GlassHouse Systems - Civic Engagement Platform Architecture

%%{init: {'theme':'default', 'themeVariables': {'fontSize':'24px', 'fontFamily':'Arial', 'primaryColor':'#e8f4ff', 'primaryBorderColor':'#1166cc', 'primaryTextColor':'#000', 'lineColor':'#333', 'secondaryColor':'#dcfce7', 'tertiaryColor':'#f3e8ff'}}}%% flowchart TB subgraph CITY["🏛️ EXTERNAL - CITY & PUBLIC"] Resident["👤 Resident
Web/Mobile"] Admin["👔 City Staff
Admin Portal"] Laserfiche["📁 Laserfiche
Records System"] CMS["🌐 City Website
CMS"] Social["💬 Social
Channels"] end subgraph ISVLAYER["🎯 CIVIC ENGAGEMENT ISV
GHS Subcontracts & Manages"] GRANICUS["📊 Granicus
(Bang the Table)
OR
📋 PublicInput
━━━━━━━━━
Surveys/Polls
Dashboards
Project Tracking
Multilingual/SMS
WCAG Compliant"] end subgraph GHS["🛡️ GLASSHOUSE SYSTEMS
Infrastructure Security Anchor + Managed Operations"] ARCH["🏗️ Architecture
& Hardening
━━━━━━━━━
Landing Zone
Multi-Zone Design
99.9% SLA"] SECOPS["🔒 24×7 SecOps
━━━━━━━━━
Monitoring
Incident Response
Vuln/Patch Pipeline
Backup/Restore"] INTEG["🔗 Integration SI
━━━━━━━━━
SSO Implementation
Laserfiche Connect
CMS/Social APIs
Data Pipelines"] PM["📋 PM & Rollout
━━━━━━━━━
Change Management
Stakeholder Demos
Michigan On-Site
ISV Coordination"] end subgraph IBM["☁️ IBM CLOUD PLATFORM
Baseline BOM - Managed by GlassHouse"] subgraph VPC["🔐 VPC LANDING ZONE
Multi-Zone Architecture"] LB["⚖️ Load Balancer
for VPC"] API["🌉 API Connect
Gateway"] ROKS["🐳 OpenShift
ROKS
Multi-Zone
99.9% SLA"] DB["💾 Db2/PostgreSQL
App Data"] DWH["📊 Db2 Warehouse
watsonx.data
Analytics Mart"] ES["📨 Event Streams
Kafka"] EN["📧 Event
Notifications
Email/SMS"] WAI["🤖 watsonx.ai
AI Analytics
NLP/Sentiment"] WG["🎯 watsonx
governance
Model Controls"] end subgraph SECURITY["🛡️ SECURITY & COMPLIANCE LAYER"] SCC["⚡ Security &
Compliance Center
━━━━━━━━━
Compliance Evidence
Control Library
Audit Reports"] KP["🔐 Key Protect
Hyper Protect
━━━━━━━━━
KMS/HSM
Encryption Keys
FIPS 140-2 L4"] IAM["👥 IBM Cloud IAM
━━━━━━━━━
Policy Models
RBAC/ABAC
Service IDs"] SSO["🆔 IBM Verify
App ID
SSO/OIDC/SAML"] end subgraph OBSERVE["📡 OBSERVABILITY"] MON["📊 Cloud Monitoring
Metrics & Alerts"] LOGS["📝 Cloud Logs
Activity Tracker"] FLOW["🔍 Flow Logs
for VPC
Network Analysis"] end CR["📦 Container
Registry"] CD["🚀 Continuous
Delivery"] DL["🔌 Direct Link
(Optional)
Private Connectivity"] end %% USER TRAFFIC - Thick Green Lines Resident ==>|"HTTPS/TLS
RESIDENT ACCESS"| LB Admin ==>|"HTTPS/TLS
STAFF ACCESS"| LB %% LOAD BALANCER ROUTING - Blue Lines LB ==>|"CIVIC APP"| GRANICUS LB ==>|"API DIRECT"| API %% ISV AUTHENTICATION - Orange Lines GRANICUS -.->|"OIDC/SAML
AUTH"| SSO SSO -.->|"TOKEN"| GRANICUS %% ISV TO API GATEWAY - Blue Lines GRANICUS ==>|"API CALLS"| API API ==>|"BACKEND"| ROKS %% DATA PROCESSING - Purple Lines ROKS ==>|"DATA OPS"| DB ROKS ==>|"EVENTS"| ES ES ==>|"AI PIPELINE"| WAI WAI ==>|"INSIGHTS"| DWH WAI -.->|"GOVERNANCE"| WG INTEG ==>|"ETL/ANALYTICS"| DWH DWH ==>|"REPORTS"| GRANICUS %% NOTIFICATION FLOW - Green GRANICUS ==>|"TRIGGER"| EN EN ==>|"Email/SMS
NOTIFICATIONS"| Resident %% EXTERNAL INTEGRATIONS - Magenta Lines INTEG ===>|"INTEGRATION"| API API ===>|"REST/JSON
RECORDS"| Laserfiche API ===>|"REST/JSON
CONTENT"| CMS API ===>|"REST/JSON
SOCIAL"| Social %% GHS OPERATIONS - Thick Security Red Lines ARCH ===>|"DESIGN & BUILD"| VPC ARCH ===>|"HARDENING"| ROKS SECOPS ===>|"24×7 MONITOR"| MON SECOPS ===>|"INCIDENT MGT"| LOGS SECOPS ===>|"COMPLIANCE"| SCC SECOPS ===>|"PATCH/VULN"| ROKS %% SECURITY ENFORCEMENT - Red Dashed Lines SCC -..->|"POLICIES"| ROKS SCC -..->|"EVIDENCE"| SECOPS KP -..->|"ENCRYPTION"| DB KP -..->|"ENCRYPTION"| DWH KP -..->|"KEYS"| ROKS IAM -..->|"ACCESS"| VPC FLOW -..->|"NETWORK"| SECOPS %% CI/CD FLOWS - Thin Blue CD -.->|"images"| CR CD -.->|"deploy"| ROKS INTEG -.->|"config"| CD %% PM COORDINATION - Thin Green PM -.->|"coordinate"| GRANICUS PM -.->|"manage"| ARCH PM -.->|"oversee"| SECOPS PM -.->|"drive"| INTEG %% PRIVATE NETWORK - Dashed Gray DL -..->|"PRIVATE NET
(If Required)"| VPC Laserfiche -..->|"PRIVATE LINK
(Optional)"| DL classDef city fill:#fef3c7,stroke:#f59e0b,stroke-width:3px,color:#000 classDef isv fill:#e0e7ff,stroke:#4f46e5,stroke-width:4px,color:#312e81 classDef ghs fill:#fce7f3,stroke:#ec4899,stroke-width:4px,color:#831843 classDef ibm fill:#dbeafe,stroke:#2563eb,stroke-width:3px,color:#1e3a8a classDef security fill:#fee2e2,stroke:#dc2626,stroke-width:4px,color:#7f1d1d classDef observe fill:#f0f9ff,stroke:#0ea5e9,stroke-width:3px,color:#075985 class Resident,Admin,Laserfiche,CMS,Social city class GRANICUS isv class ARCH,SECOPS,INTEG,PM ghs class LB,API,ROKS,DB,DWH,ES,EN,WAI,WG,CR,CD ibm class SCC,KP,IAM,SSO security class MON,LOGS,FLOW observe class DL ibm

Flow Types