- Project Name: FinLens
- Document Type: Functional Requirements Document (FRD)
- Audience: Product Owner; Engineering; QA / Validation; Future Contributors
- Document Nature: Living, controlled
- Traceability: Must map back to BRD
- Stability: Medium-High (changes when behavior changes)
This document defines WHAT the FinLens system must do in terms of observable behavior.
It answers:
- What capabilities the system provides
- How users interact with the system
- How data flows through the system
- What the system must and must not do
This document does NOT define:
- How things are implemented
- Which language, framework, or libraries are used
- Internal optimizations
- UI visual design specifics
If something is not defined here, it is not guaranteed behavior.
FinLens is a single-command, offline-first system that:
- Scans configured cloud accounts
- Collects and enriches cloud data
- Produces structured, processed output
- Generates a self-contained interactive report
- Enables human decision-making
| Actor | Description |
|---|---|
| Operator | Person running finlens scan |
| End User | Person viewing the generated report |
| Cloud Provider | AWS APIs |
| FinLens System | Backend + UI |
- Operator executes scan command
- System loads configuration
- System scans cloud resources
- System enriches and processes data
- System generates report artifacts
- End user views report
- Configuration-driven scanning
- AWS account data collection
- Cost and usage processing
- Insight enrichment
- Report generation
- Offline UI consumption
- Live dashboards
- Real-time updates
- Background daemons
- Automated remediation
- Notifications or alerts
- User authentication
Description: The system shall support execution via a single command.
Behavior:
- Operator executes finlens scan
- No mandatory CLI arguments
- Command triggers full scan lifecycle
Rationale: Supports simplicity and non-technical usage (BRD alignment).
Description: The system shall load execution parameters from configuration files.
Behavior:
- Profiles, regions, and services are read from config files
- Missing or invalid config results in clear error messages
- Defaults are applied where defined
Constraints:
- No runtime flags override config
Description: The system shall authenticate using local cloud credentials.
Behavior:
- Uses locally configured AWS profiles
- No credentials stored or persisted
- Failure to authenticate results in graceful failure per profile
Description: The system shall scan cloud resources service-by-service.
Behavior:
- Only configured services are scanned
- Each service scan is isolated
- Failure in one service does not abort entire scan
Description: The system shall discover resources for each service.
Behavior:
- Collects resource identifiers and metadata
- Associates resources with region and account
- Ignores unsupported resource types
Description: The system shall collect cost data for scanned resources.
Behavior:
- Monthly cost attribution
- Currency defined in configuration or defaults
- Missing cost data handled explicitly
Description: The system shall collect usage or utilization metrics where applicable.
Behavior:
- Metrics collection is best-effort
- Missing metrics do not fail scan
- Metric time window is consistent per scan
Description: The system shall enrich raw data into meaningful signals.
Behavior:
- Calculate utilization indicators
- Derive health or risk flags
- Generate optimization hints
Constraint:
- Enrichment logic must be explainable
Description: The system shall transform collected and enriched data into structured output.
Behavior:
- Data organized by Account Service Resource
- Output is deterministic
- Raw data not exposed to UI directly
Description: The system shall generate processed JSON output.
Behavior:
- JSON represents complete account state
- JSON is human-readable
- JSON is self-sufficient (no external calls needed)
Description: The system shall generate metadata about the scan.
Behavior:
- Includes timestamp, profiles, regions, services
- Includes FinLens version
- Includes currency
Description: The system shall generate a self-contained report directory.
Behavior:
- Contains processed data
- Contains metadata
- Contains UI assets
- Directory is portable
Description: The system shall handle failures gracefully.
Behavior:
- Logs errors clearly
- Continues scan where possible
- Surfaces partial success
Description: The UI shall operate fully offline.
Behavior:
- No network calls
- No backend dependency
- Loads only local assets and JSON
Description: The UI shall consume processed JSON as its only data source.
Behavior:
- No mutation of data
- No enrichment in UI
- UI reflects JSON truth exactly
Description: The UI shall present a high-level service overview.
Behavior:
- Shows limited services initially
- Displays cost, count, and health indicators
- Allows progressive reveal
Description: The UI shall allow detailed inspection of a service.
Behavior:
- Tabular resource display
- Default columns shown
- Optional columns user-selectable
Description: The UI shall support data exploration.
Behavior:
- Sorting on all visible columns
- Filtering by relevant fields
- No data mutation
Description: The UI shall hide complexity by default.
Behavior:
- Simple language by default
- Advanced details optional
- Visual cues over raw numbers
| Constraint | Description |
|---|---|
| Deterministic Output | Same input, same output |
| No Runtime Cloud Calls | After scan completion |
| Stateless UI | No persistence |
| Human-Readable Defaults | No jargon by default |
| BRD Objective | FR Coverage |
|---|---|
| Non-tech clarity | FR-16, FR-19 |
| Offline reports | FR-12, FR-14 |
| Decision enablement | FR-08, FR-16 |
| Reduced dependency | FR-01, FR-15 |
This FRD is satisfied when:
- A complete scan can be run with one command
- A report is generated without cloud access afterward
- A non-technical user can navigate the report
- Engineers can validate data accuracy
Any change to:
- User behavior
- Data flow
- Report semantics
Requires:
- Update to this FRD
- Traceability to BRD
- Explicit approval