitions {
-		resp = append(resp, cloudintegrationtypes.NewServiceMetadata(*serviceDefinition, enabledServiceIDs[serviceDefinition.ID]))
-	}
-
-	return resp, nil
-}
-
-func (module *module) GetService(ctx context.Context, orgID valuer.UUID, integrationID *valuer.UUID, serviceID cloudintegrationtypes.ServiceID, provider cloudintegrationtypes.CloudProviderType) (*cloudintegrationtypes.Service, error) {
-	_, err := module.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return nil, errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	cloudProvider, err := module.getCloudProvider(provider)
-	if err != nil {
-		return nil, err
-	}
-
-	serviceDefinition, err := cloudProvider.GetServiceDefinition(ctx, serviceID)
-	if err != nil {
-		return nil, err
-	}
-
-	var integrationService *cloudintegrationtypes.CloudIntegrationService
-
-	if integrationID != nil {
-		storedService, err := module.store.GetServiceByServiceID(ctx, *integrationID, serviceID)
-		if err != nil && !errors.Ast(err, errors.TypeNotFound) {
-			return nil, err
-		}
-		if storedService != nil {
-			serviceConfig, err := cloudintegrationtypes.NewServiceConfigFromJSON(provider, storedService.Config)
-			if err != nil {
-				return nil, err
-			}
-
-			integrationService = cloudintegrationtypes.NewCloudIntegrationServiceFromStorable(storedService, serviceConfig)
-		}
-	}
-
-	return cloudintegrationtypes.NewService(*serviceDefinition, integrationService), nil
-}
-
-func (module *module) CreateService(ctx context.Context, orgID valuer.UUID, service *cloudintegrationtypes.CloudIntegrationService, provider cloudintegrationtypes.CloudProviderType) error {
-	_, err := module.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	cloudProvider, err := module.getCloudProvider(provider)
-	if err != nil {
-		return err
-	}
-
-	serviceDefinition, err := cloudProvider.GetServiceDefinition(ctx, service.Type)
-	if err != nil {
-		return err
-	}
-
-	configJSON, err := service.Config.ToJSON(provider, service.Type, &serviceDefinition.SupportedSignals)
-	if err != nil {
-		return err
-	}
-
-	return module.store.CreateService(ctx, cloudintegrationtypes.NewStorableCloudIntegrationService(service, string(configJSON)))
-}
-
-func (module *module) UpdateService(ctx context.Context, orgID valuer.UUID, integrationService *cloudintegrationtypes.CloudIntegrationService, provider cloudintegrationtypes.CloudProviderType) error {
-	_, err := module.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	cloudProvider, err := module.getCloudProvider(provider)
-	if err != nil {
-		return err
-	}
-
-	serviceDefinition, err := cloudProvider.GetServiceDefinition(ctx, integrationService.Type)
-	if err != nil {
-		return err
-	}
-
-	configJSON, err := integrationService.Config.ToJSON(provider, integrationService.Type, &serviceDefinition.SupportedSignals)
-	if err != nil {
-		return err
-	}
-
-	storableService := cloudintegrationtypes.NewStorableCloudIntegrationService(integrationService, string(configJSON))
-
-	return module.store.UpdateService(ctx, storableService)
-}
-
-func (module *module) GetDashboardByID(ctx context.Context, orgID valuer.UUID, id string) (*dashboardtypes.Dashboard, error) {
-	_, err := module.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return nil, errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	_, _, _, err = cloudintegrationtypes.ParseCloudIntegrationDashboardID(id)
-	if err != nil {
-		return nil, err
-	}
-
-	allDashboards, err := module.listDashboards(ctx, orgID)
-	if err != nil {
-		return nil, err
-	}
-
-	for _, d := range allDashboards {
-		if d.ID == id {
-			return d, nil
-		}
-	}
-
-	return nil, errors.New(errors.TypeNotFound, cloudintegrationtypes.ErrCodeCloudIntegrationNotFound, "cloud integration dashboard not found")
-}
-
-func (module *module) ListDashboards(ctx context.Context, orgID valuer.UUID) ([]*dashboardtypes.Dashboard, error) {
-	_, err := module.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return nil, errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	return module.listDashboards(ctx, orgID)
-}
-
-func (module *module) getCloudProvider(provider cloudintegrationtypes.CloudProviderType) (cloudintegration.CloudProviderModule, error) {
-	if cloudProviderModule, ok := module.cloudProvidersMap[provider]; ok {
-		return cloudProviderModule, nil
-	}
-
-	return nil, errors.NewInvalidInputf(cloudintegrationtypes.ErrCodeCloudProviderInvalidInput, "invalid cloud provider: %s", provider.StringValue())
-}
-
-func (module *module) getOrCreateIngestionKey(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType) (string, error) {
-	keyName := cloudintegrationtypes.NewIngestionKeyName(provider)
-
-	result, err := module.gateway.SearchIngestionKeysByName(ctx, orgID, keyName, 1, 10)
-	if err != nil {
-		return "", errors.WrapInternalf(err, errors.CodeInternal, "couldn't search ingestion keys")
-	}
-
-	// ideally there should be only one key per cloud integration provider
-	if len(result.Keys) > 0 {
-		return result.Keys[0].Value, nil
-	}
-
-	createdIngestionKey, err := module.gateway.CreateIngestionKey(ctx, orgID, keyName, []string{"integration"}, time.Time{})
-	if err != nil {
-		return "", errors.WrapInternalf(err, errors.CodeInternal, "couldn't create ingestion key")
-	}
-
-	return createdIngestionKey.Value, nil
-}
-
-func (module *module) getOrCreateAPIKey(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType) (string, error) {
-	domain := module.serviceAccount.Config().Email.Domain
-	serviceAccount := serviceaccounttypes.NewServiceAccount("integration", domain, serviceaccounttypes.ServiceAccountStatusActive, orgID)
-	serviceAccount, err := module.serviceAccount.GetOrCreate(ctx, orgID, serviceAccount)
-	if err != nil {
-		return "", err
-	}
-	err = module.serviceAccount.SetRoleByName(ctx, orgID, serviceAccount.ID, authtypes.SigNozViewerRoleName)
-	if err != nil {
-		return "", err
-	}
-
-	factorAPIKey, err := serviceAccount.NewFactorAPIKey(provider.StringValue(), 0)
-	if err != nil {
-		return "", err
-	}
-
-	factorAPIKey, err = module.serviceAccount.GetOrCreateFactorAPIKey(ctx, factorAPIKey)
-	if err != nil {
-		return "", err
-	}
-	return factorAPIKey.Key, nil
-}
-
-func (module *module) listDashboards(ctx context.Context, orgID valuer.UUID) ([]*dashboardtypes.Dashboard, error) {
-	var allDashboards []*dashboardtypes.Dashboard
-
-	for provider := range module.cloudProvidersMap {
-		cloudProvider, err := module.getCloudProvider(provider)
-		if err != nil {
-			return nil, err
-		}
-
-		connectedAccounts, err := module.store.ListConnectedAccounts(ctx, orgID, provider)
-		if err != nil {
-			return nil, err
-		}
-
-		for _, storableAccount := range connectedAccounts {
-			storedServices, err := module.store.ListServices(ctx, storableAccount.ID)
-			if err != nil {
-				return nil, err
-			}
-
-			for _, storedSvc := range storedServices {
-				serviceConfig, err := cloudintegrationtypes.NewServiceConfigFromJSON(provider, storedSvc.Config)
-				if err != nil || !serviceConfig.IsMetricsEnabled(provider) {
-					continue
-				}
-
-				svcDef, err := cloudProvider.GetServiceDefinition(ctx, storedSvc.Type)
-				if err != nil || svcDef == nil {
-					continue
-				}
-
-				dashboards := cloudintegrationtypes.GetDashboardsFromAssets(
-					storedSvc.Type.StringValue(),
-					orgID,
-					provider,
-					storableAccount.CreatedAt,
-					svcDef.Assets,
-				)
-				allDashboards = append(allDashboards, dashboards...)
-			}
-		}
-	}
-
-	sort.Slice(allDashboards, func(i, j int) bool {
-		return allDashboards[i].ID < allDashboards[j].ID
-	})
-
-	return allDashboards, nil
-}

ee/query-service/app/server.go

@@ -227,7 +227,7 @@ func (s *Server) createPublicServer(apiHandler *api.APIHandler, web web.Web) (*h
 		s.config.APIServer.Timeout.Default,
 		s.config.APIServer.Timeout.Max,
 	).Wrap)
-	r.Use(middleware.NewAudit(s.signoz.Instrumentation.Logger(), s.config.APIServer.Logging.ExcludedRoutes, nil).Wrap)
+	r.Use(middleware.NewAudit(s.signoz.Instrumentation.Logger(), s.config.APIServer.Logging.ExcludedRoutes, s.signoz.Auditor).Wrap)
 	r.Use(middleware.NewComment().Wrap)
 
 	apiHandler.RegisterRoutes(r, am)

frontend/package.json

@@ -139,10 +139,12 @@
     "react-helmet-async": "1.3.0",
     "react-hook-form": "7.71.2",
     "react-i18next": "^11.16.1",
+    "react-json-tree": "0.20.0",
     "react-lottie": "1.2.10",
     "react-markdown": "8.0.7",
     "react-query": "3.39.3",
     "react-redux": "^7.2.2",
+    "react-rnd": "10.5.3",
     "react-router-dom": "^5.2.0",
     "react-router-dom-v5-compat": "6.27.0",
     "react-syntax-highlighter": "15.5.0",

frontend/src/components/DetailsPanel/DetailsHeader/DetailsHeader.styles.scss

@@ -0,0 +1,40 @@
+.details-header {
+	// ghost + secondary missing hover bg token in @signozhq/button
+	--button-ghost-hover-background: var(--l3-background);
+
+	display: flex;
+	align-items: center;
+	gap: 8px;
+	padding: 12px;
+	border-bottom: 1px solid var(--l1-border);
+	height: 36px;
+	background: var(--l2-background);
+
+	&__icon-btn {
+		flex-shrink: 0;
+	}
+
+	&__title {
+		font-size: 13px;
+		font-weight: 500;
+		color: var(--l1-foreground);
+		flex: 1;
+		min-width: 0;
+		overflow: hidden;
+		text-overflow: ellipsis;
+		white-space: nowrap;
+	}
+
+	&__actions {
+		display: flex;
+		align-items: center;
+		gap: 4px;
+		flex-shrink: 0;
+	}
+
+	&__nav {
+		display: flex;
+		align-items: center;
+		gap: 2px;
+	}
+}

frontend/src/components/DetailsPanel/DetailsHeader/DetailsHeader.tsx

@@ -0,0 +1,59 @@
+import { ReactNode } from 'react';
+import { Button } from '@signozhq/button';
+import { X } from '@signozhq/icons';
+
+import './DetailsHeader.styles.scss';
+
+export interface HeaderAction {
+	key: string;
+	component: ReactNode; // check later if we can use direct btn itself or not.
+}
+
+export interface DetailsHeaderProps {
+	title: string;
+	onClose: () => void;
+	actions?: HeaderAction[];
+	closePosition?: 'left' | 'right';
+	className?: string;
+}
+
+function DetailsHeader({
+	title,
+	onClose,
+	actions,
+	closePosition = 'right',
+	className,
+}: DetailsHeaderProps): JSX.Element {
+	const closeButton = (
+		<Button
+			variant="ghost"
+			size="icon"
+			color="secondary"
+			onClick={onClose}
+			aria-label="Close"
+			className="details-header__icon-btn"
+		>
+			<X size={14} />
+		</Button>
+	);
+
+	return (
+		<div className={`details-header ${className || ''}`}>
+			{closePosition === 'left' && closeButton}
+
+			<span className="details-header__title">{title}</span>
+
+			{actions && (
+				<div className="details-header__actions">
+					{actions.map((action) => (
+						<div key={action.key}>{action.component}</div>
+					))}
+				</div>
+			)}
+
+			{closePosition === 'right' && closeButton}
+		</div>
+	);
+}
+
+export default DetailsHeader;

frontend/src/components/DetailsPanel/DetailsPanelDrawer.styles.scss

@@ -0,0 +1,7 @@
+.details-panel-drawer {
+	&__body {
+		display: flex;
+		flex-direction: column;
+		height: 100%;
+	}
+}

frontend/src/components/DetailsPanel/DetailsPanelDrawer.tsx

@@ -0,0 +1,36 @@
+import { DrawerWrapper } from '@signozhq/drawer';
+
+import './DetailsPanelDrawer.styles.scss';
+
+interface DetailsPanelDrawerProps {
+	isOpen: boolean;
+	onClose: () => void;
+	children: React.ReactNode;
+	className?: string;
+}
+
+function DetailsPanelDrawer({
+	isOpen,
+	onClose,
+	children,
+	className,
+}: DetailsPanelDrawerProps): JSX.Element {
+	return (
+		<DrawerWrapper
+			open={isOpen}
+			onOpenChange={(open): void => {
+				if (!open) {
+					onClose();
+				}
+			}}
+			direction="right"
+			type="panel"
+			showOverlay={false}
+			allowOutsideClick
+			className={`details-panel-drawer ${className || ''}`}
+			content={<div className="details-panel-drawer__body">{children}</div>}
+		/>
+	);
+}
+
+export default DetailsPanelDrawer;

frontend/src/components/DetailsPanel/index.ts

@@ -0,0 +1,8 @@
+export type {
+	DetailsHeaderProps,
+	HeaderAction,
+} from './DetailsHeader/DetailsHeader';
+export { default as DetailsHeader } from './DetailsHeader/DetailsHeader';
+export { default as DetailsPanelDrawer } from './DetailsPanelDrawer';
+export type { DetailsPanelState, UseDetailsPanelOptions } from './types';
+export { default as useDetailsPanel } from './useDetailsPanel';

frontend/src/components/DetailsPanel/types.ts

@@ -0,0 +1,10 @@
+export interface DetailsPanelState {
+	isOpen: boolean;
+	open: () => void;
+	close: () => void;
+}
+
+export interface UseDetailsPanelOptions {
+	entityId: string | undefined;
+	onClose?: () => void;
+}

frontend/src/components/DetailsPanel/useDetailsPanel.ts

@@ -0,0 +1,29 @@
+import { useCallback, useEffect, useRef, useState } from 'react';
+
+import { DetailsPanelState, UseDetailsPanelOptions } from './types';
+
+function useDetailsPanel({
+	entityId,
+	onClose,
+}: UseDetailsPanelOptions): DetailsPanelState {
+	const [isOpen, setIsOpen] = useState<boolean>(false);
+	const prevEntityIdRef = useRef<string>('');
+
+	useEffect(() => {
+		const currentId = entityId || '';
+		if (currentId && currentId !== prevEntityIdRef.current) {
+			setIsOpen(true);
+		}
+		prevEntityIdRef.current = currentId;
+	}, [entityId]);
+
+	const open = useCallback(() => setIsOpen(true), []);
+	const close = useCallback(() => {
+		setIsOpen(false);
+		onClose?.();
+	}, [onClose]);
+
+	return { isOpen, open, close };
+}
+
+export default useDetailsPanel;

frontend/src/container/NewWidget/index.tsx

@@ -677,6 +677,18 @@ function NewWidget({
 			queryType: currentQuery.queryType,
 			isNewPanel,
 			dataSource: currentQuery?.builder?.queryData?.[0]?.dataSource,
+			...(currentQuery.queryType === EQueryType.CLICKHOUSE && {
+				clickhouseQueryCount: currentQuery.clickhouse_sql.length,
+				clickhouseQueries: currentQuery.clickhouse_sql.map((q) => ({
+					name: q.name,
+					query: (q.query ?? '')
+						.replace(/--[^\n]*/g, '') // strip line comments
+						.replace(/\/\*[\s\S]*?\*\//g, '') // strip block comments
+						.replace(/'(?:[^'\\]|\\.|'')*'/g, "'?'") // replace single-quoted strings (handles \' and '' escapes)
+						.replace(/\b\d+(?:\.\d+)?(?:[eE][+-]?\d+)?\b/g, '?'), // replace numeric literals (int, float, scientific)
+					disabled: q.disabled,
+				})),
+			}),
 		});
 		setSaveModal(true);
 		// eslint-disable-next-line react-hooks/exhaustive-deps

frontend/src/periscope/components/DataViewer/DataViewer.styles.scss

@@ -0,0 +1,54 @@
+.data-viewer {
+	display: flex;
+	flex-direction: column;
+	flex: 1;
+	min-height: 0;
+
+	// Toolbar — view mode switcher + copy button
+	&__toolbar {
+		display: flex;
+		align-items: center;
+		justify-content: space-between;
+		padding-bottom: 8px;
+	}
+
+	&__mode-select {
+		min-width: 90px;
+		height: 28px !important;
+
+		.ant-select-selector {
+			border-radius: 4px !important;
+			border-color: var(--l2-border) !important;
+			font-size: 12px !important;
+		}
+	}
+
+	&__copy-btn {
+		display: flex;
+		align-items: center;
+		justify-content: center;
+		padding: 4px 8px;
+		border: 1px solid var(--l2-border);
+		border-radius: 4px;
+		background: transparent;
+		color: var(--l2-foreground);
+		cursor: pointer;
+
+		&:hover {
+			color: var(--l1-foreground);
+			background: var(--l3-background);
+		}
+	}
+
+	// Shared content container — no scroll, each view handles its own
+	&__content {
+		flex: 1;
+		display: flex;
+		flex-direction: column;
+		border: 1px solid var(--l2-border);
+		border-radius: 4px;
+		padding: 8px;
+		min-height: 0;
+		overflow: hidden;
+	}
+}

frontend/src/periscope/components/DataViewer/DataViewer.tsx

@@ -0,0 +1,67 @@
+import { useMemo, useState } from 'react';
+import { Copy } from '@signozhq/icons';
+// TODO: Replace antd Select with @signozhq/ui component when moving to design library
+import { Select } from 'antd';
+import { JsonView } from 'periscope/components/JsonView';
+import { PrettyView } from 'periscope/components/PrettyView';
+import { PrettyViewProps } from 'periscope/components/PrettyView';
+
+import { copyToClipboard } from './utils';
+
+import './DataViewer.styles.scss';
+
+type ViewMode = 'pretty' | 'json';
+
+export interface DataViewerProps {
+	// eslint-disable-next-line @typescript-eslint/no-explicit-any
+	data: Record<string, any>;
+	drawerKey?: string;
+	prettyViewProps?: Omit<PrettyViewProps, 'data' | 'drawerKey'>;
+}
+
+function DataViewer({
+	data,
+	drawerKey = 'default',
+	prettyViewProps,
+}: DataViewerProps): JSX.Element {
+	const [viewMode, setViewMode] = useState<ViewMode>('pretty');
+
+	const jsonString = useMemo(() => JSON.stringify(data, null, 2), [data]);
+
+	return (
+		<div className="data-viewer">
+			<div className="data-viewer__toolbar">
+				<Select
+					className="data-viewer__mode-select"
+					size="small"
+					value={viewMode}
+					onChange={(value: ViewMode): void => setViewMode(value)}
+					options={[
+						{ label: 'Pretty', value: 'pretty' },
+						{ label: 'JSON', value: 'json' },
+					]}
+					getPopupContainer={(trigger): HTMLElement =>
+						trigger.parentElement || document.body
+					}
+				/>
+				<button
+					type="button"
+					className="data-viewer__copy-btn"
+					onClick={(): void => copyToClipboard(data)}
+					aria-label="Copy JSON"
+				>
+					<Copy size={14} />
+				</button>
+			</div>
+
+			<div className="data-viewer__content">
+				{viewMode === 'pretty' && (
+					<PrettyView data={data} drawerKey={drawerKey} {...prettyViewProps} />
+				)}
+				{viewMode === 'json' && <JsonView data={jsonString} />}
+			</div>
+		</div>
+	);
+}
+
+export default DataViewer;

frontend/src/periscope/components/DataViewer/index.ts

@@ -0,0 +1,2 @@
+export type { DataViewerProps } from './DataViewer';
+export { default as DataViewer } from './DataViewer';

frontend/src/periscope/components/DataViewer/utils.ts

@@ -0,0 +1,12 @@
+import { toast } from '@signozhq/sonner';
+
+export function copyToClipboard(value: unknown): void {
+	const text =
+		typeof value === 'object' ? JSON.stringify(value, null, 2) : String(value);
+	// eslint-disable-next-line no-restricted-properties
+	navigator.clipboard.writeText(text);
+	toast.success('Copied to clipboard', {
+		richColors: true,
+		position: 'top-right',
+	});
+}

frontend/src/periscope/components/FloatingPanel/FloatingPanel.styles.scss

@@ -0,0 +1,22 @@
+.floating-panel {
+	z-index: 999;
+	background: var(--l1-background);
+	border: 1px solid var(--l2-border);
+	border-radius: 6px;
+	box-shadow: 0 8px 24px rgba(0, 0, 0, 0.4);
+	overflow: hidden;
+
+	// Inner div fills the Rnd-controlled size
+	&__inner {
+		width: 100%;
+		height: 100%;
+		display: flex;
+		flex-direction: column;
+		overflow: hidden;
+	}
+
+	// Drag handle — any child with this class becomes the drag target
+	.floating-panel__drag-handle {
+		cursor: move;
+	}
+}

frontend/src/periscope/components/FloatingPanel/FloatingPanel.tsx

@@ -0,0 +1,80 @@
+import { ComponentProps } from 'react';
+import { createPortal } from 'react-dom';
+import { Rnd } from 'react-rnd';
+
+import './FloatingPanel.styles.scss';
+
+type EnableResizing = ComponentProps<typeof Rnd>['enableResizing'];
+
+export interface FloatingPanelProps {
+	isOpen: boolean;
+	children: React.ReactNode;
+	defaultPosition?: { x: number; y: number };
+	width?: number;
+	height?: number;
+	minWidth?: number;
+	minHeight?: number;
+	enableResizing?: EnableResizing;
+	className?: string;
+}
+
+function FloatingPanel({
+	isOpen,
+	children,
+	defaultPosition,
+	width = 560,
+	height = 600,
+	minWidth = 400,
+	minHeight = 300,
+	enableResizing,
+	className,
+}: FloatingPanelProps): JSX.Element | null {
+	if (!isOpen) {
+		return null;
+	}
+
+	const initialPosition = defaultPosition || {
+		x: window.innerWidth - width - 24,
+		y: 80,
+	};
+
+	return createPortal(
+		<Rnd
+			default={{
+				x: initialPosition.x,
+				y: initialPosition.y,
+				width,
+				height,
+			}}
+			dragHandleClassName="floating-panel__drag-handle"
+			minWidth={minWidth}
+			minHeight={minHeight}
+			onDrag={(_e, d): void | false => {
+				const HEADER_HEIGHT = 40;
+				// Top: don't allow header to go above viewport
+				if (d.y < 0) {
+					return false;
+				}
+				// Left: don't allow panel to go off-screen left
+				if (d.x < 0) {
+					return false;
+				}
+				// Bottom: only header needs to be visible
+				if (d.y > window.innerHeight - HEADER_HEIGHT) {
+					return false;
+				}
+				// Right: at least the close button (~40px) stays visible
+				if (d.x > window.innerWidth - 40) {
+					return false;
+				}
+			}}
+			className={`floating-panel ${className || ''}`}
+			enableResizing={enableResizing}
+		>
+			<div className="floating-panel__inner">{children}</div>
+		</Rnd>,
+		document.body,
+	);
+}
+
+export default FloatingPanel;

frontend/src/periscope/components/FloatingPanel/index.ts

@@ -0,0 +1,2 @@
+export type { FloatingPanelProps } from './FloatingPanel';
+export { default as FloatingPanel } from './FloatingPanel';

frontend/src/periscope/components/JsonView/JsonView.styles.scss

@@ -0,0 +1,22 @@
+.json-view {
+	display: flex;
+	flex-direction: column;
+	flex: 1;
+	min-height: 0;
+	overflow: hidden;
+
+	&__footer {
+		flex-shrink: 0;
+		height: 36px;
+		display: flex;
+		align-items: center;
+		border-top: 1px solid var(--l2-border);
+	}
+
+	&__wrap-toggle {
+		display: flex;
+		gap: 8px;
+		margin-left: 12px;
+		align-items: center;
+	}
+}

frontend/src/periscope/components/JsonView/JsonView.tsx

@@ -0,0 +1,78 @@
+import { useState } from 'react';
+import MEditor, { EditorProps, Monaco } from '@monaco-editor/react';
+import { Color } from '@signozhq/design-tokens';
+import { Switch, Typography } from 'antd';
+import { useIsDarkMode } from 'hooks/useDarkMode';
+
+import './JsonView.styles.scss';
+
+export interface JsonViewProps {
+	data: string;
+	height?: string;
+}
+
+const editorOptions: EditorProps['options'] = {
+	automaticLayout: true,
+	readOnly: true,
+	wordWrap: 'on',
+	minimap: { enabled: false },
+	fontWeight: 400,
+	fontFamily: 'SF Mono, Geist Mono, Fira Code, monospace',
+	fontSize: 12,
+	lineHeight: '18px',
+	colorDecorators: true,
+	scrollBeyondLastLine: false,
+	decorationsOverviewRuler: false,
+	scrollbar: { vertical: 'hidden', horizontal: 'hidden' },
+	folding: false,
+};
+
+function setEditorTheme(monaco: Monaco): void {
+	monaco.editor.defineTheme('signoz-dark', {
+		base: 'vs-dark',
+		inherit: true,
+		rules: [
+			{ token: 'string.key.json', foreground: Color.BG_VANILLA_400 },
+			{ token: 'string.value.json', foreground: Color.BG_ROBIN_400 },
+		],
+		colors: {
+			'editor.background': '#00000000', // transparent
+		},
+		fontFamily: 'SF Mono, Geist Mono, Fira Code, monospace',
+		fontSize: 12,
+		fontWeight: 'normal',
+		lineHeight: 18,
+		letterSpacing: -0.06,
+	});
+}
+
+function JsonView({ data, height = '575px' }: JsonViewProps): JSX.Element {
+	const [isWrapWord, setIsWrapWord] = useState(true);
+	const isDarkMode = useIsDarkMode();
+
+	return (
+		<div className="json-view">
+			<MEditor
+				value={data}
+				language="json"
+				options={{ ...editorOptions, wordWrap: isWrapWord ? 'on' : 'off' }}
+				onChange={(): void => {}}
+				height={height}
+				theme={isDarkMode ? 'signoz-dark' : 'light'}
+				beforeMount={setEditorTheme}
+			/>
+			<div className="json-view__footer">
+				<div className="json-view__wrap-toggle">
+					<Typography.Text>Wrap text</Typography.Text>
+					<Switch
+						checked={isWrapWord}
+						onChange={(checked): void => setIsWrapWord(checked)}
+						size="small"
+					/>
+				</div>
+			</div>
+		</div>
+	);
+}
+
+export default JsonView;

frontend/src/periscope/components/JsonView/index.ts

@@ -0,0 +1,2 @@
+export type { JsonViewProps } from './JsonView';
+export { default as JsonView } from './JsonView';

frontend/src/periscope/components/KeyValueLabel/KeyValueLabel.styles.scss

@@ -1,43 +1,67 @@
 .key-value-label {
 	display: flex;
-	align-items: center;
-	border: 1px solid var(--bg-slate-400);
+	border: 1px solid var(--l2-border);
 	border-radius: 2px;
-	flex-wrap: wrap;
+
+	&--row {
+		align-items: center;
+		flex-direction: row;
+		flex-wrap: wrap;
+	}
+
+	&--column {
+		flex-direction: column;
+		border: none;
+		border-radius: 0;
+		gap: 4px;
+		padding: 8px;
+
+		.key-value-label__key {
+			background: transparent;
+			border-radius: 0;
+			padding: 0;
+			font-size: 12px;
+			font-weight: 500;
+			text-transform: uppercase;
+			letter-spacing: 0.48px;
+			line-height: 20px;
+		}
+
+		.key-value-label__value {
+			background: transparent;
+			padding: 0;
+			font-size: 14px;
+			line-height: 20px;
+		}
+	}
 
 	&__key,
 	&__value {
-		padding: 1px 6px;
+		padding: 6px;
 		font-size: 14px;
 		font-weight: 400;
 		line-height: 18px;
 		letter-spacing: -0.005em;
 		&,
 		&:hover {
-			color: var(--text-vanilla-400);
+			color: var(--l1-foreground);
 		}
 	}
+
 	&__key {
-		background: var(--bg-ink-400);
+		background: var(--l2-background);
 		border-radius: 2px 0 0 2px;
 	}
-	&__value {
-		background: var(--bg-slate-400);
-	}
-}
 
-.lightMode {
-	.key-value-label {
-		border-color: var(--bg-vanilla-400);
-		&__key,
-		&__value {
-			color: var(--text-ink-400);
-		}
-		&__key {
-			background: var(--bg-vanilla-300);
-		}
-		&__value {
-			background: var(--bg-vanilla-200);
+	&__value {
+		background: var(--l3-background);
+
+		&--clickable {
+			cursor: pointer;
+
+			&:hover {
+				opacity: 0.8;
+			}
 		}
 	}
 }

frontend/src/periscope/components/KeyValueLabel/KeyValueLabel.tsx

@@ -1,29 +1,61 @@
-import { useMemo } from 'react';
 import { Tooltip } from 'antd';
 
 import TrimmedText from '../TrimmedText/TrimmedText';
 
 import './KeyValueLabel.styles.scss';
 
+// Rethink this component later
 type KeyValueLabelProps = {
 	badgeKey: string | React.ReactNode;
-	badgeValue: string;
+	badgeValue: string | React.ReactNode;
+	direction?: 'row' | 'column';
 	maxCharacters?: number;
+	onClick?: () => void;
 };
 
 export default function KeyValueLabel({
 	badgeKey,
 	badgeValue,
+	direction = 'row',
 	maxCharacters = 20,
+	onClick,
 }: KeyValueLabelProps): JSX.Element | null {
-	const isUrl = useMemo(() => /^https?:\/\//.test(badgeValue), [badgeValue]);
-
 	if (!badgeKey || !badgeValue) {
 		return null;
 	}
 
+	const renderValue = (): JSX.Element => {
+		if (typeof badgeValue !== 'string') {
+			return <div className="key-value-label__value">{badgeValue}</div>;
+		}
+
+		return (
+			<Tooltip title={badgeValue}>
+				<div
+					className={`key-value-label__value ${
+						onClick ? 'key-value-label__value--clickable' : ''
+					}`}
+					onClick={onClick}
+					role={onClick ? 'button' : undefined}
+					tabIndex={onClick ? 0 : undefined}
+					onKeyDown={
+						onClick
+							? (e): void => {
+									if (e.key === 'Enter' || e.key === ' ') {
+										onClick();
+									}
+							  }
+							: undefined
+					}
+				>
+					<TrimmedText text={badgeValue} maxCharacters={maxCharacters} />
+				</div>
+			</Tooltip>
+		);
+	};
+
 	return (
-		<div className="key-value-label">
+		<div className={`key-value-label key-value-label--${direction}`}>
 			<div className="key-value-label__key">
 				{typeof badgeKey === 'string' ? (
 					<TrimmedText text={badgeKey} maxCharacters={maxCharacters} />
@@ -31,26 +63,13 @@ export default function KeyValueLabel({
 					badgeKey
 				)}
 			</div>
-			{isUrl ? (
-				<a
-					href={badgeValue}
-					target="_blank"
-					rel="noopener noreferrer"
-					className="key-value-label__value"
-				>
-					<TrimmedText text={badgeValue} maxCharacters={maxCharacters} />
-				</a>
-			) : (
-				<Tooltip title={badgeValue}>
-					<div className="key-value-label__value">
-						<TrimmedText text={badgeValue} maxCharacters={maxCharacters} />
-					</div>
-				</Tooltip>
-			)}
+			{renderValue()}
 		</div>
 	);
 }
 
 KeyValueLabel.defaultProps = {
 	maxCharacters: 20,
+	direction: 'row',
+	onClick: undefined,
 };

frontend/src/periscope/components/PrettyView/PrettyView.styles.scss

@@ -0,0 +1,191 @@
+.pretty-view {
+	padding: 0;
+	flex: 1;
+	overflow-y: auto;
+	scrollbar-width: none;
+
+	&::-webkit-scrollbar {
+		display: none;
+	}
+
+	&__search-input {
+		position: sticky;
+		top: 0;
+		z-index: 1;
+		margin-bottom: 8px;
+		width: 100%;
+		border: 1px solid var(--l2-border) !important;
+		border-radius: 4px;
+		font-family: 'SF Mono', 'Geist Mono', 'Fira Code', monospace !important;
+		font-size: 12px !important;
+		line-height: 18px !important;
+		background: var(--l1-background) !important;
+		outline: none !important;
+		box-shadow: none !important;
+
+		&:focus {
+			border-color: var(--primary) !important;
+			outline: none !important;
+			box-shadow: none !important;
+		}
+	}
+
+	// Font spec: SF Mono, 12px, 400, 18px line-height, -0.5% letter-spacing
+	font-family: 'SF Mono', 'Geist Mono', 'Fira Code', monospace;
+	font-size: 12px;
+	font-weight: 400;
+	line-height: 18px;
+	letter-spacing: -0.06px;
+
+	// Override react-json-tree inline styles
+	ul {
+		margin: 0 !important;
+		padding-left: 16px !important;
+		list-style: none !important;
+		background-color: transparent !important;
+		flex: 1;
+	}
+
+	> ul,
+	&__pinned > ul {
+		padding-left: 0 !important;
+	}
+
+	// Force font on all tree elements
+	li,
+	span,
+	label {
+		font-family: inherit !important;
+		font-size: inherit !important;
+		line-height: inherit !important;
+		letter-spacing: inherit !important;
+	}
+
+	// Fix react-json-tree text-indent wrapping
+	li {
+		text-indent: 0 !important;
+		margin-left: 0 !important;
+		padding-top: 2px !important;
+		padding-bottom: 2px !important;
+	}
+
+	.pretty-view__actions {
+		margin-right: 16px;
+	}
+
+	// Leaf node row — hover highlights only this row
+	&__row {
+		border-radius: 2px;
+		display: flex !important;
+		align-items: baseline;
+
+		&:hover {
+			background-color: var(--l3-background);
+
+			.pretty-view__actions {
+				opacity: 1;
+			}
+		}
+
+		// Push actions to the right edge
+		> span {
+			flex: 1;
+		}
+	}
+
+	// Nested node (object/array) — hover only on the label line, not children
+	&__nested-row {
+		> label,
+		> span:not(ul span) {
+			border-radius: 2px;
+			padding: 1px 2px;
+			display: inline !important; // keep item string inline with label
+		}
+
+		// Highlight label + item string on hover, show actions
+		&:hover > label,
+		&:hover > label + span {
+			background-color: var(--l3-background);
+		}
+
+		&:hover > label + span .pretty-view__actions {
+			opacity: 1;
+		}
+
+		// In nested rows, value-row should not take full width
+		.pretty-view__value-row {
+			width: auto;
+		}
+	}
+
+	// Value + actions wrapper (from valueRenderer / getItemString)
+	&__value-row {
+		display: inline-flex;
+		align-items: center;
+		gap: 6px;
+	}
+
+	// In leaf rows, value-row takes full width to push ... to the right
+	&__row &__value-row {
+		justify-content: space-between;
+		width: 100%;
+	}
+
+	// ... actions button — hidden by default, shown on row hover
+	&__actions {
+		opacity: 0;
+		display: inline-flex;
+		align-items: center;
+		cursor: pointer;
+		color: var(--l2-foreground);
+		transition: opacity 0.1s ease;
+		padding: 0 2px;
+
+		&:hover {
+			color: var(--l1-foreground);
+		}
+	}
+
+	// Pinned items section
+	&__pinned {
+		border-bottom: 1px solid var(--l2-border);
+		padding-bottom: 8px;
+		margin-bottom: 8px;
+		padding-left: 0px;
+
+		li {
+			margin-left: 0 !important;
+			padding-left: 0 !important;
+			display: flex !important;
+			align-items: baseline;
+		}
+	}
+
+	&__pinned-header {
+		font-size: 11px;
+		font-weight: 500;
+		color: var(--l3-foreground);
+		text-transform: uppercase;
+		letter-spacing: 0.5px;
+		padding: 4px;
+	}
+
+	&__pinned-label {
+		display: inline-flex;
+		align-items: baseline;
+		gap: 6px;
+	}
+
+	&__pinned-icon {
+		flex-shrink: 0;
+		color: var(--text-robin-400);
+		cursor: pointer;
+		fill: var(--text-robin-400);
+		transition: fill 0.1s ease;
+
+		&:hover {
+			color: var(--text-robin-300);
+			fill: transparent;
+		}
+	}
+}

frontend/src/periscope/components/PrettyView/PrettyView.tsx

@@ -0,0 +1,300 @@
+import { useCallback, useMemo } from 'react';
+import { JSONTree, KeyPath } from 'react-json-tree';
+import { Copy, Ellipsis, Pin, PinOff } from '@signozhq/icons';
+import { Input } from '@signozhq/input';
+import type { MenuProps } from 'antd';
+// TODO: Replace antd Dropdown with @signozhq/ui component when moving to design library
+import { Dropdown } from 'antd';
+import { useIsDarkMode } from 'hooks/useDarkMode';
+
+import { darkTheme, lightTheme, themeExtension } from './constants';
+import usePinnedFields from './hooks/usePinnedFields';
+import useSearchFilter, { filterTree } from './hooks/useSearchFilter';
+import {
+	copyToClipboard,
+	keyPathToDisplayString,
+	keyPathToForward,
+	serializeKeyPath,
+} from './utils';
+
+import './PrettyView.styles.scss';
+
+export interface FieldContext {
+	fieldKey: string;
+	fieldKeyPath: (string | number)[];
+	fieldValue: unknown;
+	isNested: boolean;
+}
+
+export interface PrettyViewAction {
+	key: string;
+	label: React.ReactNode;
+	icon?: React.ReactNode;
+	onClick: (context: FieldContext) => void;
+}
+
+export interface PrettyViewProps {
+	// eslint-disable-next-line @typescript-eslint/no-explicit-any
+	data: Record<string, any>;
+	actions?: PrettyViewAction[];
+	searchable?: boolean;
+	showPinned?: boolean;
+	drawerKey?: string;
+}
+
+function PrettyView({
+	data,
+	actions,
+	searchable = true,
+	showPinned = false,
+	drawerKey = 'default',
+}: PrettyViewProps): JSX.Element {
+	const isDarkMode = useIsDarkMode();
+	const { searchQuery, setSearchQuery, filteredData } = useSearchFilter(data);
+	const {
+		isPinned,
+		togglePin,
+		pinnedEntries,
+		pinnedData,
+		displayKeyToForwardPath,
+	} = usePinnedFields(data, drawerKey);
+
+	const filteredPinnedData = useMemo(() => {
+		const trimmed = searchQuery.trim();
+		if (!trimmed) {
+			return pinnedData;
+		}
+		return filterTree(pinnedData, trimmed) || {};
+	}, [pinnedData, searchQuery]);
+
+	const theme = useMemo(
+		() => ({
+			extend: isDarkMode ? darkTheme : lightTheme,
+			...themeExtension,
+		}),
+		[isDarkMode],
+	);
+
+	const shouldExpandNodeInitially = useCallback(
+		(
+			_keyPath: readonly (string | number)[],
+			_data: unknown,
+			level: number,
+		): boolean => level < 5,
+		[],
+	);
+
+	const buildMenuItems = useCallback(
+		(context: FieldContext): MenuProps['items'] => {
+			// todo: drive dropdown through config.
+			const copyItem = {
+				key: 'copy',
+				label: 'Copy',
+				icon: <Copy size={12} />,
+				onClick: (): void => {
+					copyToClipboard(context.fieldValue);
+				},
+			};
+
+			const items: NonNullable<MenuProps['items']> = [copyItem];
+
+			// Pin action only for leaf nodes
+			if (!context.isNested) {
+				// Resolve the correct forward path — pinned tree uses display keys
+				// which don't match the original serialized path
+				const resolvedPath =
+					displayKeyToForwardPath[context.fieldKey] || context.fieldKeyPath;
+				const serialized = serializeKeyPath(resolvedPath);
+				const pinned = isPinned(serialized);
+
+				items.push({
+					key: 'pin',
+					label: pinned ? 'Unpin field' : 'Pin field',
+					icon: pinned ? <PinOff size={12} /> : <Pin size={12} />,
+					onClick: (): void => {
+						togglePin(resolvedPath);
+					},
+				});
+			}
+
+			if (actions && actions.length > 0) {
+				//todo: why this divider?
+				items.push({ type: 'divider' as const, key: 'divider' });
+				actions.forEach((action) => {
+					items.push({
+						key: action.key,
+						label: action.label,
+						icon: action.icon,
+						onClick: (): void => {
+							action.onClick(context);
+						},
+					});
+				});
+			}
+
+			return items;
+		},
+		[actions, isPinned, togglePin, displayKeyToForwardPath],
+	);
+
+	const renderWithActions = useCallback(
+		({
+			content,
+			fieldKey,
+			fieldKeyPath,
+			value,
+			isNested,
+		}: {
+			content: React.ReactNode;
+			fieldKey: string;
+			fieldKeyPath: (string | number)[];
+			value: unknown;
+			isNested: boolean;
+		}): React.ReactNode => {
+			const context: FieldContext = {
+				fieldKey,
+				fieldKeyPath,
+				fieldValue: value,
+				isNested,
+			};
+			const menuItems = buildMenuItems(context);
+			return (
+				<span className="pretty-view__value-row">
+					<span>{content}</span>
+					<Dropdown
+						menu={{
+							items: menuItems,
+							onClick: (e): void => {
+								e.domEvent.stopPropagation();
+							},
+						}}
+						trigger={['click']}
+						placement="bottomLeft"
+						getPopupContainer={(trigger): HTMLElement =>
+							trigger.parentElement || document.body
+						}
+					>
+						<span
+							className="pretty-view__actions"
+							onClick={(e): void => e.stopPropagation()}
+							role="button"
+							tabIndex={0}
+						>
+							<Ellipsis size={12} />
+						</span>
+					</Dropdown>
+				</span>
+			);
+		},
+		[buildMenuItems],
+	);
+
+	const getItemString = useCallback(
+		(
+			_nodeType: string,
+			nodeData: unknown,
+			itemType: React.ReactNode,
+			itemString: string,
+			keyPath: KeyPath,
+		): // eslint-disable-next-line max-params
+		React.ReactNode => {
+			const forwardPath = keyPathToForward(keyPath);
+			return renderWithActions({
+				content: (
+					<>
+						{itemType} {itemString}
+					</>
+				),
+				fieldKey: keyPathToDisplayString(keyPath),
+				fieldKeyPath: forwardPath,
+				value: nodeData,
+				isNested: true,
+			});
+		},
+		[renderWithActions],
+	);
+
+	const valueRenderer = useCallback(
+		(
+			valueAsString: unknown,
+			value: unknown,
+			...keyPath: KeyPath
+		): React.ReactNode => {
+			const forwardPath = keyPathToForward(keyPath);
+			return renderWithActions({
+				content: String(valueAsString),
+				fieldKey: keyPathToDisplayString(keyPath),
+				fieldKeyPath: forwardPath,
+				value,
+				isNested: typeof value === 'object' && value !== null,
+			});
+		},
+		[renderWithActions],
+	);
+
+	const pinnedLabelRenderer = useCallback(
+		(keyPath: KeyPath): React.ReactNode => {
+			const displayKey = String(keyPath[0]);
+			const entry = pinnedEntries.find((e) => e.displayKey === displayKey);
+			return (
+				<span className="pretty-view__pinned-label">
+					<Pin
+						size={12}
+						className="pretty-view__pinned-icon"
+						onClick={(): void => {
+							if (entry) {
+								togglePin(entry.forwardPath);
+							}
+						}}
+					/>
+					<span>{displayKey}</span>
+				</span>
+			);
+		},
+		[togglePin, pinnedEntries],
+	);
+
+	return (
+		<div className="pretty-view">
+			{searchable && (
+				<Input
+					className="pretty-view__search-input"
+					type="text"
+					placeholder="Search for a field..."
+					value={searchQuery}
+					onChange={(e): void => setSearchQuery(e.target.value)}
+				/>
+			)}
+
+			{showPinned && Object.keys(filteredPinnedData).length > 0 && (
+				<div className="pretty-view__pinned">
+					<div className="pretty-view__pinned-header">PINNED ITEMS</div>
+					<JSONTree
+						key={`pinned-${searchQuery}`}
+						data={filteredPinnedData}
+						theme={theme}
+						invertTheme={false}
+						hideRoot
+						shouldExpandNodeInitially={shouldExpandNodeInitially}
+						valueRenderer={valueRenderer}
+						getItemString={getItemString}
+						labelRenderer={pinnedLabelRenderer}
+					/>
+				</div>
+			)}
+
+			<JSONTree
+				key={searchQuery}
+				data={filteredData}
+				theme={theme}
+				invertTheme={false}
+				hideRoot
+				shouldExpandNodeInitially={shouldExpandNodeInitially}
+				valueRenderer={valueRenderer}
+				getItemString={getItemString}
+			/>
+		</div>
+	);
+}
+
+export default PrettyView;

frontend/src/periscope/components/PrettyView/constants.ts

@@ -0,0 +1,62 @@
+// Dark theme — SigNoz design palette
+export const darkTheme = {
+	scheme: 'signoz-dark',
+	author: 'signoz',
+	base00: 'transparent',
+	base01: '#161922',
+	base02: '#1d212d',
+	base03: '#62687C',
+	base04: '#ADB4C2',
+	base05: '#ADB4C2',
+	base06: '#ADB4C2',
+	base07: '#ADB4C2',
+	base08: '#EA6D71',
+	base09: '#7CEDBD',
+	base0A: '#7CEDBD',
+	base0B: '#ADB4C2',
+	base0C: '#23C4F8',
+	base0D: '#95ACFB',
+	base0E: '#95ACFB',
+	base0F: '#AD7F58',
+};
+
+// Light theme
+export const lightTheme = {
+	scheme: 'signoz-light',
+	author: 'signoz',
+	base00: 'transparent',
+	base01: '#F9F9FB',
+	base02: '#EFF0F3',
+	base03: '#80828D',
+	base04: '#62636C',
+	base05: '#62636C',
+	base06: '#62636C',
+	base07: '#1E1F24',
+	base08: '#E5484D',
+	base09: '#168757',
+	base0A: '#168757',
+	base0B: '#62636C',
+	base0C: '#157594',
+	base0D: '#2F48A0',
+	base0E: '#2F48A0',
+	base0F: '#684C35',
+};
+
+export const themeExtension = {
+	value: ({
+		style,
+	}: {
+		style: Record<string, unknown>;
+	}): { style: Record<string, unknown>; className: string } => ({
+		style: { ...style },
+		className: 'pretty-view__row',
+	}),
+	nestedNode: ({
+		style,
+	}: {
+		style: Record<string, unknown>;
+	}): { style: Record<string, unknown>; className: string } => ({
+		style: { ...style },
+		className: 'pretty-view__nested-row',
+	}),
+};

frontend/src/periscope/components/PrettyView/hooks/usePinnedFields.ts

@@ -0,0 +1,127 @@
+import { useCallback, useMemo, useState } from 'react';
+
+import {
+	deserializeKeyPath,
+	keyPathToDisplayString,
+	resolveValueByKeys,
+	serializeKeyPath,
+} from '../utils';
+
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+type AnyRecord = Record<string, any>;
+
+const STORAGE_PREFIX = 'pinnedFields';
+
+function loadFromStorage(storageKey: string): string[] {
+	try {
+		const stored = localStorage.getItem(storageKey);
+		return stored ? JSON.parse(stored) : [];
+	} catch {
+		return [];
+	}
+}
+
+function saveToStorage(storageKey: string, keys: string[]): void {
+	localStorage.setItem(storageKey, JSON.stringify(keys));
+}
+
+export interface PinnedEntry {
+	serializedKey: string;
+	displayKey: string;
+	forwardPath: (string | number)[];
+	value: unknown;
+}
+
+export interface UsePinnedFieldsReturn {
+	isPinned: (serializedKey: string) => boolean;
+	togglePin: (forwardPath: (string | number)[]) => void;
+	pinnedEntries: PinnedEntry[];
+	pinnedData: AnyRecord;
+	displayKeyToForwardPath: Record<string, (string | number)[]>;
+}
+
+function usePinnedFields(
+	data: AnyRecord,
+	drawerKey: string,
+): UsePinnedFieldsReturn {
+	const storageKey = `${STORAGE_PREFIX}:${drawerKey}`;
+
+	// Stored as serialized keyPath arrays (JSON strings)
+	const [pinnedSerializedKeys, setPinnedSerializedKeys] = useState<Set<string>>(
+		() => new Set(loadFromStorage(storageKey)),
+	);
+
+	const togglePin = useCallback(
+		(forwardPath: (string | number)[]): void => {
+			const serialized = serializeKeyPath(forwardPath);
+			setPinnedSerializedKeys((prev) => {
+				const next = new Set(prev);
+				if (next.has(serialized)) {
+					next.delete(serialized);
+				} else {
+					next.add(serialized);
+				}
+				saveToStorage(storageKey, Array.from(next));
+				return next;
+			});
+		},
+		[storageKey],
+	);
+
+	const isPinned = useCallback(
+		(serializedKey: string): boolean => pinnedSerializedKeys.has(serializedKey),
+		[pinnedSerializedKeys],
+	);
+
+	const pinnedEntries = useMemo(
+		(): PinnedEntry[] =>
+			Array.from(pinnedSerializedKeys)
+				.map((serializedKey) => {
+					const forwardPath = deserializeKeyPath(serializedKey);
+					if (!forwardPath) {
+						return null;
+					}
+					return {
+						serializedKey,
+						displayKey: keyPathToDisplayString(
+							[...forwardPath].reverse() as readonly (string | number)[],
+						),
+						forwardPath,
+						value: resolveValueByKeys(data, forwardPath),
+					};
+				})
+				.filter(
+					(entry): entry is PinnedEntry =>
+						entry !== null && entry.value !== undefined,
+				),
+		[pinnedSerializedKeys, data],
+	);
+
+	// Flat object for the pinned JSONTree — use display key as the object key
+	const pinnedData = useMemo(
+		() =>
+			Object.fromEntries(
+				pinnedEntries.map((entry) => [entry.displayKey, entry.value]),
+			),
+		[pinnedEntries],
+	);
+
+	// Map from display key to original forward path — for unpin from pinned tree
+	const displayKeyToForwardPath = useMemo(
+		(): Record<string, (string | number)[]> =>
+			Object.fromEntries(
+				pinnedEntries.map((entry) => [entry.displayKey, entry.forwardPath]),
+			),
+		[pinnedEntries],
+	);
+
+	return {
+		isPinned,
+		togglePin,
+		pinnedEntries,
+		pinnedData,
+		displayKeyToForwardPath,
+	};
+}
+
+export default usePinnedFields;

frontend/src/periscope/components/PrettyView/hooks/useSearchFilter.ts

@@ -0,0 +1,82 @@
+import { useMemo, useState } from 'react';
+
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+type AnyRecord = Record<string, any>;
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+type AnyValue = any;
+
+function isLeaf(value: unknown): boolean {
+	return value === null || value === undefined || typeof value !== 'object';
+}
+
+function matchesQuery(text: string, lowerQuery: string): boolean {
+	return text.toLowerCase().includes(lowerQuery);
+}
+
+// Filter a single value (leaf, array, or object) against the query.
+// Returns the filtered value or null if no match.
+function filterValue(value: AnyValue, query: string): AnyValue | null {
+	if (isLeaf(value)) {
+		return matchesQuery(String(value), query.toLowerCase()) ? value : null;
+	}
+
+	if (Array.isArray(value)) {
+		return filterArray(value, query);
+	}
+
+	return filterTree(value, query);
+}
+
+// Recursively filter an array, keeping only elements that match
+function filterArray(arr: AnyValue[], query: string): AnyValue[] | null {
+	const results = arr
+		.map((item) => filterValue(item, query))
+		.filter((item) => item !== null);
+
+	return results.length > 0 ? results : null;
+}
+
+// Recursively filter the data tree, keeping only branches with matching keys or values
+export function filterTree(obj: AnyRecord, query: string): AnyRecord | null {
+	const result: AnyRecord = {};
+	const lowerQuery = query.toLowerCase();
+	let hasMatch = false;
+
+	for (const [key, value] of Object.entries(obj)) {
+		if (matchesQuery(key, lowerQuery)) {
+			result[key] = value;
+			hasMatch = true;
+			continue;
+		}
+
+		const filtered = filterValue(value, query);
+		if (filtered !== null) {
+			result[key] = filtered;
+			hasMatch = true;
+		}
+	}
+
+	return hasMatch ? result : null;
+}
+
+interface UseSearchFilterReturn {
+	searchQuery: string;
+	setSearchQuery: (query: string) => void;
+	filteredData: AnyRecord;
+}
+
+function useSearchFilter(data: AnyRecord): UseSearchFilterReturn {
+	const [searchQuery, setSearchQuery] = useState('');
+
+	const filteredData = useMemo(() => {
+		const trimmed = searchQuery.trim();
+		if (!trimmed) {
+			return data;
+		}
+		return filterTree(data, trimmed) || {};
+	}, [data, searchQuery]);
+
+	return { searchQuery, setSearchQuery, filteredData };
+}
+
+export default useSearchFilter;

frontend/src/periscope/components/PrettyView/index.ts

@@ -0,0 +1,2 @@
+export type { PrettyViewProps } from './PrettyView';
+export { default as PrettyView } from './PrettyView';

frontend/src/periscope/components/PrettyView/utils.ts

@@ -0,0 +1,58 @@
+import { toast } from '@signozhq/sonner';
+
+export function copyToClipboard(value: unknown): void {
+	const text =
+		typeof value === 'object' ? JSON.stringify(value, null, 2) : String(value);
+	// eslint-disable-next-line no-restricted-properties
+	navigator.clipboard.writeText(text);
+	toast.success('Copied to clipboard', {
+		richColors: true,
+		position: 'top-right',
+	});
+}
+
+// Resolve a value from a nested object using an array of keys (not dot-notation)
+// e.g. resolveValueByKeys({ tagMap: { 'cloud.account.id': 'x' } }, ['tagMap', 'cloud.account.id']) → 'x'
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+export function resolveValueByKeys(
+	data: Record<string, any>,
+	keys: (string | number)[],
+): unknown {
+	// eslint-disable-next-line @typescript-eslint/no-explicit-any
+	return keys.reduce((obj: any, key) => obj?.[key], data);
+}
+
+// Convert react-json-tree's reversed keyPath to forward order
+// e.g. ['cloud.account.id', 'tagMap'] → ['tagMap', 'cloud.account.id']
+export function keyPathToForward(
+	keyPath: readonly (string | number)[],
+): (string | number)[] {
+	return [...keyPath].reverse();
+}
+
+// Display-friendly string for a keyPath
+// e.g. ['tagMap', 'cloud.account.id'] → 'tagMap.cloud.account.id'
+export function keyPathToDisplayString(
+	keyPath: readonly (string | number)[],
+): string {
+	return [...keyPath].reverse().join('.');
+}
+
+// Serialize keyPath for storage/comparison (JSON stringified array)
+export function serializeKeyPath(keyPath: (string | number)[]): string {
+	return JSON.stringify(keyPath);
+}
+
+export function deserializeKeyPath(
+	serialized: string,
+): (string | number)[] | null {
+	try {
+		const parsed = JSON.parse(serialized);
+		if (Array.isArray(parsed)) {
+			return parsed;
+		}
+		return null;
+	} catch {
+		return null;
+	}
+}

frontend/src/periscope/components/ResizableBox/ResizableBox.styles.scss

@@ -0,0 +1,42 @@
+.resizable-box {
+	position: relative;
+	overflow: hidden;
+
+	&--disabled {
+		flex: 1;
+		min-height: 0;
+	}
+
+	&__content {
+		width: 100%;
+		height: 100%;
+		overflow: hidden;
+	}
+
+	&__handle {
+		position: absolute;
+		z-index: 10;
+		background: var(--l2-border);
+
+		&:hover,
+		&:active {
+			background: var(--primary);
+		}
+
+		&--vertical {
+			bottom: 0;
+			left: 0;
+			right: 0;
+			height: 4px;
+			cursor: row-resize;
+		}
+
+		&--horizontal {
+			right: 0;
+			top: 0;
+			bottom: 0;
+			width: 4px;
+			cursor: col-resize;
+		}
+	}
+}

frontend/src/periscope/components/ResizableBox/ResizableBox.tsx

@@ -0,0 +1,88 @@
+import { useCallback, useRef, useState } from 'react';
+
+import './ResizableBox.styles.scss';
+
+export interface ResizableBoxProps {
+	children: React.ReactNode;
+	direction?: 'vertical' | 'horizontal';
+	defaultHeight?: number;
+	minHeight?: number;
+	maxHeight?: number;
+	defaultWidth?: number;
+	minWidth?: number;
+	maxWidth?: number;
+	onResize?: (size: number) => void;
+	disabled?: boolean;
+	className?: string;
+}
+
+function ResizableBox({
+	children,
+	direction = 'vertical',
+	defaultHeight = 200,
+	minHeight = 50,
+	maxHeight = Infinity,
+	defaultWidth = 200,
+	minWidth = 50,
+	maxWidth = Infinity,
+	onResize,
+	disabled = false,
+	className,
+}: ResizableBoxProps): JSX.Element {
+	const isHorizontal = direction === 'horizontal';
+	const [size, setSize] = useState(isHorizontal ? defaultWidth : defaultHeight);
+	const containerRef = useRef<HTMLDivElement>(null);
+
+	const handleMouseDown = useCallback(
+		(e: React.MouseEvent): void => {
+			e.preventDefault();
+			const startPos = isHorizontal ? e.clientX : e.clientY;
+			const startSize = size;
+			const min = isHorizontal ? minWidth : minHeight;
+			const max = isHorizontal ? maxWidth : maxHeight;
+
+			const onMouseMove = (moveEvent: MouseEvent): void => {
+				const currentPos = isHorizontal ? moveEvent.clientX : moveEvent.clientY;
+				const delta = currentPos - startPos;
+				const newSize = Math.min(max, Math.max(min, startSize + delta));
+				setSize(newSize);
+				onResize?.(newSize);
+			};
+
+			const onMouseUp = (): void => {
+				document.removeEventListener('mousemove', onMouseMove);
+				document.removeEventListener('mouseup', onMouseUp);
+				document.body.style.cursor = '';
+				document.body.style.userSelect = '';
+			};
+
+			document.body.style.cursor = isHorizontal ? 'col-resize' : 'row-resize';
+			document.body.style.userSelect = 'none';
+			document.addEventListener('mousemove', onMouseMove);
+			document.addEventListener('mouseup', onMouseUp);
+		},
+		[size, isHorizontal, minWidth, maxWidth, minHeight, maxHeight, onResize],
+	);
+
+	const containerStyle = disabled
+		? undefined
+		: isHorizontal
+		? { width: size }
+		: { height: size };
+	const handleClass = `resizable-box__handle resizable-box__handle--${direction}`;
+
+	return (
+		<div
+			ref={containerRef}
+			className={`resizable-box ${disabled ? 'resizable-box--disabled' : ''} ${
+				className || ''
+			}`}
+			style={containerStyle}
+		>
+			<div className="resizable-box__content">{children}</div>
+			{!disabled && <div className={handleClass} onMouseDown={handleMouseDown} />}
+		</div>
+	);
+}
+
+export default ResizableBox;

frontend/src/periscope/components/ResizableBox/index.ts

@@ -0,0 +1,2 @@
+export type { ResizableBoxProps } from './ResizableBox';
+export { default as ResizableBox } from './ResizableBox';

frontend/yarn.lock

@@ -6538,6 +6538,11 @@
   resolved "https://registry.yarnpkg.com/@types/lodash/-/lodash-4.17.0.tgz#d774355e41f372d5350a4d0714abb48194a489c3"
   integrity sha512-t7dhREVv6dbNj0q17X12j7yDG4bD/DHYX7o5/DbDxobP0HnGPgpRz2Ej77aL7TZT3DSw13fqUTj8J4mMnqa7WA==
 
+"@types/lodash@^4.17.0", "@types/lodash@^4.17.15":
+  version "4.17.24"
+  resolved "https://registry.yarnpkg.com/@types/lodash/-/lodash-4.17.24.tgz#4ae334fc62c0e915ca8ed8e35dcc6d4eeb29215f"
+  integrity sha512-gIW7lQLZbue7lRSWEFql49QJJWThrTFFeIMJdp3eH4tKoxm1OvEPg02rm4wCCSHS0cL3/Fizimb35b7k8atwsQ==
+
 "@types/mdast@^3.0.0":
   version "3.0.12"
   resolved "https://registry.yarnpkg.com/@types/mdast/-/mdast-3.0.12.tgz#beeb511b977c875a5b0cc92eab6fcac2f0895514"
@@ -8952,7 +8957,7 @@ color-string@^1.9.0:
     color-name "^1.0.0"
     simple-swizzle "^0.2.2"
 
-color@^4.2.1:
+color@^4.2.1, color@^4.2.3:
   version "4.2.3"
   resolved "https://registry.npmjs.org/color/-/color-4.2.3.tgz"
   integrity sha512-1rXeuUUiGGrykh+CeBdu5Ie7OJwinCgQY0bc7GCRxy5xVHy+moaqkpL/jqQq0MtQOeYcrqEz4abc5f0KtU7W4A==
@@ -9384,6 +9389,11 @@ csstype@^3.1.2:
   resolved "https://registry.yarnpkg.com/csstype/-/csstype-3.1.3.tgz#d80ff294d114fb0e6ac500fbf85b60137d7eff81"
   integrity sha512-M1uQkMl8rQK/szD0LNhtqxIPLpimGm8sOBwU7lLnCpSbTyY3yeU1Vc7l4KT5zT4s/yOxHH5O7tIuuLOCnLADRw==
 
+csstype@^3.1.3:
+  version "3.2.3"
+  resolved "https://registry.yarnpkg.com/csstype/-/csstype-3.2.3.tgz#ec48c0f3e993e50648c86da559e2610995cf989a"
+  integrity sha512-z1HGKcYy2xA8AGQfwrn0PAy+PB7X/GSj3UVJW9qKyn43xWa+gl5nXmU4qqLMRzWVLFC8KusUX8T/0kCiOYpAIQ==
+
 "d3-array@1 - 3", "d3-array@2 - 3", "d3-array@2.10.0 - 3":
   version "3.2.3"
   resolved "https://registry.npmjs.org/d3-array/-/d3-array-3.2.3.tgz"
@@ -16819,6 +16829,11 @@ rc-virtual-list@^3.11.1, rc-virtual-list@^3.5.1, rc-virtual-list@^3.5.2:
     rc-resize-observer "^1.0.0"
     rc-util "^5.36.0"
 
+re-resizable@^6.11.2:
+  version "6.11.2"
+  resolved "https://registry.yarnpkg.com/re-resizable/-/re-resizable-6.11.2.tgz#2e8f7119ca3881d5b5aea0ffa014a80e5c1252b3"
+  integrity sha512-2xI2P3OHs5qw7K0Ud1aLILK6MQxW50TcO+DetD9eIV58j84TqYeHoZcL9H4GXFXXIh7afhH8mv5iUCXII7OW7A==
+
 react-addons-update@15.6.3:
   version "15.6.3"
   resolved "https://registry.yarnpkg.com/react-addons-update/-/react-addons-update-15.6.3.tgz#c449c309154024d04087b206d0400e020547b313"
@@ -16826,6 +16841,16 @@ react-addons-update@15.6.3:
   dependencies:
     object-assign "^4.1.0"
 
+react-base16-styling@^0.10.0:
+  version "0.10.0"
+  resolved "https://registry.yarnpkg.com/react-base16-styling/-/react-base16-styling-0.10.0.tgz#5d5f019bd4dc5870c3e92fd9d5410533a0bbb0c6"
+  integrity sha512-H1k2eFB6M45OaiRru3PBXkuCcn2qNmx+gzLb4a9IPMR7tMH8oBRXU5jGbPDYG1Hz+82d88ED0vjR8BmqU3pQdg==
+  dependencies:
+    "@types/lodash" "^4.17.0"
+    color "^4.2.3"
+    csstype "^3.1.3"
+    lodash-es "^4.17.21"
+
 react-beautiful-dnd@13.1.1:
   version "13.1.1"
   resolved "https://registry.yarnpkg.com/react-beautiful-dnd/-/react-beautiful-dnd-13.1.1.tgz#b0f3087a5840920abf8bb2325f1ffa46d8c4d0a2"
@@ -16890,6 +16915,14 @@ react-draggable@^4.0.0, react-draggable@^4.0.3:
     clsx "^1.1.1"
     prop-types "^15.8.1"
 
+react-draggable@^4.5.0:
+  version "4.5.0"
+  resolved "https://registry.yarnpkg.com/react-draggable/-/react-draggable-4.5.0.tgz#0b274ccb6965fcf97ed38fcf7e3cc223bc48cdf5"
+  integrity sha512-VC+HBLEZ0XJxnOxVAZsdRi8rD04Iz3SiiKOoYzamjylUcju/hP9np/aZdLHf/7WOD268WMoNJMvYfB5yAK45cw==
+  dependencies:
+    clsx "^2.1.1"
+    prop-types "^15.8.1"
+
 react-error-boundary@4.0.11:
   version "4.0.11"
   resolved "https://registry.yarnpkg.com/react-error-boundary/-/react-error-boundary-4.0.11.tgz#36bf44de7746714725a814630282fee83a7c9a1c"
@@ -16980,6 +17013,14 @@ react-is@^18.3.1:
   resolved "https://registry.yarnpkg.com/react-is/-/react-is-18.3.1.tgz#e83557dc12eae63a99e003a46388b1dcbb44db7e"
   integrity sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==
 
+react-json-tree@0.20.0:
+  version "0.20.0"
+  resolved "https://registry.yarnpkg.com/react-json-tree/-/react-json-tree-0.20.0.tgz#1e7fd26f093bd49d733f80dd9b6d40142e09f7c9"
+  integrity sha512-h+f9fUNAxzBx1rbrgUF7+zSWKGHDtt2VPYLErIuB0JyKGnWgFMM21ksqQyb3EXwXNnoMW2rdE5kuAaubgGOx2Q==
+  dependencies:
+    "@types/lodash" "^4.17.15"
+    react-base16-styling "^0.10.0"
+
 react-kapsule@^2.5:
   version "2.5.7"
   resolved "https://registry.yarnpkg.com/react-kapsule/-/react-kapsule-2.5.7.tgz#dcd957ae8e897ff48055fc8ff48ed04ebe3c5bd2"
@@ -17099,6 +17140,15 @@ react-resizable@^3.0.4:
     prop-types "15.x"
     react-draggable "^4.0.3"
 
+react-rnd@10.5.3:
+  version "10.5.3"
+  resolved "https://registry.yarnpkg.com/react-rnd/-/react-rnd-10.5.3.tgz#f8c484034276a561e8aa2fbf6a94580596621013"
+  integrity sha512-s/sIT3pGZnQ+57egijkTp9mizjIWrJz68Pq6yd+F/wniFY3IriML18dUXnQe/HP9uMiJ+9MAp44hljG99fZu6Q==
+  dependencies:
+    re-resizable "^6.11.2"
+    react-draggable "^4.5.0"
+    tslib "2.6.2"
+
 react-router-dom-v5-compat@6.27.0:
   version "6.27.0"
   resolved "https://registry.yarnpkg.com/react-router-dom-v5-compat/-/react-router-dom-v5-compat-6.27.0.tgz#19429aefa130ee151e6f4487d073d919ec22d458"
@@ -19184,6 +19234,11 @@ tsconfig-paths@^4.2.0:
     minimist "^1.2.6"
     strip-bom "^3.0.0"
 
+tslib@2.6.2, tslib@^2.0.0:
+  version "2.6.2"
+  resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.6.2.tgz#703ac29425e7b37cd6fd456e92404d46d1f3e4ae"
+  integrity sha512-AEYxH93jGFPn/a2iVAwW87VuUIkR1FVUKB77NwMF7nBTDkDrrT/Hpt/IrCJ0QXhW27jTBDcf5ZY7w6RiqTMw2Q==
+
 tslib@2.7.0:
   version "2.7.0"
   resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.7.0.tgz#d9b40c5c40ab59e8738f297df3087bf1a2690c01"
@@ -19194,11 +19249,6 @@ tslib@^1.14.1, tslib@^1.8.1:
   resolved "https://registry.yarnpkg.com/tslib/-/tslib-1.14.1.tgz#cf2d38bdc34a134bcaf1091c41f6619e2f672d00"
   integrity sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg==
 
-tslib@^2.0.0:
-  version "2.6.2"
-  resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.6.2.tgz#703ac29425e7b37cd6fd456e92404d46d1f3e4ae"
-  integrity sha512-AEYxH93jGFPn/a2iVAwW87VuUIkR1FVUKB77NwMF7nBTDkDrrT/Hpt/IrCJ0QXhW27jTBDcf5ZY7w6RiqTMw2Q==
-
 tslib@^2.0.3, tslib@^2.1.0, tslib@^2.3.0:
   version "2.5.0"
   resolved "https://registry.npmjs.org/tslib/-/tslib-2.5.0.tgz"

pkg/auditor/config.go

@@ -63,6 +63,7 @@ type RetryConfig struct {
 
 func newConfig() factory.Config {
 	return Config{
+		Provider:      "noop",
 		BufferSize:    1000,
 		BatchSize:     100,
 		FlushInterval: time.Second,

pkg/modules/cloudintegration/config.go

@@ -1,32 +0,0 @@
-package cloudintegration
-
-import (
-	"github.com/SigNoz/signoz/pkg/factory"
-)
-
-type Config struct {
-	// Agent config for cloud integration
-	Agent AgentConfig `mapstructure:"agent"`
-}
-
-type AgentConfig struct {
-	Version string `mapstructure:"version"`
-}
-
-func NewConfigFactory() factory.ConfigFactory {
-	return factory.NewConfigFactory(factory.MustNewName("cloudintegration"), newConfig)
-}
-
-func newConfig() factory.Config {
-	return &Config{
-		Agent: AgentConfig{
-			// we will maintain the latest version of cloud integration agent from here,
-			// till we automate it externally or figure out a way to validate it.
-			Version: "v0.0.8",
-		},
-	}
-}
-
-func (c Config) Validate() error {
-	return nil
-}

pkg/modules/cloudintegration/implcloudintegration/definitionstore.go

@@ -1,176 +1,21 @@
 package implcloudintegration
 
 import (
-	"bytes"
 	"context"
-	"embed"
-	"encoding/base64"
-	"encoding/json"
-	"fmt"
-	"io/fs"
-	"path"
-	"sort"
-	"strings"
 
-	"github.com/SigNoz/signoz/pkg/errors"
 	citypes "github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
 )
 
-const definitionsRoot = "fs/definitions"
-
-//go:embed fs/definitions/*
-var definitionFiles embed.FS
-
 type definitionStore struct{}
 
-// NewServiceDefinitionStore creates a new ServiceDefinitionStore backed by the embedded filesystem.
-func NewServiceDefinitionStore() citypes.ServiceDefinitionStore {
+func NewDefinitionStore() citypes.ServiceDefinitionStore {
 	return &definitionStore{}
 }
 
-// Get reads and hydrates the service definition for the given provider and service ID.
-func (s *definitionStore) Get(ctx context.Context, provider citypes.CloudProviderType, serviceID citypes.ServiceID) (*citypes.ServiceDefinition, error) {
-	svcDir := path.Join(definitionsRoot, provider.StringValue(), serviceID.StringValue())
-	def, err := readServiceDefinition(svcDir)
-	if err != nil {
-		return nil, errors.New(errors.TypeNotFound, citypes.ErrCodeServiceDefinitionNotFound, fmt.Sprintf("service definition not found for service id %q", serviceID.StringValue()))
-	}
-	return def, nil
+func (d *definitionStore) Get(ctx context.Context, provider citypes.CloudProviderType, serviceID citypes.ServiceID) (*citypes.ServiceDefinition, error) {
+	panic("unimplemented")
 }
 
-// List reads and hydrates all service definitions for the given provider, sorted by ID.
-func (s *definitionStore) List(ctx context.Context, provider citypes.CloudProviderType) ([]*citypes.ServiceDefinition, error) {
-	providerDir := path.Join(definitionsRoot, provider.StringValue())
-	entries, err := fs.ReadDir(definitionFiles, providerDir)
-	if err != nil {
-		return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't read service definition dirs for %s", provider.StringValue())
-	}
-
-	var result []*citypes.ServiceDefinition
-	for _, entry := range entries {
-		if !entry.IsDir() {
-			continue
-		}
-		svcDir := path.Join(providerDir, entry.Name())
-		def, err := readServiceDefinition(svcDir)
-		if err != nil {
-			return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't read service definition for %s/%s", provider.StringValue(), entry.Name())
-		}
-		result = append(result, def)
-	}
-
-	sort.Slice(result, func(i, j int) bool {
-		return result[i].ID < result[j].ID
-	})
-	return result, nil
-}
-
-// following are helper functions for reading and hydrating service definitions,
-// not keeping this in types as this is an implementation detail of the definition store.
-func readServiceDefinition(svcDir string) (*citypes.ServiceDefinition, error) {
-	integrationJSONPath := path.Join(svcDir, "integration.json")
-	raw, err := definitionFiles.ReadFile(integrationJSONPath)
-	if err != nil {
-		return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't read %s", integrationJSONPath)
-	}
-
-	var specMap map[string]any
-	if err := json.Unmarshal(raw, &specMap); err != nil {
-		return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't parse %s", integrationJSONPath)
-	}
-
-	hydrated, err := hydrateFileURIs(specMap, definitionFiles, svcDir)
-	if err != nil {
-		return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't hydrate file URIs in %s", integrationJSONPath)
-	}
-
-	reEncoded, err := json.Marshal(hydrated)
-	if err != nil {
-		return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't re-encode hydrated spec from %s", integrationJSONPath)
-	}
-
-	var def citypes.ServiceDefinition
-	decoder := json.NewDecoder(bytes.NewReader(reEncoded))
-	decoder.DisallowUnknownFields()
-	if err := decoder.Decode(&def); err != nil {
-		return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't decode service definition from %s", integrationJSONPath)
-	}
-
-	if err := validateServiceDefinition(&def); err != nil {
-		return nil, errors.WrapInternalf(err, errors.CodeInternal, "invalid service definition in %s", svcDir)
-	}
-
-	return &def, nil
-}
-
-func validateServiceDefinition(def *citypes.ServiceDefinition) error {
-	if def.TelemetryCollectionStrategy == nil {
-		return errors.NewInternalf(errors.CodeInternal, "telemetryCollectionStrategy is required")
-	}
-
-	seenDashboardIDs := map[string]struct{}{}
-	for _, d := range def.Assets.Dashboards {
-		if _, seen := seenDashboardIDs[d.ID]; seen {
-			return errors.NewInternalf(errors.CodeInternal, "duplicate dashboard id %q", d.ID)
-		}
-		seenDashboardIDs[d.ID] = struct{}{}
-	}
-
-	return nil
-}
-
-// hydrateFileURIs walks a JSON-decoded value and replaces any "file://<path>" strings
-// with the actual file contents (text for .md, base64 data URI for .svg, parsed JSON for .json).
-func hydrateFileURIs(v any, embeddedFS embed.FS, basedir string) (any, error) {
-	switch val := v.(type) {
-	case map[string]any:
-		result := make(map[string]any, len(val))
-		for k, child := range val {
-			hydrated, err := hydrateFileURIs(child, embeddedFS, basedir)
-			if err != nil {
-				return nil, err
-			}
-			result[k] = hydrated
-		}
-		return result, nil
-
-	case []any:
-		result := make([]any, len(val))
-		for i, child := range val {
-			hydrated, err := hydrateFileURIs(child, embeddedFS, basedir)
-			if err != nil {
-				return nil, err
-			}
-			result[i] = hydrated
-		}
-		return result, nil
-
-	case string:
-		if !strings.HasPrefix(val, "file://") {
-			return val, nil
-		}
-		return readEmbeddedFile(embeddedFS, path.Join(basedir, val[len("file://"):]))
-	}
-	return v, nil
-}
-
-func readEmbeddedFile(embeddedFS embed.FS, filePath string) (any, error) {
-	contents, err := embeddedFS.ReadFile(filePath)
-	if err != nil {
-		return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't read embedded file %s", filePath)
-	}
-	switch {
-	case strings.HasSuffix(filePath, ".md"):
-		return string(contents), nil
-	case strings.HasSuffix(filePath, ".svg"):
-		return fmt.Sprintf("data:image/svg+xml;base64,%s", base64.StdEncoding.EncodeToString(contents)), nil
-	case strings.HasSuffix(filePath, ".json"):
-		var parsed any
-		if err := json.Unmarshal(contents, &parsed); err != nil {
-			return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't parse JSON file %s", filePath)
-		}
-		return parsed, nil
-	default:
-		return nil, errors.NewInternalf(errors.CodeInternal, "unsupported file type for embedded reference: %s", filePath)
-	}
+func (d *definitionStore) List(ctx context.Context, provider citypes.CloudProviderType) ([]*citypes.ServiceDefinition, error) {
+	panic("unimplemented")
 }

pkg/modules/cloudintegration/implcloudintegration/handler.go

@@ -1,493 +1,62 @@
 package implcloudintegration
 
 import (
-	"context"
 	"net/http"
-	"time"
 
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/http/binding"
-	"github.com/SigNoz/signoz/pkg/http/render"
 	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-	"github.com/gorilla/mux"
 )
 
-type handler struct {
-	module cloudintegration.Module
+type handler struct{}
+
+func NewHandler() cloudintegration.Handler {
+	return &handler{}
 }
 
-func NewHandler(module cloudintegration.Module) cloudintegration.Handler {
-	return &handler{
-		module: module,
-	}
+func (handler *handler) GetConnectionCredentials(http.ResponseWriter, *http.Request) {
+	panic("unimplemented")
 }
 
-func (handler *handler) GetConnectionCredentials(rw http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
-	defer cancel()
-
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	providerString := mux.Vars(r)["cloud_provider"]
-	provider, err := cloudintegrationtypes.NewCloudProvider(providerString)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	creds, err := handler.module.GetConnectionCredentials(ctx, valuer.MustNewUUID(claims.OrgID), provider)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	render.Success(rw, http.StatusOK, creds)
+func (handler *handler) CreateAccount(writer http.ResponseWriter, request *http.Request) {
+	// TODO implement me
+	panic("implement me")
 }
 
-func (handler *handler) CreateAccount(rw http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
-	defer cancel()
-
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	providerString := mux.Vars(r)["cloud_provider"]
-	provider, err := cloudintegrationtypes.NewCloudProvider(providerString)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	postableAccount := new(cloudintegrationtypes.PostableAccount)
-
-	err = binding.JSON.BindBody(r.Body, postableAccount)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	if err := postableAccount.Validate(provider); err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	accountConfig, err := cloudintegrationtypes.NewAccountConfigFromPostable(provider, postableAccount.Config)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	account := cloudintegrationtypes.NewAccount(valuer.MustNewUUID(claims.OrgID), provider, accountConfig)
-	err = handler.module.CreateAccount(ctx, account)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	connectionArtifact, err := handler.module.GetConnectionArtifact(ctx, account, postableAccount)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	render.Success(rw, http.StatusOK, &cloudintegrationtypes.GettableAccountWithConnectionArtifact{
-		ID:                 account.ID,
-		ConnectionArtifact: connectionArtifact,
-	})
+func (handler *handler) ListAccounts(writer http.ResponseWriter, request *http.Request) {
+	// TODO implement me
+	panic("implement me")
 }
 
-func (handler *handler) GetAccount(rw http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
-	defer cancel()
-
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	providerString := mux.Vars(r)["cloud_provider"]
-	provider, err := cloudintegrationtypes.NewCloudProvider(providerString)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	accountIDString := mux.Vars(r)["id"]
-	accountID, err := valuer.NewUUID(accountIDString)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	account, err := handler.module.GetAccount(ctx, valuer.MustNewUUID(claims.OrgID), accountID, provider)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	render.Success(rw, http.StatusOK, account)
+func (handler *handler) GetAccount(writer http.ResponseWriter, request *http.Request) {
+	// TODO implement me
+	panic("implement me")
 }
 
-func (handler *handler) ListAccounts(rw http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
-	defer cancel()
-
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	providerString := mux.Vars(r)["cloud_provider"]
-	provider, err := cloudintegrationtypes.NewCloudProvider(providerString)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	accounts, err := handler.module.ListAccounts(ctx, valuer.MustNewUUID(claims.OrgID), provider)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	render.Success(rw, http.StatusOK, &cloudintegrationtypes.GettableAccounts{
-		Accounts: accounts,
-	})
+func (handler *handler) UpdateAccount(writer http.ResponseWriter, request *http.Request) {
+	// TODO implement me
+	panic("implement me")
 }
 
-func (handler *handler) UpdateAccount(rw http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
-	defer cancel()
-
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	providerString := mux.Vars(r)["cloud_provider"]
-	provider, err := cloudintegrationtypes.NewCloudProvider(providerString)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	id := mux.Vars(r)["id"]
-	cloudIntegrationID, err := valuer.NewUUID(id)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	req := new(cloudintegrationtypes.UpdatableAccount)
-	if err := binding.JSON.BindBody(r.Body, req); err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	if err := req.Validate(provider); err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	account, err := handler.module.GetAccount(ctx, valuer.MustNewUUID(claims.OrgID), cloudIntegrationID, provider)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	if err := account.Update(req.Config); err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	err = handler.module.UpdateAccount(ctx, account)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	render.Success(rw, http.StatusNoContent, nil)
+func (handler *handler) DisconnectAccount(writer http.ResponseWriter, request *http.Request) {
+	// TODO implement me
+	panic("implement me")
 }
 
-func (handler *handler) DisconnectAccount(rw http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
-	defer cancel()
-
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	providerString := mux.Vars(r)["cloud_provider"]
-	provider, err := cloudintegrationtypes.NewCloudProvider(providerString)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	id := mux.Vars(r)["id"]
-	cloudIntegrationID, err := valuer.NewUUID(id)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	err = handler.module.DisconnectAccount(ctx, valuer.MustNewUUID(claims.OrgID), cloudIntegrationID, provider)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	render.Success(rw, http.StatusNoContent, nil)
+func (handler *handler) ListServicesMetadata(writer http.ResponseWriter, request *http.Request) {
+	// TODO implement me
+	panic("implement me")
 }
 
-func (handler *handler) ListServicesMetadata(rw http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
-	defer cancel()
-
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	providerString := mux.Vars(r)["cloud_provider"]
-	provider, err := cloudintegrationtypes.NewCloudProvider(providerString)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	var integrationID *valuer.UUID
-	if idStr := r.URL.Query().Get("cloud_integration_id"); idStr != "" {
-		id, err := valuer.NewUUID(idStr)
-		if err != nil {
-			render.Error(rw, err)
-			return
-		}
-		integrationID = &id
-	}
-
-	orgID := valuer.MustNewUUID(claims.OrgID)
-
-	// check if integration account exists and is not removed.
-	if integrationID != nil {
-		account, err := handler.module.GetAccount(ctx, orgID, *integrationID, provider)
-		if err != nil {
-			render.Error(rw, err)
-			return
-		}
-
-		if account.IsRemoved() {
-			render.Error(rw, errors.New(errors.TypeNotFound, cloudintegrationtypes.ErrCodeCloudIntegrationNotFound, "cloud integration account is removed"))
-			return
-		}
-	}
-
-	services, err := handler.module.ListServicesMetadata(ctx, orgID, provider, integrationID)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	render.Success(rw, http.StatusOK, &cloudintegrationtypes.GettableServicesMetadata{
-		Services: services,
-	})
+func (handler *handler) GetService(writer http.ResponseWriter, request *http.Request) {
+	// TODO implement me
+	panic("implement me")
 }
 
-func (handler *handler) GetService(rw http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
-	defer cancel()
-
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	providerString := mux.Vars(r)["cloud_provider"]
-	provider, err := cloudintegrationtypes.NewCloudProvider(providerString)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	serviceIDString := mux.Vars(r)["service_id"]
-	serviceID, err := cloudintegrationtypes.NewServiceID(provider, serviceIDString)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	var integrationID *valuer.UUID
-	if idStr := r.URL.Query().Get("cloud_integration_id"); idStr != "" {
-		id, err := valuer.NewUUID(idStr)
-		if err != nil {
-			render.Error(rw, err)
-			return
-		}
-		integrationID = &id
-	}
-
-	// check if integration account exists and is not removed.
-	if integrationID != nil {
-		account, err := handler.module.GetAccount(ctx, valuer.MustNewUUID(claims.OrgID), *integrationID, provider)
-		if err != nil {
-			render.Error(rw, err)
-			return
-		}
-
-		if account.IsRemoved() {
-			render.Error(rw, errors.New(errors.TypeNotFound, cloudintegrationtypes.ErrCodeCloudIntegrationNotFound, "cloud integration account is removed"))
-			return
-		}
-	}
-
-	svc, err := handler.module.GetService(ctx, valuer.MustNewUUID(claims.OrgID), integrationID, serviceID, provider)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	render.Success(rw, http.StatusOK, svc)
+func (handler *handler) UpdateService(writer http.ResponseWriter, request *http.Request) {
+	// TODO implement me
+	panic("implement me")
 }
 
-func (handler *handler) UpdateService(rw http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
-	defer cancel()
-
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	providerString := mux.Vars(r)["cloud_provider"]
-	provider, err := cloudintegrationtypes.NewCloudProvider(providerString)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	serviceIDString := mux.Vars(r)["service_id"]
-	serviceID, err := cloudintegrationtypes.NewServiceID(provider, serviceIDString)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	req := new(cloudintegrationtypes.UpdatableService)
-	if err := binding.JSON.BindBody(r.Body, req); err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	if err := req.Validate(provider, serviceID); err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	cloudIntegrationID, err := valuer.NewUUID(mux.Vars(r)["id"])
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	orgID := valuer.MustNewUUID(claims.OrgID)
-
-	// check if integration account exists and is not removed.
-	account, err := handler.module.GetAccount(ctx, orgID, cloudIntegrationID, provider)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	if account.IsRemoved() {
-		render.Error(rw, errors.New(errors.TypeNotFound, cloudintegrationtypes.ErrCodeCloudIntegrationNotFound, "cloud integration account is removed"))
-		return
-	}
-
-	svc, err := handler.module.GetService(ctx, orgID, &cloudIntegrationID, serviceID, provider)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	if svc.CloudIntegrationService == nil {
-		cloudIntegrationService := cloudintegrationtypes.NewCloudIntegrationService(serviceID, cloudIntegrationID, req.Config)
-		err = handler.module.CreateService(ctx, orgID, cloudIntegrationService, provider)
-	} else {
-		svc.CloudIntegrationService.Update(req.Config)
-		err = handler.module.UpdateService(ctx, orgID, svc.CloudIntegrationService, provider)
-	}
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	render.Success(rw, http.StatusNoContent, nil)
-}
-
-func (handler *handler) AgentCheckIn(rw http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
-	defer cancel()
-
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	providerString := mux.Vars(r)["cloud_provider"]
-	provider, err := cloudintegrationtypes.NewCloudProvider(providerString)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	req := new(cloudintegrationtypes.PostableAgentCheckIn)
-	if err := binding.JSON.BindBody(r.Body, req); err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	if err := req.Validate(); err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	// Map old fields → new fields for backward compatibility with old agents
-	// Old agents send account_id (=> cloudIntegrationId) and cloud_account_id (=> providerAccountId)
-	if req.ID != "" {
-		id, err := valuer.NewUUID(req.ID)
-		if err != nil {
-			render.Error(rw, err)
-			return
-		}
-		req.CloudIntegrationID = id
-		req.ProviderAccountID = req.AccountID
-	}
-
-	orgID := valuer.MustNewUUID(claims.OrgID)
-	resp, err := handler.module.AgentCheckIn(ctx, orgID, provider, &req.AgentCheckInRequest)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	render.Success(rw, http.StatusOK, cloudintegrationtypes.NewGettableAgentCheckIn(provider, resp))
+func (handler *handler) AgentCheckIn(writer http.ResponseWriter, request *http.Request) {
+	// TODO implement me
+	panic("implement me")
 }

pkg/modules/cloudintegration/implcloudintegration/module.go

@@ -1,73 +0,0 @@
-package implcloudintegration
-
-import (
-	"context"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
-	"github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
-	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-)
-
-type module struct{}
-
-func NewModule() cloudintegration.Module {
-	return &module{}
-}
-
-func (module *module) GetConnectionCredentials(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType) (*cloudintegrationtypes.Credentials, error) {
-	return nil, errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "get connection credentials is not supported")
-}
-
-func (module *module) CreateAccount(ctx context.Context, account *cloudintegrationtypes.Account) error {
-	return errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "create account is not supported")
-}
-
-func (module *module) GetAccount(ctx context.Context, orgID valuer.UUID, accountID valuer.UUID, provider cloudintegrationtypes.CloudProviderType) (*cloudintegrationtypes.Account, error) {
-	return nil, errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "get account is not supported")
-}
-
-func (module *module) ListAccounts(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType) ([]*cloudintegrationtypes.Account, error) {
-	return nil, errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "list accounts is not supported")
-}
-
-func (module *module) UpdateAccount(ctx context.Context, account *cloudintegrationtypes.Account) error {
-	return errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "update account is not supported")
-}
-
-func (module *module) DisconnectAccount(ctx context.Context, orgID valuer.UUID, accountID valuer.UUID, provider cloudintegrationtypes.CloudProviderType) error {
-	return errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "disconnect account is not supported")
-}
-
-func (module *module) CreateService(ctx context.Context, orgID valuer.UUID, service *cloudintegrationtypes.CloudIntegrationService, provider cloudintegrationtypes.CloudProviderType) error {
-	return errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "create service is not supported")
-}
-
-func (module *module) GetService(ctx context.Context, orgID valuer.UUID, integrationID *valuer.UUID, serviceID cloudintegrationtypes.ServiceID, provider cloudintegrationtypes.CloudProviderType) (*cloudintegrationtypes.Service, error) {
-	return nil, errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "get service is not supported")
-}
-
-func (module *module) ListServicesMetadata(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType, integrationID *valuer.UUID) ([]*cloudintegrationtypes.ServiceMetadata, error) {
-	return nil, errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "list services metadata is not supported")
-}
-
-func (module *module) UpdateService(ctx context.Context, orgID valuer.UUID, service *cloudintegrationtypes.CloudIntegrationService, provider cloudintegrationtypes.CloudProviderType) error {
-	return errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "update service is not supported")
-}
-
-func (module *module) GetConnectionArtifact(ctx context.Context, account *cloudintegrationtypes.Account, req *cloudintegrationtypes.GetConnectionArtifactRequest) (*cloudintegrationtypes.ConnectionArtifact, error) {
-	return nil, errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "get connection artifact is not supported")
-}
-
-func (module *module) AgentCheckIn(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType, req *cloudintegrationtypes.AgentCheckInRequest) (*cloudintegrationtypes.AgentCheckInResponse, error) {
-	return nil, errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "agent check-in is not supported")
-}
-
-func (module *module) GetDashboardByID(ctx context.Context, orgID valuer.UUID, id string) (*dashboardtypes.Dashboard, error) {
-	return nil, errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "get dashboard by ID is not supported")
-}
-
-func (module *module) ListDashboards(ctx context.Context, orgID valuer.UUID) ([]*dashboardtypes.Dashboard, error) {
-	return nil, errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "list dashboards is not supported")
-}

pkg/query-service/app/http_handler.go

@@ -63,7 +63,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/query-service/postprocess"
 	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
 	"github.com/SigNoz/signoz/pkg/types/ctxtypes"
 	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
 	"github.com/SigNoz/signoz/pkg/types/featuretypes"
@@ -1138,19 +1137,12 @@ func (aH *APIHandler) Get(rw http.ResponseWriter, r *http.Request) {
 	}
 
 	dashboard := new(dashboardtypes.Dashboard)
-
-	if _, _, _, err := cloudintegrationtypes.ParseCloudIntegrationDashboardID(id); err == nil {
-		cloudIntegrationDashboard, err := aH.Signoz.Modules.CloudIntegration.GetDashboardByID(ctx, orgID, id)
-		if err != nil && !errorsV2.Ast(err, errorsV2.TypeLicenseUnavailable) {
-			render.Error(rw, errorsV2.Wrapf(err, errorsV2.TypeInternal, errorsV2.CodeInternal, "failed to get dashboard"))
+	if aH.CloudIntegrationsController.IsCloudIntegrationDashboardUuid(id) {
+		cloudIntegrationDashboard, apiErr := aH.CloudIntegrationsController.GetDashboardById(ctx, orgID, id)
+		if apiErr != nil {
+			render.Error(rw, errorsV2.Wrapf(apiErr, errorsV2.TypeInternal, errorsV2.CodeInternal, "failed to get dashboard"))
 			return
 		}
-
-		if cloudIntegrationDashboard == nil {
-			render.Error(rw, errorsV2.Newf(errorsV2.TypeNotFound, errorsV2.CodeNotFound, "dashboard not found"))
-			return
-		}
-
 		dashboard = cloudIntegrationDashboard
 	} else if aH.IntegrationsController.IsInstalledIntegrationDashboardID(id) {
 		integrationDashboard, apiErr := aH.IntegrationsController.GetInstalledIntegrationDashboardById(ctx, orgID, id)
@@ -1215,11 +1207,9 @@ func (aH *APIHandler) List(rw http.ResponseWriter, r *http.Request) {
 		dashboards = append(dashboards, installedIntegrationDashboards...)
 	}
 
-	cloudIntegrationDashboards, err := aH.Signoz.Modules.CloudIntegration.ListDashboards(ctx, orgID)
-	if err != nil {
-		if !errors.Ast(err, errorsV2.TypeLicenseUnavailable) {
-			aH.logger.ErrorContext(ctx, "failed to get dashboards for cloud integrations", errors.Attr(err))
-		}
+	cloudIntegrationDashboards, apiErr := aH.CloudIntegrationsController.AvailableDashboards(ctx, orgID)
+	if apiErr != nil {
+		aH.logger.ErrorContext(ctx, "failed to get dashboards for cloud integrations", errors.Attr(apiErr))
 	} else {
 		dashboards = append(dashboards, cloudIntegrationDashboards...)
 	}

pkg/query-service/app/server.go

@@ -208,7 +208,7 @@ func (s *Server) createPublicServer(api *APIHandler, web web.Web) (*http.Server,
 		s.config.APIServer.Timeout.Default,
 		s.config.APIServer.Timeout.Max,
 	).Wrap)
-	r.Use(middleware.NewAudit(s.signoz.Instrumentation.Logger(), s.config.APIServer.Logging.ExcludedRoutes, nil).Wrap)
+	r.Use(middleware.NewAudit(s.signoz.Instrumentation.Logger(), s.config.APIServer.Logging.ExcludedRoutes, s.signoz.Auditor).Wrap)
 	r.Use(middleware.NewComment().Wrap)
 
 	am := middleware.NewAuthZ(s.signoz.Instrumentation.Logger(), s.signoz.Modules.OrgGetter, s.signoz.Authz)

pkg/signoz/config.go

@@ -11,6 +11,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/alertmanager"
 	"github.com/SigNoz/signoz/pkg/analytics"
 	"github.com/SigNoz/signoz/pkg/apiserver"
+	"github.com/SigNoz/signoz/pkg/auditor"
 	"github.com/SigNoz/signoz/pkg/cache"
 	"github.com/SigNoz/signoz/pkg/config"
 	"github.com/SigNoz/signoz/pkg/emailing"
@@ -21,7 +22,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/global"
 	"github.com/SigNoz/signoz/pkg/identn"
 	"github.com/SigNoz/signoz/pkg/instrumentation"
-	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
 	"github.com/SigNoz/signoz/pkg/modules/metricsexplorer"
 	"github.com/SigNoz/signoz/pkg/modules/serviceaccount"
 	"github.com/SigNoz/signoz/pkg/modules/user"
@@ -125,8 +125,8 @@ type Config struct {
 	// ServiceAccount config
 	ServiceAccount serviceaccount.Config `mapstructure:"serviceaccount"`
 
-	// CloudIntegration config
-	CloudIntegration cloudintegration.Config `mapstructure:"cloudintegration"`
+	// Auditor config
+	Auditor auditor.Config `mapstructure:"auditor"`
 }
 
 func NewConfig(ctx context.Context, logger *slog.Logger, resolverConfig config.ResolverConfig) (Config, error) {
@@ -157,7 +157,7 @@ func NewConfig(ctx context.Context, logger *slog.Logger, resolverConfig config.R
 		user.NewConfigFactory(),
 		identn.NewConfigFactory(),
 		serviceaccount.NewConfigFactory(),
-		cloudintegration.NewConfigFactory(),
+		auditor.NewConfigFactory(),
 	}
 
 	conf, err := config.New(ctx, resolverConfig, configFactories)

pkg/signoz/handler.go

@@ -97,7 +97,7 @@ func NewHandlers(
 		QuerierHandler:          querierHandler,
 		ServiceAccountHandler:   implserviceaccount.NewHandler(modules.ServiceAccount),
 		RegistryHandler:         registryHandler,
+		CloudIntegrationHandler: implcloudintegration.NewHandler(),
 		RuleStateHistory:        implrulestatehistory.NewHandler(modules.RuleStateHistory),
-		CloudIntegrationHandler: implcloudintegration.NewHandler(modules.CloudIntegration),
 	}
 }

pkg/signoz/handler_test.go

@@ -52,7 +52,8 @@ func TestNewHandlers(t *testing.T) {
 	userRoleStore := impluser.NewUserRoleStore(sqlstore, providerSettings)
 
 	userGetter := impluser.NewGetter(impluser.NewStore(sqlstore, providerSettings), userRoleStore, flagger)
-	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule, userGetter, userRoleStore, nil, nil)
+
+	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule, userGetter, userRoleStore)
 
 	querierHandler := querier.NewHandler(providerSettings, nil, nil)
 	registryHandler := factory.NewHandler(nil)

pkg/signoz/module.go

@@ -12,7 +12,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/apdex/implapdex"
 	"github.com/SigNoz/signoz/pkg/modules/authdomain"
 	"github.com/SigNoz/signoz/pkg/modules/authdomain/implauthdomain"
-	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	"github.com/SigNoz/signoz/pkg/modules/metricsexplorer"
 	"github.com/SigNoz/signoz/pkg/modules/metricsexplorer/implmetricsexplorer"
@@ -31,6 +30,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/savedview"
 	"github.com/SigNoz/signoz/pkg/modules/savedview/implsavedview"
 	"github.com/SigNoz/signoz/pkg/modules/serviceaccount"
+	"github.com/SigNoz/signoz/pkg/modules/serviceaccount/implserviceaccount"
 	"github.com/SigNoz/signoz/pkg/modules/services"
 	"github.com/SigNoz/signoz/pkg/modules/services/implservices"
 	"github.com/SigNoz/signoz/pkg/modules/session"
@@ -71,7 +71,6 @@ type Modules struct {
 	MetricsExplorer  metricsexplorer.Module
 	Promote          promote.Module
 	ServiceAccount   serviceaccount.Module
-	CloudIntegration cloudintegration.Module
 	RuleStateHistory rulestatehistory.Module
 }
 
@@ -94,8 +93,6 @@ func NewModules(
 	dashboard dashboard.Module,
 	userGetter user.Getter,
 	userRoleStore authtypes.UserRoleStore,
-	serviceAccount serviceaccount.Module,
-	cloudIntegrationModule cloudintegration.Module,
 ) Modules {
 	quickfilter := implquickfilter.NewModule(implquickfilter.NewStore(sqlstore))
 	orgSetter := implorganization.NewSetter(implorganization.NewStore(sqlstore), alertmanager, quickfilter)
@@ -120,8 +117,7 @@ func NewModules(
 		Services:         implservices.NewModule(querier, telemetryStore),
 		MetricsExplorer:  implmetricsexplorer.NewModule(telemetryStore, telemetryMetadataStore, cache, ruleStore, dashboard, providerSettings, config.MetricsExplorer),
 		Promote:          implpromote.NewModule(telemetryMetadataStore, telemetryStore),
-		ServiceAccount:   serviceAccount,
+		ServiceAccount:   implserviceaccount.NewModule(implserviceaccount.NewStore(sqlstore), authz, cache, analytics, providerSettings, config.ServiceAccount),
 		RuleStateHistory: implrulestatehistory.NewModule(implrulestatehistory.NewStore(telemetryStore, telemetryMetadataStore, providerSettings.Logger)),
-		CloudIntegration: cloudIntegrationModule,
 	}
 }

pkg/signoz/module_test.go

@@ -13,11 +13,8 @@ import (
 	"github.com/SigNoz/signoz/pkg/factory/factorytest"
 	"github.com/SigNoz/signoz/pkg/flagger"
 	"github.com/SigNoz/signoz/pkg/instrumentation/instrumentationtest"
-	"github.com/SigNoz/signoz/pkg/modules/cloudintegration/implcloudintegration"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization/implorganization"
-	"github.com/SigNoz/signoz/pkg/modules/serviceaccount"
-	"github.com/SigNoz/signoz/pkg/modules/serviceaccount/implserviceaccount"
 	"github.com/SigNoz/signoz/pkg/modules/user/impluser"
 	"github.com/SigNoz/signoz/pkg/queryparser"
 	"github.com/SigNoz/signoz/pkg/sharder"
@@ -54,9 +51,7 @@ func TestNewModules(t *testing.T) {
 
 	userGetter := impluser.NewGetter(impluser.NewStore(sqlstore, providerSettings), userRoleStore, flagger)
 
-	serviceAccount := implserviceaccount.NewModule(implserviceaccount.NewStore(sqlstore), nil, nil, nil, providerSettings, serviceaccount.Config{})
-
-	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule, userGetter, userRoleStore, serviceAccount, implcloudintegration.NewModule())
+	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule, userGetter, userRoleStore)
 
 	reflectVal := reflect.ValueOf(modules)
 	for i := 0; i < reflectVal.NumField(); i++ {

pkg/signoz/provider.go

@@ -3,6 +3,8 @@ package signoz
 import (
 	"github.com/SigNoz/signoz/pkg/alertmanager"
 	"github.com/SigNoz/signoz/pkg/alertmanager/nfmanager"
+	"github.com/SigNoz/signoz/pkg/auditor"
+	"github.com/SigNoz/signoz/pkg/auditor/noopauditor"
 	"github.com/SigNoz/signoz/pkg/alertmanager/nfmanager/rulebasednotification"
 	"github.com/SigNoz/signoz/pkg/alertmanager/signozalertmanager"
 	"github.com/SigNoz/signoz/pkg/analytics"
@@ -312,6 +314,12 @@ func NewGlobalProviderFactories(identNConfig identn.Config) factory.NamedMap[fac
 	)
 }
 
+func NewAuditorProviderFactories() factory.NamedMap[factory.ProviderFactory[auditor.Auditor, auditor.Config]] {
+	return factory.MustNewNamedMap(
+		noopauditor.NewFactory(),
+	)
+}
+
 func NewFlaggerProviderFactories(registry featuretypes.Registry) factory.NamedMap[factory.ProviderFactory[flagger.FlaggerProvider, flagger.Config]] {
 	return factory.MustNewNamedMap(
 		configflagger.NewFactory(registry),

pkg/signoz/signoz.go

@@ -6,6 +6,7 @@ import (
 
 	"github.com/SigNoz/signoz/pkg/alertmanager"
 	"github.com/SigNoz/signoz/pkg/alertmanager/nfmanager"
+	"github.com/SigNoz/signoz/pkg/auditor"
 	"github.com/SigNoz/signoz/pkg/alertmanager/nfmanager/nfroutingstore/sqlroutingstore"
 	"github.com/SigNoz/signoz/pkg/analytics"
 	"github.com/SigNoz/signoz/pkg/apiserver"
@@ -17,17 +18,12 @@ import (
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/flagger"
 	"github.com/SigNoz/signoz/pkg/gateway"
-	"github.com/SigNoz/signoz/pkg/global"
 	"github.com/SigNoz/signoz/pkg/identn"
 	"github.com/SigNoz/signoz/pkg/instrumentation"
 	"github.com/SigNoz/signoz/pkg/licensing"
-	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
-	pkgimplcloudintegration "github.com/SigNoz/signoz/pkg/modules/cloudintegration/implcloudintegration"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
 	"github.com/SigNoz/signoz/pkg/modules/organization/implorganization"
-	"github.com/SigNoz/signoz/pkg/modules/serviceaccount"
-	"github.com/SigNoz/signoz/pkg/modules/serviceaccount/implserviceaccount"
 	"github.com/SigNoz/signoz/pkg/modules/user/impluser"
 	"github.com/SigNoz/signoz/pkg/prometheus"
 	"github.com/SigNoz/signoz/pkg/querier"
@@ -47,7 +43,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/telemetrytraces"
 	pkgtokenizer "github.com/SigNoz/signoz/pkg/tokenizer"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
 	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
 	"github.com/SigNoz/signoz/pkg/version"
 	"github.com/SigNoz/signoz/pkg/zeus"
@@ -81,6 +76,7 @@ type SigNoz struct {
 	QueryParser            queryparser.QueryParser
 	Flagger                flagger.Flagger
 	Gateway                gateway.Gateway
+	Auditor                auditor.Auditor
 }
 
 func New(
@@ -100,8 +96,8 @@ func New(
 	authzCallback func(context.Context, sqlstore.SQLStore, licensing.Licensing, dashboard.Module) (factory.ProviderFactory[authz.AuthZ, authz.Config], error),
 	dashboardModuleCallback func(sqlstore.SQLStore, factory.ProviderSettings, analytics.Analytics, organization.Getter, queryparser.QueryParser, querier.Querier, licensing.Licensing) dashboard.Module,
 	gatewayProviderFactory func(licensing.Licensing) factory.ProviderFactory[gateway.Gateway, gateway.Config],
+	auditorProviderFactories func(licensing.Licensing) factory.NamedMap[factory.ProviderFactory[auditor.Auditor, auditor.Config]],
 	querierHandlerCallback func(factory.ProviderSettings, querier.Querier, analytics.Analytics) querier.Handler,
-	cloudIntegrationCallback func(cloudintegrationtypes.Store, global.Global, zeus.Zeus, gateway.Gateway, licensing.Licensing, serviceaccount.Module, cloudintegration.Config) (cloudintegration.Module, error),
 ) (*SigNoz, error) {
 	// Initialize instrumentation
 	instrumentation, err := instrumentation.New(ctx, config.Instrumentation, version.Info, "signoz")
@@ -378,6 +374,12 @@ func New(
 		return nil, err
 	}
 
+	// Initialize auditor from the variant-specific provider factories
+	auditor, err := factory.NewProviderFromNamedMap(ctx, providerSettings, config.Auditor, auditorProviderFactories(licensing), config.Auditor.Provider)
+	if err != nil {
+		return nil, err
+	}
+
 	// Initialize authns
 	store := sqlauthnstore.NewStore(sqlstore)
 	authNs, err := authNsCallback(ctx, providerSettings, store, licensing)
@@ -424,19 +426,11 @@ func New(
 		return nil, err
 	}
 
-	serviceAccount := implserviceaccount.NewModule(implserviceaccount.NewStore(sqlstore), authz, cache, analytics, providerSettings, config.ServiceAccount)
-
-	cloudIntegrationStore := pkgimplcloudintegration.NewStore(sqlstore)
-	cloudIntegrationModule, err := cloudIntegrationCallback(cloudIntegrationStore, global, zeus, gateway, licensing, serviceAccount, config.CloudIntegration)
-	if err != nil {
-		return nil, err
-	}
-
 	// Initialize all modules
-	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, analytics, querier, telemetrystore, telemetryMetadataStore, authNs, authz, cache, queryParser, config, dashboard, userGetter, userRoleStore, serviceAccount, cloudIntegrationModule)
+	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, analytics, querier, telemetrystore, telemetryMetadataStore, authNs, authz, cache, queryParser, config, dashboard, userGetter, userRoleStore)
 
 	// Initialize identN resolver
-	identNFactories := NewIdentNProviderFactories(tokenizer, serviceAccount, orgGetter, userGetter, config.User)
+	identNFactories := NewIdentNProviderFactories(tokenizer, modules.ServiceAccount, orgGetter, userGetter, config.User)
 	identNResolver, err := identn.NewIdentNResolver(ctx, providerSettings, config.IdentN, identNFactories)
 	if err != nil {
 		return nil, err
@@ -485,6 +479,7 @@ func New(
 		factory.NewNamedService(factory.MustNewName("tokenizer"), tokenizer),
 		factory.NewNamedService(factory.MustNewName("authz"), authz),
 		factory.NewNamedService(factory.MustNewName("user"), userService, factory.MustNewName("authz")),
+		factory.NewNamedService(factory.MustNewName("auditor"), auditor),
 	)
 	if err != nil {
 		return nil, err
@@ -531,5 +526,6 @@ func New(
 		QueryParser:            queryParser,
 		Flagger:                flagger,
 		Gateway:                gateway,
+		Auditor:                auditor,
 	}, nil
 }

pkg/types/cloudintegrationtypes/account.go

@@ -175,6 +175,26 @@ func NewAccountConfigFromPostable(provider CloudProviderType, config *PostableAc
 	return nil, errors.NewInvalidInputf(ErrCodeCloudProviderInvalidInput, "invalid cloud provider: %s", provider.StringValue())
 }
 
+// func NewAccountFromPostableAccount(provider CloudProviderType, account *PostableAccount) (*Account, error) {
+// 	req := &Account{
+// 		Credentials: account.Credentials,
+// 	}
+
+// 	switch provider {
+// 	case CloudProviderTypeAWS:
+// 		req.Config = &ConnectionArtifactRequestConfig{
+// 			Aws: &AWSConnectionArtifactRequest{
+// 				DeploymentRegion: artifact.Config.Aws.DeploymentRegion,
+// 				Regions:          artifact.Config.Aws.Regions,
+// 			},
+// 		}
+
+// 		return req, nil
+// 	default:
+// 		return nil, errors.NewInvalidInputf(ErrCodeCloudProviderInvalidInput, "invalid cloud provider: %s", provider.StringValue())
+// 	}
+// }
+
 func NewAgentReport(data map[string]any) *AgentReport {
 	return &AgentReport{
 		TimestampMillis: time.Now().UnixMilli(),

pkg/types/zeustypes/types.go

@@ -1,10 +1,8 @@
 package zeustypes
 
 import (
-	"fmt"
 	"net/url"
 
-	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/tidwall/gjson"
 )
 
@@ -58,24 +56,3 @@ func NewGettableHost(data []byte) *GettableHost {
 		Hosts: hosts,
 	}
 }
-
-// GettableDeployment represents the parsed deployment info from zeus.GetDeployment.
-type GettableDeployment struct {
-	Name         string
-	SignozAPIUrl string
-}
-
-// NewGettableDeployment parses raw GetDeployment bytes into a GettableDeployment.
-func NewGettableDeployment(data []byte) (*GettableDeployment, error) {
-	parsed := gjson.ParseBytes(data)
-	name := parsed.Get("name").String()
-	dns := parsed.Get("cluster.region.dns").String()
-	if name == "" || dns == "" {
-		return nil, errors.NewInternalf(errors.CodeInternal,
-			"deployment info response missing name or cluster region dns")
-	}
-	return &GettableDeployment{
-		Name:         name,
-		SignozAPIUrl: fmt.Sprintf("https://%s.%s", name, dns),
-	}, nil
-}

tests/integration/fixtures/cloudintegrations.py

@@ -14,7 +14,7 @@ logger = setup_logger(__name__)
 
 
 @pytest.fixture(scope="function")
-def deprecated_create_cloud_integration_account(
+def create_cloud_integration_account(
     request: pytest.FixtureRequest,
     signoz: types.SigNoz,
 ) -> Callable[[str, str], dict]:
@@ -78,78 +78,3 @@ def deprecated_create_cloud_integration_account(
                 logger.info("Cleaned up test account: %s", account_id)
         except Exception as exc:  # pylint: disable=broad-except
             logger.info("Post-test disconnect cleanup failed: %s", exc)
-
-
-@pytest.fixture(scope="function")
-def create_cloud_integration_account(
-    request: pytest.FixtureRequest,
-    signoz: types.SigNoz,
-) -> Callable[[str, str], dict]:
-    created_accounts: list[tuple[str, str]] = []
-
-    def _create(
-        admin_token: str,
-        cloud_provider: str = "aws",
-        deployment_region: str = "us-east-1",
-        regions: list[str] | None = None,
-    ) -> dict:
-        if regions is None:
-            regions = ["us-east-1"]
-
-        endpoint = f"/api/v1/cloud_integrations/{cloud_provider}/accounts"
-
-        request_payload = {
-            "config": {
-                cloud_provider: {
-                    "deploymentRegion": deployment_region,
-                    "regions": regions,
-                }
-            },
-            "credentials": {
-                "sigNozApiURL": "https://test-deployment.test.signoz.cloud",
-                "sigNozApiKey": "test-api-key-789",
-                "ingestionUrl": "https://ingest.test.signoz.cloud",
-                "ingestionKey": "test-ingestion-key-123456",
-            },
-        }
-
-        response = requests.post(
-            signoz.self.host_configs["8080"].get(endpoint),
-            headers={"Authorization": f"Bearer {admin_token}"},
-            json=request_payload,
-            timeout=10,
-        )
-
-        assert (
-            response.status_code == HTTPStatus.OK
-        ), f"Failed to create test account: {response.status_code}: {response.text}"
-
-        data = response.json()["data"]
-        created_accounts.append((data["id"], cloud_provider))
-
-        return data
-
-    yield _create
-
-    if created_accounts:
-        get_token = request.getfixturevalue("get_token")
-        try:
-            admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-            for account_id, cloud_provider in created_accounts:
-                delete_endpoint = (
-                    f"/api/v1/cloud_integrations/{cloud_provider}/accounts/{account_id}"
-                )
-                r = requests.delete(
-                    signoz.self.host_configs["8080"].get(delete_endpoint),
-                    headers={"Authorization": f"Bearer {admin_token}"},
-                    timeout=10,
-                )
-                if r.status_code != HTTPStatus.NO_CONTENT:
-                    logger.info(
-                        "Delete cleanup returned %s for account %s",
-                        r.status_code,
-                        account_id,
-                    )
-                logger.info("Cleaned up test account: %s", account_id)
-        except Exception as exc:  # pylint: disable=broad-except
-            logger.info("Post-test delete cleanup failed: %s", exc)

tests/integration/fixtures/cloudintegrationsutils.py

@@ -1,15 +1,6 @@
 """Fixtures for cloud integration tests."""
 
-from typing import Callable
-
 import requests
-from wiremock.client import (
-    HttpMethods,
-    Mapping,
-    MappingRequest,
-    MappingResponse,
-    WireMockMatchers,
-)
 
 from fixtures import types
 from fixtures.logger import setup_logger
@@ -17,7 +8,7 @@ from fixtures.logger import setup_logger
 logger = setup_logger(__name__)
 
 
-def deprecated_simulate_agent_checkin(
+def simulate_agent_checkin(
     signoz: types.SigNoz,
     admin_token: str,
     cloud_provider: str,
@@ -47,108 +38,3 @@ def deprecated_simulate_agent_checkin(
         )
 
     return response
-
-
-def setup_create_account_mocks(
-    signoz: types.SigNoz,
-    make_http_mocks: Callable,
-) -> None:
-    """Set up Zeus and Gateway mocks required by the CreateAccount endpoint."""
-    make_http_mocks(
-        signoz.zeus,
-        [
-            Mapping(
-                request=MappingRequest(
-                    method=HttpMethods.GET,
-                    url="/v2/deployments/me",
-                    headers={
-                        "X-Signoz-Cloud-Api-Key": {
-                            WireMockMatchers.EQUAL_TO: "secret-key"
-                        }
-                    },
-                ),
-                response=MappingResponse(
-                    status=200,
-                    json_body={
-                        "status": "success",
-                        "data": {
-                            "name": "test-deployment",
-                            "cluster": {"region": {"dns": "test.signoz.cloud"}},
-                        },
-                    },
-                ),
-                persistent=False,
-            )
-        ],
-    )
-    make_http_mocks(
-        signoz.gateway,
-        [
-            Mapping(
-                request=MappingRequest(
-                    method=HttpMethods.GET,
-                    url="/v1/workspaces/me/keys/search?name=aws-integration&page=1&per_page=10",
-                ),
-                response=MappingResponse(
-                    status=200,
-                    json_body={
-                        "status": "success",
-                        "data": [],
-                        "_pagination": {"page": 1, "per_page": 10, "total": 0},
-                    },
-                ),
-                persistent=False,
-            ),
-            Mapping(
-                request=MappingRequest(
-                    method=HttpMethods.POST,
-                    url="/v1/workspaces/me/keys",
-                ),
-                response=MappingResponse(
-                    status=200,
-                    json_body={
-                        "status": "success",
-                        "data": {
-                            "name": "aws-integration",
-                            "value": "test-ingestion-key-123456",
-                        },
-                        "error": "",
-                    },
-                ),
-                persistent=False,
-            ),
-        ],
-    )
-
-
-def simulate_agent_checkin(
-    signoz: types.SigNoz,
-    admin_token: str,
-    cloud_provider: str,
-    account_id: str,
-    cloud_account_id: str,
-    data: dict | None = None,
-) -> requests.Response:
-    endpoint = f"/api/v1/cloud_integrations/{cloud_provider}/accounts/check_in"
-
-    checkin_payload = {
-        "cloudIntegrationId": account_id,
-        "providerAccountId": cloud_account_id,
-        "data": data or {},
-    }
-
-    response = requests.post(
-        signoz.self.host_configs["8080"].get(endpoint),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        json=checkin_payload,
-        timeout=10,
-    )
-
-    if not response.ok:
-        logger.error(
-            "Agent check-in failed: %s, response: %s",
-            response.status_code,
-            response.text,
-        )
-
-    return response

tests/integration/fixtures/signoz.py

@@ -76,7 +76,6 @@ def create_signoz(
                 "SIGNOZ_ALERTMANAGER_SIGNOZ_POLL__INTERVAL": "5s",
                 "SIGNOZ_ALERTMANAGER_SIGNOZ_ROUTE_GROUP__WAIT": "1s",
                 "SIGNOZ_ALERTMANAGER_SIGNOZ_ROUTE_GROUP__INTERVAL": "5s",
-                "SIGNOZ_CLOUDINTEGRATION_AGENT_VERSION": "v0.0.8",
             }
             | sqlstore.env
             | clickhouse.env

tests/integration/src/cloudintegrations/02_generate_connection_url.py

@@ -6,7 +6,7 @@ import requests
 
 from fixtures import types
 from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD
-from fixtures.cloudintegrationsutils import deprecated_simulate_agent_checkin
+from fixtures.cloudintegrationsutils import simulate_agent_checkin
 from fixtures.logger import setup_logger
 
 logger = setup_logger(__name__)
@@ -150,7 +150,7 @@ def test_duplicate_cloud_account_checkins(
     signoz: types.SigNoz,
     create_user_admin: types.Operation,  # pylint: disable=unused-argument
     get_token: Callable[[str, str], str],
-    deprecated_create_cloud_integration_account: Callable,
+    create_cloud_integration_account: Callable,
 ) -> None:
     """Test that two accounts cannot check in with the same cloud_account_id."""
 
@@ -159,16 +159,16 @@ def test_duplicate_cloud_account_checkins(
     same_cloud_account_id = str(uuid.uuid4())
 
     # Create two separate cloud integration accounts via generate-connection-url
-    account1 = deprecated_create_cloud_integration_account(admin_token, cloud_provider)
+    account1 = create_cloud_integration_account(admin_token, cloud_provider)
     account1_id = account1["account_id"]
 
-    account2 = deprecated_create_cloud_integration_account(admin_token, cloud_provider)
+    account2 = create_cloud_integration_account(admin_token, cloud_provider)
     account2_id = account2["account_id"]
 
     assert account1_id != account2_id, "Two accounts should have different internal IDs"
 
     #     First check-in succeeds: account1 claims cloud_account_id
-    response = deprecated_simulate_agent_checkin(
+    response = simulate_agent_checkin(
         signoz, admin_token, cloud_provider, account1_id, same_cloud_account_id
     )
     assert (
@@ -176,7 +176,7 @@ def test_duplicate_cloud_account_checkins(
     ), f"Expected 200 for first check-in, got {response.status_code}: {response.text}"
     #
     # Second check-in should fail: account2 tries to use the same cloud_account_id
-    response = deprecated_simulate_agent_checkin(
+    response = simulate_agent_checkin(
         signoz, admin_token, cloud_provider, account2_id, same_cloud_account_id
     )
 

tests/integration/src/cloudintegrations/03_accounts.py

@@ -6,7 +6,7 @@ import requests
 
 from fixtures import types
 from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD
-from fixtures.cloudintegrationsutils import deprecated_simulate_agent_checkin
+from fixtures.cloudintegrationsutils import simulate_agent_checkin
 from fixtures.logger import setup_logger
 
 logger = setup_logger(__name__)
@@ -45,21 +45,19 @@ def test_list_connected_accounts_with_account(
     signoz: types.SigNoz,
     create_user_admin: types.Operation,  # pylint: disable=unused-argument
     get_token: Callable[[str, str], str],
-    deprecated_create_cloud_integration_account: Callable,
+    create_cloud_integration_account: Callable,
 ) -> None:
     """Test listing connected accounts after creating one."""
     admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
 
     # Create a test account
     cloud_provider = "aws"
-    account_data = deprecated_create_cloud_integration_account(
-        admin_token, cloud_provider
-    )
+    account_data = create_cloud_integration_account(admin_token, cloud_provider)
     account_id = account_data["account_id"]
 
     # Simulate agent check-in to mark as connected
     cloud_account_id = str(uuid.uuid4())
-    response = deprecated_simulate_agent_checkin(
+    response = simulate_agent_checkin(
         signoz, admin_token, cloud_provider, account_id, cloud_account_id
     )
     assert (
@@ -95,15 +93,13 @@ def test_get_account_status(
     signoz: types.SigNoz,
     create_user_admin: types.Operation,  # pylint: disable=unused-argument
     get_token: Callable[[str, str], str],
-    deprecated_create_cloud_integration_account: Callable,
+    create_cloud_integration_account: Callable,
 ) -> None:
     """Test getting the status of a specific account."""
     admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
     # Create a test account (no check-in needed for status check)
     cloud_provider = "aws"
-    account_data = deprecated_create_cloud_integration_account(
-        admin_token, cloud_provider
-    )
+    account_data = create_cloud_integration_account(admin_token, cloud_provider)
     account_id = account_data["account_id"]
 
     # Get account status
@@ -156,21 +152,19 @@ def test_update_account_config(
     signoz: types.SigNoz,
     create_user_admin: types.Operation,  # pylint: disable=unused-argument
     get_token: Callable[[str, str], str],
-    deprecated_create_cloud_integration_account: Callable,
+    create_cloud_integration_account: Callable,
 ) -> None:
     """Test updating account configuration."""
     admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
 
     # Create a test account
     cloud_provider = "aws"
-    account_data = deprecated_create_cloud_integration_account(
-        admin_token, cloud_provider
-    )
+    account_data = create_cloud_integration_account(admin_token, cloud_provider)
     account_id = account_data["account_id"]
 
     # Simulate agent check-in to mark as connected
     cloud_account_id = str(uuid.uuid4())
-    response = deprecated_simulate_agent_checkin(
+    response = simulate_agent_checkin(
         signoz, admin_token, cloud_provider, account_id, cloud_account_id
     )
     assert (
@@ -226,21 +220,19 @@ def test_disconnect_account(
     signoz: types.SigNoz,
     create_user_admin: types.Operation,  # pylint: disable=unused-argument
     get_token: Callable[[str, str], str],
-    deprecated_create_cloud_integration_account: Callable,
+    create_cloud_integration_account: Callable,
 ) -> None:
     """Test disconnecting an account."""
     admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
 
     # Create a test account
     cloud_provider = "aws"
-    account_data = deprecated_create_cloud_integration_account(
-        admin_token, cloud_provider
-    )
+    account_data = create_cloud_integration_account(admin_token, cloud_provider)
     account_id = account_data["account_id"]
 
     # Simulate agent check-in to mark as connected
     cloud_account_id = str(uuid.uuid4())
-    response = deprecated_simulate_agent_checkin(
+    response = simulate_agent_checkin(
         signoz, admin_token, cloud_provider, account_id, cloud_account_id
     )
     assert (

tests/integration/src/cloudintegrations/04_services.py

@@ -6,7 +6,7 @@ import requests
 
 from fixtures import types
 from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD
-from fixtures.cloudintegrationsutils import deprecated_simulate_agent_checkin
+from fixtures.cloudintegrationsutils import simulate_agent_checkin
 from fixtures.logger import setup_logger
 
 logger = setup_logger(__name__)
@@ -50,20 +50,18 @@ def test_list_services_with_account(
     signoz: types.SigNoz,
     create_user_admin: types.Operation,  # pylint: disable=unused-argument
     get_token: Callable[[str, str], str],
-    deprecated_create_cloud_integration_account: Callable,
+    create_cloud_integration_account: Callable,
 ) -> None:
     """Test listing services for a specific connected account."""
     admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
 
     # Create a test account and do check-in
     cloud_provider = "aws"
-    account_data = deprecated_create_cloud_integration_account(
-        admin_token, cloud_provider
-    )
+    account_data = create_cloud_integration_account(admin_token, cloud_provider)
     account_id = account_data["account_id"]
 
     cloud_account_id = str(uuid.uuid4())
-    response = deprecated_simulate_agent_checkin(
+    response = simulate_agent_checkin(
         signoz, admin_token, cloud_provider, account_id, cloud_account_id
     )
     assert (
@@ -146,20 +144,18 @@ def test_get_service_details_with_account(
     signoz: types.SigNoz,
     create_user_admin: types.Operation,  # pylint: disable=unused-argument
     get_token: Callable[[str, str], str],
-    deprecated_create_cloud_integration_account: Callable,
+    create_cloud_integration_account: Callable,
 ) -> None:
     """Test getting service details for a specific connected account."""
     admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
 
     # Create a test account and do check-in
     cloud_provider = "aws"
-    account_data = deprecated_create_cloud_integration_account(
-        admin_token, cloud_provider
-    )
+    account_data = create_cloud_integration_account(admin_token, cloud_provider)
     account_id = account_data["account_id"]
 
     cloud_account_id = str(uuid.uuid4())
-    response = deprecated_simulate_agent_checkin(
+    response = simulate_agent_checkin(
         signoz, admin_token, cloud_provider, account_id, cloud_account_id
     )
     assert (
@@ -252,20 +248,18 @@ def test_update_service_config(
     signoz: types.SigNoz,
     create_user_admin: types.Operation,  # pylint: disable=unused-argument
     get_token: Callable[[str, str], str],
-    deprecated_create_cloud_integration_account: Callable,
+    create_cloud_integration_account: Callable,
 ) -> None:
     """Test updating service configuration for a connected account."""
     admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
 
     # Create a test account and do check-in
     cloud_provider = "aws"
-    account_data = deprecated_create_cloud_integration_account(
-        admin_token, cloud_provider
-    )
+    account_data = create_cloud_integration_account(admin_token, cloud_provider)
     account_id = account_data["account_id"]
 
     cloud_account_id = str(uuid.uuid4())
-    response = deprecated_simulate_agent_checkin(
+    response = simulate_agent_checkin(
         signoz, admin_token, cloud_provider, account_id, cloud_account_id
     )
     assert (
@@ -369,20 +363,18 @@ def test_update_service_config_invalid_service(
     signoz: types.SigNoz,
     create_user_admin: types.Operation,  # pylint: disable=unused-argument
     get_token: Callable[[str, str], str],
-    deprecated_create_cloud_integration_account: Callable,
+    create_cloud_integration_account: Callable,
 ) -> None:
     """Test updating config for a non-existent service should fail."""
     admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
 
     # Create a test account and do check-in
     cloud_provider = "aws"
-    account_data = deprecated_create_cloud_integration_account(
-        admin_token, cloud_provider
-    )
+    account_data = create_cloud_integration_account(admin_token, cloud_provider)
     account_id = account_data["account_id"]
 
     cloud_account_id = str(uuid.uuid4())
-    response = deprecated_simulate_agent_checkin(
+    response = simulate_agent_checkin(
         signoz, admin_token, cloud_provider, account_id, cloud_account_id
     )
     assert (
@@ -418,20 +410,18 @@ def test_update_service_config_disable_service(
     signoz: types.SigNoz,
     create_user_admin: types.Operation,  # pylint: disable=unused-argument
     get_token: Callable[[str, str], str],
-    deprecated_create_cloud_integration_account: Callable,
+    create_cloud_integration_account: Callable,
 ) -> None:
     """Test disabling a service by updating config with enabled=false."""
     admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
 
     # Create a test account and do check-in
     cloud_provider = "aws"
-    account_data = deprecated_create_cloud_integration_account(
-        admin_token, cloud_provider
-    )
+    account_data = create_cloud_integration_account(admin_token, cloud_provider)
     account_id = account_data["account_id"]
 
     cloud_account_id = str(uuid.uuid4())
-    response = deprecated_simulate_agent_checkin(
+    response = simulate_agent_checkin(
         signoz, admin_token, cloud_provider, account_id, cloud_account_id
     )
     assert (

tests/integration/src/cloudintegrations/05_credentials.py

@@ -1,164 +0,0 @@
-from http import HTTPStatus
-from typing import Callable
-
-import requests
-from wiremock.client import (
-    HttpMethods,
-    Mapping,
-    MappingRequest,
-    MappingResponse,
-)
-
-from fixtures import types
-from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD, add_license
-from fixtures.cloudintegrationsutils import setup_create_account_mocks
-from fixtures.logger import setup_logger
-
-logger = setup_logger(__name__)
-
-CLOUD_PROVIDER = "aws"
-CREDENTIALS_ENDPOINT = f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/credentials"
-
-
-def test_apply_license(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    make_http_mocks: Callable[[types.TestContainerDocker, list], None],
-    get_token: Callable[[str, str], str],
-) -> None:
-    """Apply a license so that subsequent cloud integration calls succeed."""
-    add_license(signoz, make_http_mocks, get_token)
-
-
-def test_get_credentials_success(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    make_http_mocks: Callable[[types.TestContainerDocker, list], None],
-    get_token: Callable[[str, str], str],
-) -> None:
-    """Happy path: all four credential fields are returned when Zeus and Gateway respond."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    setup_create_account_mocks(signoz, make_http_mocks)
-
-    response = requests.get(
-        signoz.self.host_configs["8080"].get(CREDENTIALS_ENDPOINT),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.OK
-    ), f"Expected 200, got {response.status_code}: {response.text}"
-
-    data = response.json()["data"]
-    for field in ("sigNozApiUrl", "sigNozApiKey", "ingestionUrl", "ingestionKey"):
-        assert field in data, f"Response should contain '{field}'"
-        assert isinstance(data[field], str), f"'{field}' should be a string"
-        assert (
-            len(data[field]) > 0
-        ), f"'{field}' should be non-empty when mocks are set up"
-
-
-def test_get_credentials_partial_when_zeus_unavailable(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    make_http_mocks: Callable[[types.TestContainerDocker, list], None],
-    get_token: Callable[[str, str], str],
-) -> None:
-    """When Zeus is unavailable, server still returns 200 with partial credentials.
-
-    The server silently ignores errors from individual credential lookups and returns
-    whatever it could resolve. The frontend is responsible for prompting the user to
-    fill in any empty fields.
-    """
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    # Reset Zeus mappings so no prior mock bleeds into this test,
-    # ensuring sigNozApiUrl cannot be resolved and will be returned as empty.
-    requests.post(
-        signoz.zeus.host_configs["8080"].get("/__admin/reset"),
-        timeout=10,
-    )
-
-    # Only set up Gateway mocks — Zeus has no mapping, so sigNozApiUrl will be empty
-    make_http_mocks(
-        signoz.gateway,
-        [
-            Mapping(
-                request=MappingRequest(
-                    method=HttpMethods.GET,
-                    url="/v1/workspaces/me/keys/search?name=aws-integration&page=1&per_page=10",
-                ),
-                response=MappingResponse(
-                    status=200,
-                    json_body={
-                        "status": "success",
-                        "data": [],
-                        "_pagination": {"page": 1, "per_page": 10, "total": 0},
-                    },
-                ),
-                persistent=False,
-            ),
-            Mapping(
-                request=MappingRequest(
-                    method=HttpMethods.POST,
-                    url="/v1/workspaces/me/keys",
-                ),
-                response=MappingResponse(
-                    status=200,
-                    json_body={
-                        "status": "success",
-                        "data": {
-                            "name": "aws-integration",
-                            "value": "test-ingestion-key-123456",
-                        },
-                        "error": "",
-                    },
-                ),
-                persistent=False,
-            ),
-        ],
-    )
-
-    response = requests.get(
-        signoz.self.host_configs["8080"].get(CREDENTIALS_ENDPOINT),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.OK
-    ), f"Expected 200 even without Zeus, got {response.status_code}: {response.text}"
-
-    data = response.json()["data"]
-    for field in ("sigNozApiUrl", "sigNozApiKey", "ingestionUrl", "ingestionKey"):
-        assert field in data, f"Response should always contain '{field}' key"
-        assert isinstance(data[field], str), f"'{field}' should be a string"
-
-    # sigNozApiUrl comes from Zeus, which is unavailable, so it should be empty
-    assert (
-        data["sigNozApiUrl"] == ""
-    ), "sigNozApiUrl should be empty when Zeus is unavailable"
-
-
-def test_get_credentials_unsupported_provider(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-) -> None:
-    """Unsupported cloud provider returns 400."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    response = requests.get(
-        signoz.self.host_configs["8080"].get(
-            "/api/v1/cloud_integrations/gcp/credentials"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.BAD_REQUEST
-    ), f"Expected 400 for unsupported provider, got {response.status_code}"
-    assert "error" in response.json(), "Response should contain 'error' field"

tests/integration/src/cloudintegrations/06_create_account.py

@@ -1,92 +0,0 @@
-from http import HTTPStatus
-from typing import Callable
-
-import requests
-
-from fixtures import types
-from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD, add_license
-from fixtures.logger import setup_logger
-
-logger = setup_logger(__name__)
-
-
-def test_apply_license(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    make_http_mocks: Callable[[types.TestContainerDocker, list], None],
-    get_token: Callable[[str, str], str],
-) -> None:
-    """Apply a license so that subsequent cloud integration calls succeed."""
-    add_license(signoz, make_http_mocks, get_token)
-
-
-def test_create_account(
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    create_cloud_integration_account: Callable,
-) -> None:
-    """Test creating a new cloud integration account for AWS."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-    cloud_provider = "aws"
-
-    data = create_cloud_integration_account(
-        admin_token,
-        cloud_provider,
-        deployment_region="us-east-1",
-        regions=["us-east-1", "us-west-2"],
-    )
-
-    assert "id" in data, "Response data should contain 'id' field"
-    assert len(data["id"]) > 0, "id should be a non-empty UUID string"
-
-    assert (
-        "connectionArtifact" in data
-    ), "Response data should contain 'connectionArtifact' field"
-    artifact = data["connectionArtifact"]
-    assert "aws" in artifact, "connectionArtifact should contain 'aws' field"
-    assert (
-        "connectionUrl" in artifact["aws"]
-    ), "connectionArtifact.aws should contain 'connectionUrl'"
-
-    connection_url = artifact["aws"]["connectionUrl"]
-    assert (
-        "console.aws.amazon.com/cloudformation" in connection_url
-    ), "connectionUrl should be an AWS CloudFormation URL"
-    assert (
-        "region=us-east-1" in connection_url
-    ), "connectionUrl should contain the deployment region"
-
-
-def test_create_account_unsupported_provider(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-) -> None:
-    """Test that creating an account with an unsupported cloud provider returns 400."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-    cloud_provider = "gcp"
-    endpoint = f"/api/v1/cloud_integrations/{cloud_provider}/accounts"
-
-    response = requests.post(
-        signoz.self.host_configs["8080"].get(endpoint),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        json={
-            "config": {
-                "gcp": {"deploymentRegion": "us-central1", "regions": ["us-central1"]}
-            },
-            "credentials": {
-                "sigNozApiURL": "https://test.signoz.cloud",
-                "sigNozApiKey": "test-key",
-                "ingestionUrl": "https://ingest.test.signoz.cloud",
-                "ingestionKey": "test-ingestion-key",
-            },
-        },
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.BAD_REQUEST
-    ), f"Expected 400 for unsupported provider, got {response.status_code}"
-
-    response_data = response.json()
-    assert "error" in response_data, "Response should contain 'error' field"

tests/integration/src/cloudintegrations/07_agent_check_in.py

@@ -1,129 +0,0 @@
-import uuid
-from http import HTTPStatus
-from typing import Callable
-
-from fixtures import types
-from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD, add_license
-from fixtures.cloudintegrationsutils import simulate_agent_checkin
-from fixtures.logger import setup_logger
-
-logger = setup_logger(__name__)
-
-CLOUD_PROVIDER = "aws"
-
-
-def test_apply_license(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    make_http_mocks: Callable[[types.TestContainerDocker, list], None],
-    get_token: Callable[[str, str], str],
-) -> None:
-    """Apply a license so that subsequent cloud integration calls succeed."""
-    add_license(signoz, make_http_mocks, get_token)
-
-
-def test_agent_check_in(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    create_cloud_integration_account: Callable,
-) -> None:
-    """Test agent check-in with new camelCase fields returns 200 with expected response shape."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    account = create_cloud_integration_account(
-        admin_token, CLOUD_PROVIDER, regions=["us-east-1"]
-    )
-    account_id = account["id"]
-    provider_account_id = str(uuid.uuid4())
-
-    response = simulate_agent_checkin(
-        signoz,
-        admin_token,
-        CLOUD_PROVIDER,
-        account_id,
-        provider_account_id,
-        data={"version": "v0.0.8"},
-    )
-
-    assert (
-        response.status_code == HTTPStatus.OK
-    ), f"Expected 200, got {response.status_code}: {response.text}"
-
-    data = response.json()["data"]
-
-    # New camelCase fields
-    assert data["cloudIntegrationId"] == account_id, "cloudIntegrationId should match"
-    assert (
-        data["providerAccountId"] == provider_account_id
-    ), "providerAccountId should match"
-    assert "integrationConfig" in data, "Response should contain 'integrationConfig'"
-    assert data["removedAt"] is None, "removedAt should be null for a live account"
-
-    # Backward-compat snake_case fields
-    assert data["account_id"] == account_id, "account_id (compat) should match"
-    assert (
-        data["cloud_account_id"] == provider_account_id
-    ), "cloud_account_id (compat) should match"
-    assert (
-        "integration_config" in data
-    ), "Response should contain 'integration_config' (compat)"
-    assert "removed_at" in data, "Response should contain 'removed_at' (compat)"
-
-    # integrationConfig should reflect the configured regions
-    integration_config = data["integrationConfig"]
-    assert "aws" in integration_config, "integrationConfig should contain 'aws' block"
-    assert integration_config["aws"]["enabledRegions"] == [
-        "us-east-1"
-    ], "enabledRegions should match account config"
-
-
-def test_agent_check_in_account_not_found(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-) -> None:
-    """Test that check-in with an unknown cloudIntegrationId returns 404."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-    fake_id = str(uuid.uuid4())
-
-    response = simulate_agent_checkin(
-        signoz, admin_token, CLOUD_PROVIDER, fake_id, str(uuid.uuid4())
-    )
-
-    assert (
-        response.status_code == HTTPStatus.NOT_FOUND
-    ), f"Expected 404, got {response.status_code}: {response.text}"
-
-
-def test_duplicate_cloud_account_checkins(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    create_cloud_integration_account: Callable,
-) -> None:
-    """Test that two different accounts cannot check in with the same providerAccountId."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    account1 = create_cloud_integration_account(admin_token, CLOUD_PROVIDER)
-    account2 = create_cloud_integration_account(admin_token, CLOUD_PROVIDER)
-
-    assert account1["id"] != account2["id"], "Two accounts should have different IDs"
-
-    same_provider_account_id = str(uuid.uuid4())
-
-    # First check-in: account1 claims the provider account ID
-    response = simulate_agent_checkin(
-        signoz, admin_token, CLOUD_PROVIDER, account1["id"], same_provider_account_id
-    )
-    assert (
-        response.status_code == HTTPStatus.OK
-    ), f"Expected 200 for first check-in, got {response.status_code}: {response.text}"
-
-    # Second check-in: account2 tries to claim the same provider account ID → 409
-    response = simulate_agent_checkin(
-        signoz, admin_token, CLOUD_PROVIDER, account2["id"], same_provider_account_id
-    )
-    assert (
-        response.status_code == HTTPStatus.CONFLICT
-    ), f"Expected 409 for duplicate providerAccountId, got {response.status_code}: {response.text}"

tests/integration/src/cloudintegrations/08_accounts.py

@@ -1,341 +0,0 @@
-import uuid
-from http import HTTPStatus
-from typing import Callable
-
-import requests
-
-from fixtures import types
-from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD, add_license
-from fixtures.cloudintegrationsutils import simulate_agent_checkin
-from fixtures.logger import setup_logger
-
-logger = setup_logger(__name__)
-
-CLOUD_PROVIDER = "aws"
-
-
-def test_apply_license(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    make_http_mocks: Callable[[types.TestContainerDocker, list], None],
-    get_token: Callable[[str, str], str],
-) -> None:
-    """Apply a license so that subsequent cloud integration calls succeed."""
-    add_license(signoz, make_http_mocks, get_token)
-
-
-def test_list_accounts_empty(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-) -> None:
-    """List accounts returns an empty list when no accounts have checked in."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    response = requests.get(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.OK
-    ), f"Expected 200, got {response.status_code}"
-
-    data = response.json()["data"]
-    assert "accounts" in data, "Response should contain 'accounts' field"
-    assert isinstance(data["accounts"], list), "accounts should be a list"
-    assert (
-        len(data["accounts"]) == 0
-    ), "accounts list should be empty when no accounts have checked in"
-
-
-def test_list_accounts_after_checkin(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    create_cloud_integration_account: Callable,
-) -> None:
-    """List accounts returns an account after it has checked in."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    account = create_cloud_integration_account(
-        admin_token, CLOUD_PROVIDER, regions=["us-east-1"]
-    )
-    account_id = account["id"]
-    provider_account_id = str(uuid.uuid4())
-
-    checkin = simulate_agent_checkin(
-        signoz, admin_token, CLOUD_PROVIDER, account_id, provider_account_id
-    )
-    assert checkin.status_code == HTTPStatus.OK, f"Check-in failed: {checkin.text}"
-
-    response = requests.get(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.OK
-    ), f"Expected 200, got {response.status_code}"
-
-    data = response.json()["data"]
-    found = next((a for a in data["accounts"] if a["id"] == account_id), None)
-    assert (
-        found is not None
-    ), f"Account {account_id} should appear in list after check-in"
-    assert (
-        found["providerAccountId"] == provider_account_id
-    ), "providerAccountId should match"
-    assert found["config"]["aws"]["regions"] == [
-        "us-east-1"
-    ], "regions should match account config"
-    assert (
-        found["agentReport"] is not None
-    ), "agentReport should be present after check-in"
-    assert found["removedAt"] is None, "removedAt should be null for a live account"
-
-
-def test_get_account(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    create_cloud_integration_account: Callable,
-) -> None:
-    """Get a specific account by ID returns the account with correct fields."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    account = create_cloud_integration_account(
-        admin_token, CLOUD_PROVIDER, regions=["us-east-1", "eu-west-1"]
-    )
-    account_id = account["id"]
-
-    response = requests.get(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts/{account_id}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.OK
-    ), f"Expected 200, got {response.status_code}"
-
-    data = response.json()["data"]
-    assert data["id"] == account_id, "id should match"
-    assert data["config"]["aws"]["regions"] == [
-        "us-east-1",
-        "eu-west-1",
-    ], "regions should match"
-    assert data["removedAt"] is None, "removedAt should be null"
-
-
-def test_get_account_not_found(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-) -> None:
-    """Get a non-existent account returns 404."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    response = requests.get(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts/{uuid.uuid4()}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.NOT_FOUND
-    ), f"Expected 404, got {response.status_code}"
-
-
-def test_update_account(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    create_cloud_integration_account: Callable,
-) -> None:
-    """Update account config and verify the change is persisted via GET."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    account = create_cloud_integration_account(
-        admin_token, CLOUD_PROVIDER, regions=["us-east-1"]
-    )
-    account_id = account["id"]
-    updated_regions = ["us-east-1", "us-west-2", "eu-west-1"]
-
-    response = requests.put(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts/{account_id}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        json={"config": {"aws": {"regions": updated_regions}}},
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.NO_CONTENT
-    ), f"Expected 204, got {response.status_code}"
-
-    get_response = requests.get(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts/{account_id}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-    assert get_response.status_code == HTTPStatus.OK
-    assert (
-        get_response.json()["data"]["config"]["aws"]["regions"] == updated_regions
-    ), "Regions should reflect the update"
-
-
-def test_update_account_after_checkin_preserves_connected_status(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    create_cloud_integration_account: Callable,
-) -> None:
-    """Updating config after agent check-in must not remove the account from the connected list.
-
-    Regression test: previously, updating an account would reset account_id to NULL,
-    causing the account to disappear from the connected accounts listing
-    (which filters on account_id IS NOT NULL).
-    """
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    # 1. Create account
-    account = create_cloud_integration_account(
-        admin_token, CLOUD_PROVIDER, regions=["us-east-1"]
-    )
-    account_id = account["id"]
-    provider_account_id = str(uuid.uuid4())
-
-    # 2. Agent checks in — sets account_id and last_agent_report
-    checkin = simulate_agent_checkin(
-        signoz, admin_token, CLOUD_PROVIDER, account_id, provider_account_id
-    )
-    assert checkin.status_code == HTTPStatus.OK, f"Check-in failed: {checkin.text}"
-
-    # 3. Verify the account appears in the connected list
-    list_response = requests.get(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-    assert list_response.status_code == HTTPStatus.OK
-    accounts_before = list_response.json()["data"]["accounts"]
-    found_before = next((a for a in accounts_before if a["id"] == account_id), None)
-    assert found_before is not None, "Account should be listed after check-in"
-
-    # 4. Update account config
-    updated_regions = ["us-east-1", "us-west-2"]
-    update_response = requests.put(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts/{account_id}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        json={"config": {"aws": {"regions": updated_regions}}},
-        timeout=10,
-    )
-    assert (
-        update_response.status_code == HTTPStatus.NO_CONTENT
-    ), f"Expected 204, got {update_response.status_code}"
-
-    # 5. Verify the account still appears in the connected list with correct fields
-    list_response = requests.get(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-    assert list_response.status_code == HTTPStatus.OK
-    accounts_after = list_response.json()["data"]["accounts"]
-    found_after = next((a for a in accounts_after if a["id"] == account_id), None)
-    assert (
-        found_after is not None
-    ), "Account must still be listed after config update (account_id should not be reset)"
-    assert (
-        found_after["providerAccountId"] == provider_account_id
-    ), "providerAccountId should be preserved after update"
-    assert (
-        found_after["agentReport"] is not None
-    ), "agentReport should be preserved after update"
-    assert (
-        found_after["config"]["aws"]["regions"] == updated_regions
-    ), "Config should reflect the update"
-    assert found_after["removedAt"] is None, "removedAt should still be null"
-
-
-def test_disconnect_account(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    create_cloud_integration_account: Callable,
-) -> None:
-    """Disconnect an account removes it from the connected list."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    account = create_cloud_integration_account(admin_token, CLOUD_PROVIDER)
-    account_id = account["id"]
-
-    checkin = simulate_agent_checkin(
-        signoz, admin_token, CLOUD_PROVIDER, account_id, str(uuid.uuid4())
-    )
-    assert checkin.status_code == HTTPStatus.OK, f"Check-in failed: {checkin.text}"
-
-    response = requests.delete(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts/{account_id}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.NO_CONTENT
-    ), f"Expected 204, got {response.status_code}"
-
-    list_response = requests.get(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-    accounts = list_response.json()["data"]["accounts"]
-    assert not any(
-        a["id"] == account_id for a in accounts
-    ), "Disconnected account should not appear in the connected list"
-
-
-def test_disconnect_account_idempotent(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-) -> None:
-    """Disconnect on a non-existent account ID returns 204 (blind update, no existence check)."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    response = requests.delete(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts/{uuid.uuid4()}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.NO_CONTENT
-    ), f"Expected 204, got {response.status_code}"

tests/integration/src/cloudintegrations/09_services.py

@@ -1,445 +0,0 @@
-import uuid
-from http import HTTPStatus
-from typing import Callable
-
-import requests
-
-from fixtures import types
-from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD, add_license
-from fixtures.logger import setup_logger
-
-logger = setup_logger(__name__)
-
-CLOUD_PROVIDER = "aws"
-SERVICE_ID = "rds"
-
-
-def test_apply_license(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    make_http_mocks: Callable[[types.TestContainerDocker, list], None],
-    get_token: Callable[[str, str], str],
-) -> None:
-    """Apply a license so that subsequent cloud integration calls succeed."""
-    add_license(signoz, make_http_mocks, get_token)
-
-
-def test_list_services_without_account(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-) -> None:
-    """List available services without specifying a cloud_integration_id."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    response = requests.get(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/services"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.OK
-    ), f"Expected 200, got {response.status_code}"
-
-    data = response.json()["data"]
-    assert "services" in data, "Response should contain 'services' field"
-    assert isinstance(data["services"], list), "services should be a list"
-    assert len(data["services"]) > 0, "services list should be non-empty"
-
-    service = data["services"][0]
-    assert "id" in service, "Service should have 'id' field"
-    assert "title" in service, "Service should have 'title' field"
-    assert "icon" in service, "Service should have 'icon' field"
-    assert "enabled" in service, "Service should have 'enabled' field"
-
-
-def test_list_services_with_account(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    create_cloud_integration_account: Callable,
-) -> None:
-    """List services filtered to a specific account — all disabled by default."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    account = create_cloud_integration_account(admin_token, CLOUD_PROVIDER)
-    account_id = account["id"]
-
-    response = requests.get(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/services?cloud_integration_id={account_id}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.OK
-    ), f"Expected 200, got {response.status_code}"
-
-    data = response.json()["data"]
-    assert "services" in data, "Response should contain 'services' field"
-    assert len(data["services"]) > 0, "services list should be non-empty"
-
-    for svc in data["services"]:
-        assert "enabled" in svc, "Each service should have 'enabled' field"
-        assert (
-            svc["enabled"] is False
-        ), f"Service {svc['id']} should be disabled before any config is set"
-
-
-def test_get_service_details_without_account(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-) -> None:
-    """Get full service definition without specifying an account."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    response = requests.get(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/services/{SERVICE_ID}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.OK
-    ), f"Expected 200, got {response.status_code}"
-
-    data = response.json()["data"]
-    assert data["id"] == SERVICE_ID, f"id should be '{SERVICE_ID}'"
-    assert "title" in data, "Service should have 'title'"
-    assert "overview" in data, "Service should have 'overview' (markdown)"
-    assert "assets" in data, "Service should have 'assets'"
-    assert isinstance(
-        data["assets"]["dashboards"], list
-    ), "assets.dashboards should be a list"
-    assert (
-        "telemetryCollectionStrategy" in data
-    ), "Service should have 'telemetryCollectionStrategy'"
-    assert (
-        data["cloudIntegrationService"] is None
-    ), "cloudIntegrationService should be null without account context"
-
-
-def test_get_service_details_with_account(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    create_cloud_integration_account: Callable,
-) -> None:
-    """Get service details with account context — cloudIntegrationService is null before first UpdateService."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    account = create_cloud_integration_account(admin_token, CLOUD_PROVIDER)
-    account_id = account["id"]
-
-    response = requests.get(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/services/{SERVICE_ID}"
-            f"?cloud_integration_id={account_id}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.OK
-    ), f"Expected 200, got {response.status_code}"
-
-    data = response.json()["data"]
-    assert data["id"] == SERVICE_ID
-    assert (
-        data["cloudIntegrationService"] is None
-    ), "cloudIntegrationService should be null before any service config is set"
-
-
-def test_get_service_not_found(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-) -> None:
-    """Get a non-existent service ID returns 400 (invalid service ID is a bad request)."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    response = requests.get(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/services/non-existent-service"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.BAD_REQUEST
-    ), f"Expected 400, got {response.status_code}"
-
-
-def test_update_service_config(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    create_cloud_integration_account: Callable,
-) -> None:
-    """Enable a service and verify the config is persisted via GET."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    account = create_cloud_integration_account(admin_token, CLOUD_PROVIDER)
-    account_id = account["id"]
-
-    put_response = requests.put(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts/{account_id}/services/{SERVICE_ID}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        json={
-            "config": {"aws": {"metrics": {"enabled": True}, "logs": {"enabled": True}}}
-        },
-        timeout=10,
-    )
-
-    assert (
-        put_response.status_code == HTTPStatus.NO_CONTENT
-    ), f"Expected 204, got {put_response.status_code}: {put_response.text}"
-
-    get_response = requests.get(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/services/{SERVICE_ID}"
-            f"?cloud_integration_id={account_id}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-
-    assert get_response.status_code == HTTPStatus.OK
-    data = get_response.json()["data"]
-    svc = data["cloudIntegrationService"]
-    assert (
-        svc is not None
-    ), "cloudIntegrationService should be non-null after UpdateService"
-    assert (
-        svc["config"]["aws"]["metrics"]["enabled"] is True
-    ), "metrics should be enabled"
-    assert svc["config"]["aws"]["logs"]["enabled"] is True, "logs should be enabled"
-    assert (
-        svc["cloudIntegrationId"] == account_id
-    ), "cloudIntegrationId should match the account"
-
-
-def test_update_service_config_disable(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    create_cloud_integration_account: Callable,
-) -> None:
-    """Enable then disable a service — config change is persisted."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    account = create_cloud_integration_account(admin_token, CLOUD_PROVIDER)
-    account_id = account["id"]
-    endpoint = signoz.self.host_configs["8080"].get(
-        f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts/{account_id}/services/{SERVICE_ID}"
-    )
-
-    # Enable
-    r = requests.put(
-        endpoint,
-        headers={"Authorization": f"Bearer {admin_token}"},
-        json={
-            "config": {"aws": {"metrics": {"enabled": True}, "logs": {"enabled": True}}}
-        },
-        timeout=10,
-    )
-    assert (
-        r.status_code == HTTPStatus.NO_CONTENT
-    ), f"Enable failed: {r.status_code}: {r.text}"
-
-    # Disable
-    r = requests.put(
-        endpoint,
-        headers={"Authorization": f"Bearer {admin_token}"},
-        json={
-            "config": {
-                "aws": {"metrics": {"enabled": False}, "logs": {"enabled": False}}
-            }
-        },
-        timeout=10,
-    )
-    assert (
-        r.status_code == HTTPStatus.NO_CONTENT
-    ), f"Disable failed: {r.status_code}: {r.text}"
-
-    get_response = requests.get(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/services/{SERVICE_ID}"
-            f"?cloud_integration_id={account_id}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-
-    assert get_response.status_code == HTTPStatus.OK
-    svc = get_response.json()["data"]["cloudIntegrationService"]
-    assert (
-        svc is not None
-    ), "cloudIntegrationService should still be present after disable"
-    assert (
-        svc["config"]["aws"]["metrics"]["enabled"] is False
-    ), "metrics should be disabled"
-    assert svc["config"]["aws"]["logs"]["enabled"] is False, "logs should be disabled"
-
-
-def test_update_service_account_not_found(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-) -> None:
-    """PUT with a non-existent account UUID returns 404."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    response = requests.put(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts/{uuid.uuid4()}/services/{SERVICE_ID}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        json={"config": {"aws": {"metrics": {"enabled": True}}}},
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.NOT_FOUND
-    ), f"Expected 404, got {response.status_code}"
-
-
-def test_list_services_unsupported_provider(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-) -> None:
-    """List services for an unsupported cloud provider returns 400."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    response = requests.get(
-        signoz.self.host_configs["8080"].get("/api/v1/cloud_integrations/gcp/services"),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.BAD_REQUEST
-    ), f"Expected 400, got {response.status_code}"
-
-
-def test_list_services_account_removed(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    create_cloud_integration_account: Callable,
-) -> None:
-    """List services with a cloud_integration_id for a deleted account returns 404."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    account = create_cloud_integration_account(admin_token, CLOUD_PROVIDER)
-    account_id = account["id"]
-
-    delete_response = requests.delete(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts/{account_id}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-    assert (
-        delete_response.status_code == HTTPStatus.NO_CONTENT
-    ), f"Expected 204 on delete, got {delete_response.status_code}"
-
-    response = requests.get(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/services?cloud_integration_id={account_id}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.NOT_FOUND
-    ), f"Expected 404, got {response.status_code}"
-
-
-def test_get_service_details_account_removed(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    create_cloud_integration_account: Callable,
-) -> None:
-    """Get service details with a cloud_integration_id for a deleted account returns 404."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    account = create_cloud_integration_account(admin_token, CLOUD_PROVIDER)
-    account_id = account["id"]
-
-    delete_response = requests.delete(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts/{account_id}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-    assert (
-        delete_response.status_code == HTTPStatus.NO_CONTENT
-    ), f"Expected 204 on delete, got {delete_response.status_code}"
-
-    response = requests.get(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/services/{SERVICE_ID}"
-            f"?cloud_integration_id={account_id}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.NOT_FOUND
-    ), f"Expected 404, got {response.status_code}"
-
-
-def test_update_service_account_removed(
-    signoz: types.SigNoz,
-    create_user_admin: types.Operation,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    create_cloud_integration_account: Callable,
-) -> None:
-    """PUT service config for a deleted account returns 404."""
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    account = create_cloud_integration_account(admin_token, CLOUD_PROVIDER)
-    account_id = account["id"]
-
-    delete_response = requests.delete(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts/{account_id}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=10,
-    )
-    assert (
-        delete_response.status_code == HTTPStatus.NO_CONTENT
-    ), f"Expected 204 on delete, got {delete_response.status_code}"
-
-    response = requests.put(
-        signoz.self.host_configs["8080"].get(
-            f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts/{account_id}/services/{SERVICE_ID}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        json={"config": {"aws": {"metrics": {"enabled": True}}}},
-        timeout=10,
-    )
-
-    assert (
-        response.status_code == HTTPStatus.NOT_FOUND
-    ), f"Expected 404, got {response.status_code}"