3071 lines
108 KiB
JSON
3071 lines
108 KiB
JSON
{
|
||
"blocked_actions": [
|
||
"ssh_read",
|
||
"ssh_write",
|
||
"live_firewall_read",
|
||
"firewall_change",
|
||
"port_change",
|
||
"port_close",
|
||
"port_open",
|
||
"network_policy_apply",
|
||
"nodeport_change",
|
||
"wireguard_change",
|
||
"sudo_action",
|
||
"deploy_ssh_action",
|
||
"route_smoke",
|
||
"public_gateway_reload",
|
||
"nginx_reload",
|
||
"host_restart",
|
||
"docker_restart",
|
||
"systemd_restart",
|
||
"secret_value_collection",
|
||
"ssh_key_collection",
|
||
"raw_firewall_dump_storage",
|
||
"raw_key_material_storage",
|
||
"mark_readback_accepted_without_reviewer_record",
|
||
"mark_incident_resolved_without_postcheck",
|
||
"hide_cross_project_impact",
|
||
"treat_route_200_as_all_green",
|
||
"treat_break_glass_as_approval",
|
||
"close_management_port_without_owner",
|
||
"open_runtime_gate",
|
||
"add_action_button",
|
||
"production_write",
|
||
"active_scan",
|
||
"provider_switch",
|
||
"prompt_send"
|
||
],
|
||
"boundaries": {
|
||
"action_buttons_allowed": false,
|
||
"active_scan_authorized": false,
|
||
"firewall_change_authorized": false,
|
||
"host_restart_authorized": false,
|
||
"live_firewall_read_authorized": false,
|
||
"network_policy_apply_authorized": false,
|
||
"nodeport_change_authorized": false,
|
||
"not_authorization": true,
|
||
"port_change_authorized": false,
|
||
"port_close_authorized": false,
|
||
"port_open_authorized": false,
|
||
"production_write_authorized": false,
|
||
"prompt_send_authorized": false,
|
||
"provider_switch_authorized": false,
|
||
"route_smoke_authorized": false,
|
||
"runtime_execution_authorized": false,
|
||
"secret_value_collection_allowed": false,
|
||
"ssh_read_authorized": false,
|
||
"ssh_write_authorized": false,
|
||
"wireguard_change_authorized": false
|
||
},
|
||
"generated_at": "2026-06-15T19:16:00+08:00",
|
||
"git_commit": "3d0c3cc8",
|
||
"outcome_lanes": [
|
||
{
|
||
"lane_id": "waiting_post_incident_readback",
|
||
"meaning": "尚未收到事故回讀包;所有 accepted / runtime count 維持 0。"
|
||
},
|
||
{
|
||
"lane_id": "request_actor_supplement",
|
||
"meaning": "缺 actor / owner / decision 時要求補件。"
|
||
},
|
||
{
|
||
"lane_id": "request_before_after_supplement",
|
||
"meaning": "缺 before / after 或 restoration evidence 時要求補件。"
|
||
},
|
||
{
|
||
"lane_id": "request_health_impact_supplement",
|
||
"meaning": "缺 service / AI provider / monitoring / product impact 時要求補件。"
|
||
},
|
||
{
|
||
"lane_id": "quarantine_raw_payload",
|
||
"meaning": "收到 raw firewall dump、secret 或 key material 時只能隔離。"
|
||
},
|
||
{
|
||
"lane_id": "reject_unattributed_incident",
|
||
"meaning": "無 actor、無 affected scope、無 rollback 或無 notification 的事故回讀不得驗收。"
|
||
},
|
||
{
|
||
"lane_id": "ready_for_post_incident_review",
|
||
"meaning": "metadata 合格後,只能進 reviewer review。"
|
||
},
|
||
{
|
||
"lane_id": "incident_readback_only_update",
|
||
"meaning": "只允許更新只讀 ledger,不得反向視為已批准操作。"
|
||
},
|
||
{
|
||
"lane_id": "recurrence_guard_backfill_required",
|
||
"meaning": "需補防再發 guard、owner review 與 change freeze。"
|
||
},
|
||
{
|
||
"lane_id": "waiting_runtime_gate",
|
||
"meaning": "即使 readback accepted,runtime gate 仍需獨立人工批准。"
|
||
}
|
||
],
|
||
"readback_candidates": [
|
||
{
|
||
"action_buttons_allowed": false,
|
||
"active_scan_authorized": false,
|
||
"actor_attribution_accepted": false,
|
||
"actor_attribution_ref": null,
|
||
"affected_port_or_policy_ref": null,
|
||
"after_state_ref": null,
|
||
"ai_provider_impact_accepted": false,
|
||
"ai_provider_impact_ref": null,
|
||
"before_after_state_accepted": false,
|
||
"before_state_ref": null,
|
||
"blocked_actions": [
|
||
"ssh_read",
|
||
"ssh_write",
|
||
"live_firewall_read",
|
||
"firewall_change",
|
||
"port_change",
|
||
"port_close",
|
||
"port_open",
|
||
"network_policy_apply",
|
||
"nodeport_change",
|
||
"wireguard_change",
|
||
"sudo_action",
|
||
"deploy_ssh_action",
|
||
"route_smoke",
|
||
"public_gateway_reload",
|
||
"nginx_reload",
|
||
"host_restart",
|
||
"docker_restart",
|
||
"systemd_restart",
|
||
"secret_value_collection",
|
||
"ssh_key_collection",
|
||
"raw_firewall_dump_storage",
|
||
"raw_key_material_storage",
|
||
"mark_readback_accepted_without_reviewer_record",
|
||
"mark_incident_resolved_without_postcheck",
|
||
"hide_cross_project_impact",
|
||
"treat_route_200_as_all_green",
|
||
"treat_break_glass_as_approval",
|
||
"close_management_port_without_owner",
|
||
"open_runtime_gate",
|
||
"add_action_button",
|
||
"production_write",
|
||
"active_scan",
|
||
"provider_switch",
|
||
"prompt_send"
|
||
],
|
||
"change_or_incident_ref": null,
|
||
"change_window_ref": null,
|
||
"config_kind": "ssh_target_inventory",
|
||
"control_tier": "C1",
|
||
"cross_project_sync_accepted": false,
|
||
"cross_project_sync_ref": null,
|
||
"customer_or_product_impact_ref": null,
|
||
"expected_scope": "110_111_112_120_121_188",
|
||
"firewall_change_authorized": false,
|
||
"followup_owner": "pending_post_incident_readback",
|
||
"host_restart_authorized": false,
|
||
"incident_detected_at_ref": null,
|
||
"live_firewall_read_authorized": false,
|
||
"maintenance_window": "pending_post_incident_readback",
|
||
"maintenance_window_accepted": false,
|
||
"monitoring_alert_impact_accepted": false,
|
||
"monitoring_alert_impact_ref": null,
|
||
"network_policy_apply_authorized": false,
|
||
"no_false_green_accepted": false,
|
||
"nodeport_change_authorized": false,
|
||
"not_approval": true,
|
||
"operator_notification_accepted": false,
|
||
"operator_notification_ref": null,
|
||
"outcome_lanes": [
|
||
"waiting_post_incident_readback",
|
||
"request_actor_supplement",
|
||
"request_before_after_supplement",
|
||
"request_health_impact_supplement",
|
||
"quarantine_raw_payload",
|
||
"reject_unattributed_incident",
|
||
"ready_for_post_incident_review",
|
||
"incident_readback_only_update",
|
||
"recurrence_guard_backfill_required",
|
||
"waiting_runtime_gate"
|
||
],
|
||
"policy_or_exposure_surface": false,
|
||
"port_change_authorized": false,
|
||
"port_close_authorized": false,
|
||
"port_open_authorized": false,
|
||
"post_incident_readback_accepted": false,
|
||
"post_incident_readback_received": false,
|
||
"postcheck_readback_accepted": false,
|
||
"postcheck_readback_ref": null,
|
||
"production_write_authorized": false,
|
||
"prompt_send_authorized": false,
|
||
"provider_switch_authorized": false,
|
||
"public_route_impact_accepted": false,
|
||
"public_route_impact_ref": null,
|
||
"readback_candidate_id": "ssh_network_post_incident_readback:ansible_inventory_ssh_targets",
|
||
"readback_fields": [
|
||
"readback_candidate_id",
|
||
"source_change_evidence_candidate_id",
|
||
"surface_id",
|
||
"config_kind",
|
||
"control_tier",
|
||
"expected_scope",
|
||
"write_capable_surface",
|
||
"policy_or_exposure_surface",
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"reviewer_outcome",
|
||
"followup_owner",
|
||
"not_approval"
|
||
],
|
||
"recurrence_guard_accepted": false,
|
||
"recurrence_guard_ref": null,
|
||
"required_readback_fields": [
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"followup_owner",
|
||
"redacted_evidence_refs",
|
||
"no_secret_value_attestation",
|
||
"no_raw_firewall_dump_attestation",
|
||
"no_false_green_attestation"
|
||
],
|
||
"restoration_evidence_accepted": false,
|
||
"restoration_evidence_ref": null,
|
||
"reviewer_checks": [
|
||
"source_change_evidence_current",
|
||
"incident_ref_present",
|
||
"actor_not_anonymous",
|
||
"before_after_state_present",
|
||
"port_policy_redacted",
|
||
"service_dependency_present",
|
||
"public_route_impact_present",
|
||
"ai_provider_impact_present",
|
||
"monitoring_alert_impact_present",
|
||
"customer_product_impact_present",
|
||
"operator_notification_present",
|
||
"cross_project_sync_present",
|
||
"restoration_evidence_present",
|
||
"postcheck_independent",
|
||
"recurrence_guard_present",
|
||
"emergency_classification_present",
|
||
"maintenance_window_present",
|
||
"rollback_owner_present",
|
||
"no_false_green_route_200",
|
||
"raw_firewall_dump_absent",
|
||
"secret_or_key_value_absent",
|
||
"hidden_impact_absent",
|
||
"counts_transition_safe",
|
||
"runtime_stays_zero"
|
||
],
|
||
"reviewer_outcome": "waiting_post_incident_readback",
|
||
"rollback_owner": "pending_post_incident_readback",
|
||
"rollback_owner_accepted": false,
|
||
"route_smoke_authorized": false,
|
||
"runtime_gate": false,
|
||
"secret_value_collection_allowed": false,
|
||
"service_dependency_accepted": false,
|
||
"service_dependency_ref": null,
|
||
"source_change_evidence_candidate_id": "port_firewall_change_evidence:ansible_inventory_ssh_targets",
|
||
"ssh_read_authorized": false,
|
||
"ssh_write_authorized": false,
|
||
"status": "waiting_post_incident_readback",
|
||
"surface_id": "ansible_inventory_ssh_targets",
|
||
"wireguard_change_authorized": false,
|
||
"write_capable_surface": false
|
||
},
|
||
{
|
||
"action_buttons_allowed": false,
|
||
"active_scan_authorized": false,
|
||
"actor_attribution_accepted": false,
|
||
"actor_attribution_ref": null,
|
||
"affected_port_or_policy_ref": null,
|
||
"after_state_ref": null,
|
||
"ai_provider_impact_accepted": false,
|
||
"ai_provider_impact_ref": null,
|
||
"before_after_state_accepted": false,
|
||
"before_state_ref": null,
|
||
"blocked_actions": [
|
||
"ssh_read",
|
||
"ssh_write",
|
||
"live_firewall_read",
|
||
"firewall_change",
|
||
"port_change",
|
||
"port_close",
|
||
"port_open",
|
||
"network_policy_apply",
|
||
"nodeport_change",
|
||
"wireguard_change",
|
||
"sudo_action",
|
||
"deploy_ssh_action",
|
||
"route_smoke",
|
||
"public_gateway_reload",
|
||
"nginx_reload",
|
||
"host_restart",
|
||
"docker_restart",
|
||
"systemd_restart",
|
||
"secret_value_collection",
|
||
"ssh_key_collection",
|
||
"raw_firewall_dump_storage",
|
||
"raw_key_material_storage",
|
||
"mark_readback_accepted_without_reviewer_record",
|
||
"mark_incident_resolved_without_postcheck",
|
||
"hide_cross_project_impact",
|
||
"treat_route_200_as_all_green",
|
||
"treat_break_glass_as_approval",
|
||
"close_management_port_without_owner",
|
||
"open_runtime_gate",
|
||
"add_action_button",
|
||
"production_write",
|
||
"active_scan",
|
||
"provider_switch",
|
||
"prompt_send"
|
||
],
|
||
"change_or_incident_ref": null,
|
||
"change_window_ref": null,
|
||
"config_kind": "ci_deploy_ssh",
|
||
"control_tier": "C1",
|
||
"cross_project_sync_accepted": false,
|
||
"cross_project_sync_ref": null,
|
||
"customer_or_product_impact_ref": null,
|
||
"expected_scope": "k8s_ssh_host",
|
||
"firewall_change_authorized": false,
|
||
"followup_owner": "pending_post_incident_readback",
|
||
"host_restart_authorized": false,
|
||
"incident_detected_at_ref": null,
|
||
"live_firewall_read_authorized": false,
|
||
"maintenance_window": "pending_post_incident_readback",
|
||
"maintenance_window_accepted": false,
|
||
"monitoring_alert_impact_accepted": false,
|
||
"monitoring_alert_impact_ref": null,
|
||
"network_policy_apply_authorized": false,
|
||
"no_false_green_accepted": false,
|
||
"nodeport_change_authorized": false,
|
||
"not_approval": true,
|
||
"operator_notification_accepted": false,
|
||
"operator_notification_ref": null,
|
||
"outcome_lanes": [
|
||
"waiting_post_incident_readback",
|
||
"request_actor_supplement",
|
||
"request_before_after_supplement",
|
||
"request_health_impact_supplement",
|
||
"quarantine_raw_payload",
|
||
"reject_unattributed_incident",
|
||
"ready_for_post_incident_review",
|
||
"incident_readback_only_update",
|
||
"recurrence_guard_backfill_required",
|
||
"waiting_runtime_gate"
|
||
],
|
||
"policy_or_exposure_surface": false,
|
||
"port_change_authorized": false,
|
||
"port_close_authorized": false,
|
||
"port_open_authorized": false,
|
||
"post_incident_readback_accepted": false,
|
||
"post_incident_readback_received": false,
|
||
"postcheck_readback_accepted": false,
|
||
"postcheck_readback_ref": null,
|
||
"production_write_authorized": false,
|
||
"prompt_send_authorized": false,
|
||
"provider_switch_authorized": false,
|
||
"public_route_impact_accepted": false,
|
||
"public_route_impact_ref": null,
|
||
"readback_candidate_id": "ssh_network_post_incident_readback:gitea_cd_deploy_ssh",
|
||
"readback_fields": [
|
||
"readback_candidate_id",
|
||
"source_change_evidence_candidate_id",
|
||
"surface_id",
|
||
"config_kind",
|
||
"control_tier",
|
||
"expected_scope",
|
||
"write_capable_surface",
|
||
"policy_or_exposure_surface",
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"reviewer_outcome",
|
||
"followup_owner",
|
||
"not_approval"
|
||
],
|
||
"recurrence_guard_accepted": false,
|
||
"recurrence_guard_ref": null,
|
||
"required_readback_fields": [
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"followup_owner",
|
||
"redacted_evidence_refs",
|
||
"no_secret_value_attestation",
|
||
"no_raw_firewall_dump_attestation",
|
||
"no_false_green_attestation"
|
||
],
|
||
"restoration_evidence_accepted": false,
|
||
"restoration_evidence_ref": null,
|
||
"reviewer_checks": [
|
||
"source_change_evidence_current",
|
||
"incident_ref_present",
|
||
"actor_not_anonymous",
|
||
"before_after_state_present",
|
||
"port_policy_redacted",
|
||
"service_dependency_present",
|
||
"public_route_impact_present",
|
||
"ai_provider_impact_present",
|
||
"monitoring_alert_impact_present",
|
||
"customer_product_impact_present",
|
||
"operator_notification_present",
|
||
"cross_project_sync_present",
|
||
"restoration_evidence_present",
|
||
"postcheck_independent",
|
||
"recurrence_guard_present",
|
||
"emergency_classification_present",
|
||
"maintenance_window_present",
|
||
"rollback_owner_present",
|
||
"no_false_green_route_200",
|
||
"raw_firewall_dump_absent",
|
||
"secret_or_key_value_absent",
|
||
"hidden_impact_absent",
|
||
"counts_transition_safe",
|
||
"runtime_stays_zero"
|
||
],
|
||
"reviewer_outcome": "waiting_post_incident_readback",
|
||
"rollback_owner": "pending_post_incident_readback",
|
||
"rollback_owner_accepted": false,
|
||
"route_smoke_authorized": false,
|
||
"runtime_gate": false,
|
||
"secret_value_collection_allowed": false,
|
||
"service_dependency_accepted": false,
|
||
"service_dependency_ref": null,
|
||
"source_change_evidence_candidate_id": "port_firewall_change_evidence:gitea_cd_deploy_ssh",
|
||
"ssh_read_authorized": false,
|
||
"ssh_write_authorized": false,
|
||
"status": "waiting_post_incident_readback",
|
||
"surface_id": "gitea_cd_deploy_ssh",
|
||
"wireguard_change_authorized": false,
|
||
"write_capable_surface": true
|
||
},
|
||
{
|
||
"action_buttons_allowed": false,
|
||
"active_scan_authorized": false,
|
||
"actor_attribution_accepted": false,
|
||
"actor_attribution_ref": null,
|
||
"affected_port_or_policy_ref": null,
|
||
"after_state_ref": null,
|
||
"ai_provider_impact_accepted": false,
|
||
"ai_provider_impact_ref": null,
|
||
"before_after_state_accepted": false,
|
||
"before_state_ref": null,
|
||
"blocked_actions": [
|
||
"ssh_read",
|
||
"ssh_write",
|
||
"live_firewall_read",
|
||
"firewall_change",
|
||
"port_change",
|
||
"port_close",
|
||
"port_open",
|
||
"network_policy_apply",
|
||
"nodeport_change",
|
||
"wireguard_change",
|
||
"sudo_action",
|
||
"deploy_ssh_action",
|
||
"route_smoke",
|
||
"public_gateway_reload",
|
||
"nginx_reload",
|
||
"host_restart",
|
||
"docker_restart",
|
||
"systemd_restart",
|
||
"secret_value_collection",
|
||
"ssh_key_collection",
|
||
"raw_firewall_dump_storage",
|
||
"raw_key_material_storage",
|
||
"mark_readback_accepted_without_reviewer_record",
|
||
"mark_incident_resolved_without_postcheck",
|
||
"hide_cross_project_impact",
|
||
"treat_route_200_as_all_green",
|
||
"treat_break_glass_as_approval",
|
||
"close_management_port_without_owner",
|
||
"open_runtime_gate",
|
||
"add_action_button",
|
||
"production_write",
|
||
"active_scan",
|
||
"provider_switch",
|
||
"prompt_send"
|
||
],
|
||
"change_or_incident_ref": null,
|
||
"change_window_ref": null,
|
||
"config_kind": "ci_deploy_ssh",
|
||
"control_tier": "C1",
|
||
"cross_project_sync_accepted": false,
|
||
"cross_project_sync_ref": null,
|
||
"customer_or_product_impact_ref": null,
|
||
"expected_scope": "192.168.0.120",
|
||
"firewall_change_authorized": false,
|
||
"followup_owner": "pending_post_incident_readback",
|
||
"host_restart_authorized": false,
|
||
"incident_detected_at_ref": null,
|
||
"live_firewall_read_authorized": false,
|
||
"maintenance_window": "pending_post_incident_readback",
|
||
"maintenance_window_accepted": false,
|
||
"monitoring_alert_impact_accepted": false,
|
||
"monitoring_alert_impact_ref": null,
|
||
"network_policy_apply_authorized": false,
|
||
"no_false_green_accepted": false,
|
||
"nodeport_change_authorized": false,
|
||
"not_approval": true,
|
||
"operator_notification_accepted": false,
|
||
"operator_notification_ref": null,
|
||
"outcome_lanes": [
|
||
"waiting_post_incident_readback",
|
||
"request_actor_supplement",
|
||
"request_before_after_supplement",
|
||
"request_health_impact_supplement",
|
||
"quarantine_raw_payload",
|
||
"reject_unattributed_incident",
|
||
"ready_for_post_incident_review",
|
||
"incident_readback_only_update",
|
||
"recurrence_guard_backfill_required",
|
||
"waiting_runtime_gate"
|
||
],
|
||
"policy_or_exposure_surface": false,
|
||
"port_change_authorized": false,
|
||
"port_close_authorized": false,
|
||
"port_open_authorized": false,
|
||
"post_incident_readback_accepted": false,
|
||
"post_incident_readback_received": false,
|
||
"postcheck_readback_accepted": false,
|
||
"postcheck_readback_ref": null,
|
||
"production_write_authorized": false,
|
||
"prompt_send_authorized": false,
|
||
"provider_switch_authorized": false,
|
||
"public_route_impact_accepted": false,
|
||
"public_route_impact_ref": null,
|
||
"readback_candidate_id": "ssh_network_post_incident_readback:gitea_cd_dev_ssh",
|
||
"readback_fields": [
|
||
"readback_candidate_id",
|
||
"source_change_evidence_candidate_id",
|
||
"surface_id",
|
||
"config_kind",
|
||
"control_tier",
|
||
"expected_scope",
|
||
"write_capable_surface",
|
||
"policy_or_exposure_surface",
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"reviewer_outcome",
|
||
"followup_owner",
|
||
"not_approval"
|
||
],
|
||
"recurrence_guard_accepted": false,
|
||
"recurrence_guard_ref": null,
|
||
"required_readback_fields": [
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"followup_owner",
|
||
"redacted_evidence_refs",
|
||
"no_secret_value_attestation",
|
||
"no_raw_firewall_dump_attestation",
|
||
"no_false_green_attestation"
|
||
],
|
||
"restoration_evidence_accepted": false,
|
||
"restoration_evidence_ref": null,
|
||
"reviewer_checks": [
|
||
"source_change_evidence_current",
|
||
"incident_ref_present",
|
||
"actor_not_anonymous",
|
||
"before_after_state_present",
|
||
"port_policy_redacted",
|
||
"service_dependency_present",
|
||
"public_route_impact_present",
|
||
"ai_provider_impact_present",
|
||
"monitoring_alert_impact_present",
|
||
"customer_product_impact_present",
|
||
"operator_notification_present",
|
||
"cross_project_sync_present",
|
||
"restoration_evidence_present",
|
||
"postcheck_independent",
|
||
"recurrence_guard_present",
|
||
"emergency_classification_present",
|
||
"maintenance_window_present",
|
||
"rollback_owner_present",
|
||
"no_false_green_route_200",
|
||
"raw_firewall_dump_absent",
|
||
"secret_or_key_value_absent",
|
||
"hidden_impact_absent",
|
||
"counts_transition_safe",
|
||
"runtime_stays_zero"
|
||
],
|
||
"reviewer_outcome": "waiting_post_incident_readback",
|
||
"rollback_owner": "pending_post_incident_readback",
|
||
"rollback_owner_accepted": false,
|
||
"route_smoke_authorized": false,
|
||
"runtime_gate": false,
|
||
"secret_value_collection_allowed": false,
|
||
"service_dependency_accepted": false,
|
||
"service_dependency_ref": null,
|
||
"source_change_evidence_candidate_id": "port_firewall_change_evidence:gitea_cd_dev_ssh",
|
||
"ssh_read_authorized": false,
|
||
"ssh_write_authorized": false,
|
||
"status": "waiting_post_incident_readback",
|
||
"surface_id": "gitea_cd_dev_ssh",
|
||
"wireguard_change_authorized": false,
|
||
"write_capable_surface": true
|
||
},
|
||
{
|
||
"action_buttons_allowed": false,
|
||
"active_scan_authorized": false,
|
||
"actor_attribution_accepted": false,
|
||
"actor_attribution_ref": null,
|
||
"affected_port_or_policy_ref": null,
|
||
"after_state_ref": null,
|
||
"ai_provider_impact_accepted": false,
|
||
"ai_provider_impact_ref": null,
|
||
"before_after_state_accepted": false,
|
||
"before_state_ref": null,
|
||
"blocked_actions": [
|
||
"ssh_read",
|
||
"ssh_write",
|
||
"live_firewall_read",
|
||
"firewall_change",
|
||
"port_change",
|
||
"port_close",
|
||
"port_open",
|
||
"network_policy_apply",
|
||
"nodeport_change",
|
||
"wireguard_change",
|
||
"sudo_action",
|
||
"deploy_ssh_action",
|
||
"route_smoke",
|
||
"public_gateway_reload",
|
||
"nginx_reload",
|
||
"host_restart",
|
||
"docker_restart",
|
||
"systemd_restart",
|
||
"secret_value_collection",
|
||
"ssh_key_collection",
|
||
"raw_firewall_dump_storage",
|
||
"raw_key_material_storage",
|
||
"mark_readback_accepted_without_reviewer_record",
|
||
"mark_incident_resolved_without_postcheck",
|
||
"hide_cross_project_impact",
|
||
"treat_route_200_as_all_green",
|
||
"treat_break_glass_as_approval",
|
||
"close_management_port_without_owner",
|
||
"open_runtime_gate",
|
||
"add_action_button",
|
||
"production_write",
|
||
"active_scan",
|
||
"provider_switch",
|
||
"prompt_send"
|
||
],
|
||
"change_or_incident_ref": null,
|
||
"change_window_ref": null,
|
||
"config_kind": "ci_deploy_ssh",
|
||
"control_tier": "C1",
|
||
"cross_project_sync_accepted": false,
|
||
"cross_project_sync_ref": null,
|
||
"customer_or_product_impact_ref": null,
|
||
"expected_scope": "192.168.0.110",
|
||
"firewall_change_authorized": false,
|
||
"followup_owner": "pending_post_incident_readback",
|
||
"host_restart_authorized": false,
|
||
"incident_detected_at_ref": null,
|
||
"live_firewall_read_authorized": false,
|
||
"maintenance_window": "pending_post_incident_readback",
|
||
"maintenance_window_accepted": false,
|
||
"monitoring_alert_impact_accepted": false,
|
||
"monitoring_alert_impact_ref": null,
|
||
"network_policy_apply_authorized": false,
|
||
"no_false_green_accepted": false,
|
||
"nodeport_change_authorized": false,
|
||
"not_approval": true,
|
||
"operator_notification_accepted": false,
|
||
"operator_notification_ref": null,
|
||
"outcome_lanes": [
|
||
"waiting_post_incident_readback",
|
||
"request_actor_supplement",
|
||
"request_before_after_supplement",
|
||
"request_health_impact_supplement",
|
||
"quarantine_raw_payload",
|
||
"reject_unattributed_incident",
|
||
"ready_for_post_incident_review",
|
||
"incident_readback_only_update",
|
||
"recurrence_guard_backfill_required",
|
||
"waiting_runtime_gate"
|
||
],
|
||
"policy_or_exposure_surface": false,
|
||
"port_change_authorized": false,
|
||
"port_close_authorized": false,
|
||
"port_open_authorized": false,
|
||
"post_incident_readback_accepted": false,
|
||
"post_incident_readback_received": false,
|
||
"postcheck_readback_accepted": false,
|
||
"postcheck_readback_ref": null,
|
||
"production_write_authorized": false,
|
||
"prompt_send_authorized": false,
|
||
"provider_switch_authorized": false,
|
||
"public_route_impact_accepted": false,
|
||
"public_route_impact_ref": null,
|
||
"readback_candidate_id": "ssh_network_post_incident_readback:deploy_alerts_ssh_path",
|
||
"readback_fields": [
|
||
"readback_candidate_id",
|
||
"source_change_evidence_candidate_id",
|
||
"surface_id",
|
||
"config_kind",
|
||
"control_tier",
|
||
"expected_scope",
|
||
"write_capable_surface",
|
||
"policy_or_exposure_surface",
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"reviewer_outcome",
|
||
"followup_owner",
|
||
"not_approval"
|
||
],
|
||
"recurrence_guard_accepted": false,
|
||
"recurrence_guard_ref": null,
|
||
"required_readback_fields": [
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"followup_owner",
|
||
"redacted_evidence_refs",
|
||
"no_secret_value_attestation",
|
||
"no_raw_firewall_dump_attestation",
|
||
"no_false_green_attestation"
|
||
],
|
||
"restoration_evidence_accepted": false,
|
||
"restoration_evidence_ref": null,
|
||
"reviewer_checks": [
|
||
"source_change_evidence_current",
|
||
"incident_ref_present",
|
||
"actor_not_anonymous",
|
||
"before_after_state_present",
|
||
"port_policy_redacted",
|
||
"service_dependency_present",
|
||
"public_route_impact_present",
|
||
"ai_provider_impact_present",
|
||
"monitoring_alert_impact_present",
|
||
"customer_product_impact_present",
|
||
"operator_notification_present",
|
||
"cross_project_sync_present",
|
||
"restoration_evidence_present",
|
||
"postcheck_independent",
|
||
"recurrence_guard_present",
|
||
"emergency_classification_present",
|
||
"maintenance_window_present",
|
||
"rollback_owner_present",
|
||
"no_false_green_route_200",
|
||
"raw_firewall_dump_absent",
|
||
"secret_or_key_value_absent",
|
||
"hidden_impact_absent",
|
||
"counts_transition_safe",
|
||
"runtime_stays_zero"
|
||
],
|
||
"reviewer_outcome": "waiting_post_incident_readback",
|
||
"rollback_owner": "pending_post_incident_readback",
|
||
"rollback_owner_accepted": false,
|
||
"route_smoke_authorized": false,
|
||
"runtime_gate": false,
|
||
"secret_value_collection_allowed": false,
|
||
"service_dependency_accepted": false,
|
||
"service_dependency_ref": null,
|
||
"source_change_evidence_candidate_id": "port_firewall_change_evidence:deploy_alerts_ssh_path",
|
||
"ssh_read_authorized": false,
|
||
"ssh_write_authorized": false,
|
||
"status": "waiting_post_incident_readback",
|
||
"surface_id": "deploy_alerts_ssh_path",
|
||
"wireguard_change_authorized": false,
|
||
"write_capable_surface": true
|
||
},
|
||
{
|
||
"action_buttons_allowed": false,
|
||
"active_scan_authorized": false,
|
||
"actor_attribution_accepted": false,
|
||
"actor_attribution_ref": null,
|
||
"affected_port_or_policy_ref": null,
|
||
"after_state_ref": null,
|
||
"ai_provider_impact_accepted": false,
|
||
"ai_provider_impact_ref": null,
|
||
"before_after_state_accepted": false,
|
||
"before_state_ref": null,
|
||
"blocked_actions": [
|
||
"ssh_read",
|
||
"ssh_write",
|
||
"live_firewall_read",
|
||
"firewall_change",
|
||
"port_change",
|
||
"port_close",
|
||
"port_open",
|
||
"network_policy_apply",
|
||
"nodeport_change",
|
||
"wireguard_change",
|
||
"sudo_action",
|
||
"deploy_ssh_action",
|
||
"route_smoke",
|
||
"public_gateway_reload",
|
||
"nginx_reload",
|
||
"host_restart",
|
||
"docker_restart",
|
||
"systemd_restart",
|
||
"secret_value_collection",
|
||
"ssh_key_collection",
|
||
"raw_firewall_dump_storage",
|
||
"raw_key_material_storage",
|
||
"mark_readback_accepted_without_reviewer_record",
|
||
"mark_incident_resolved_without_postcheck",
|
||
"hide_cross_project_impact",
|
||
"treat_route_200_as_all_green",
|
||
"treat_break_glass_as_approval",
|
||
"close_management_port_without_owner",
|
||
"open_runtime_gate",
|
||
"add_action_button",
|
||
"production_write",
|
||
"active_scan",
|
||
"provider_switch",
|
||
"prompt_send"
|
||
],
|
||
"change_or_incident_ref": null,
|
||
"change_window_ref": null,
|
||
"config_kind": "ssh_discovery_script",
|
||
"control_tier": "C1",
|
||
"cross_project_sync_accepted": false,
|
||
"cross_project_sync_ref": null,
|
||
"customer_or_product_impact_ref": null,
|
||
"expected_scope": "110_188_docker_hosts",
|
||
"firewall_change_authorized": false,
|
||
"followup_owner": "pending_post_incident_readback",
|
||
"host_restart_authorized": false,
|
||
"incident_detected_at_ref": null,
|
||
"live_firewall_read_authorized": false,
|
||
"maintenance_window": "pending_post_incident_readback",
|
||
"maintenance_window_accepted": false,
|
||
"monitoring_alert_impact_accepted": false,
|
||
"monitoring_alert_impact_ref": null,
|
||
"network_policy_apply_authorized": false,
|
||
"no_false_green_accepted": false,
|
||
"nodeport_change_authorized": false,
|
||
"not_approval": true,
|
||
"operator_notification_accepted": false,
|
||
"operator_notification_ref": null,
|
||
"outcome_lanes": [
|
||
"waiting_post_incident_readback",
|
||
"request_actor_supplement",
|
||
"request_before_after_supplement",
|
||
"request_health_impact_supplement",
|
||
"quarantine_raw_payload",
|
||
"reject_unattributed_incident",
|
||
"ready_for_post_incident_review",
|
||
"incident_readback_only_update",
|
||
"recurrence_guard_backfill_required",
|
||
"waiting_runtime_gate"
|
||
],
|
||
"policy_or_exposure_surface": false,
|
||
"port_change_authorized": false,
|
||
"port_close_authorized": false,
|
||
"port_open_authorized": false,
|
||
"post_incident_readback_accepted": false,
|
||
"post_incident_readback_received": false,
|
||
"postcheck_readback_accepted": false,
|
||
"postcheck_readback_ref": null,
|
||
"production_write_authorized": false,
|
||
"prompt_send_authorized": false,
|
||
"provider_switch_authorized": false,
|
||
"public_route_impact_accepted": false,
|
||
"public_route_impact_ref": null,
|
||
"readback_candidate_id": "ssh_network_post_incident_readback:monitoring_discover_docker_ssh",
|
||
"readback_fields": [
|
||
"readback_candidate_id",
|
||
"source_change_evidence_candidate_id",
|
||
"surface_id",
|
||
"config_kind",
|
||
"control_tier",
|
||
"expected_scope",
|
||
"write_capable_surface",
|
||
"policy_or_exposure_surface",
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"reviewer_outcome",
|
||
"followup_owner",
|
||
"not_approval"
|
||
],
|
||
"recurrence_guard_accepted": false,
|
||
"recurrence_guard_ref": null,
|
||
"required_readback_fields": [
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"followup_owner",
|
||
"redacted_evidence_refs",
|
||
"no_secret_value_attestation",
|
||
"no_raw_firewall_dump_attestation",
|
||
"no_false_green_attestation"
|
||
],
|
||
"restoration_evidence_accepted": false,
|
||
"restoration_evidence_ref": null,
|
||
"reviewer_checks": [
|
||
"source_change_evidence_current",
|
||
"incident_ref_present",
|
||
"actor_not_anonymous",
|
||
"before_after_state_present",
|
||
"port_policy_redacted",
|
||
"service_dependency_present",
|
||
"public_route_impact_present",
|
||
"ai_provider_impact_present",
|
||
"monitoring_alert_impact_present",
|
||
"customer_product_impact_present",
|
||
"operator_notification_present",
|
||
"cross_project_sync_present",
|
||
"restoration_evidence_present",
|
||
"postcheck_independent",
|
||
"recurrence_guard_present",
|
||
"emergency_classification_present",
|
||
"maintenance_window_present",
|
||
"rollback_owner_present",
|
||
"no_false_green_route_200",
|
||
"raw_firewall_dump_absent",
|
||
"secret_or_key_value_absent",
|
||
"hidden_impact_absent",
|
||
"counts_transition_safe",
|
||
"runtime_stays_zero"
|
||
],
|
||
"reviewer_outcome": "waiting_post_incident_readback",
|
||
"rollback_owner": "pending_post_incident_readback",
|
||
"rollback_owner_accepted": false,
|
||
"route_smoke_authorized": false,
|
||
"runtime_gate": false,
|
||
"secret_value_collection_allowed": false,
|
||
"service_dependency_accepted": false,
|
||
"service_dependency_ref": null,
|
||
"source_change_evidence_candidate_id": "port_firewall_change_evidence:monitoring_discover_docker_ssh",
|
||
"ssh_read_authorized": false,
|
||
"ssh_write_authorized": false,
|
||
"status": "waiting_post_incident_readback",
|
||
"surface_id": "monitoring_discover_docker_ssh",
|
||
"wireguard_change_authorized": false,
|
||
"write_capable_surface": false
|
||
},
|
||
{
|
||
"action_buttons_allowed": false,
|
||
"active_scan_authorized": false,
|
||
"actor_attribution_accepted": false,
|
||
"actor_attribution_ref": null,
|
||
"affected_port_or_policy_ref": null,
|
||
"after_state_ref": null,
|
||
"ai_provider_impact_accepted": false,
|
||
"ai_provider_impact_ref": null,
|
||
"before_after_state_accepted": false,
|
||
"before_state_ref": null,
|
||
"blocked_actions": [
|
||
"ssh_read",
|
||
"ssh_write",
|
||
"live_firewall_read",
|
||
"firewall_change",
|
||
"port_change",
|
||
"port_close",
|
||
"port_open",
|
||
"network_policy_apply",
|
||
"nodeport_change",
|
||
"wireguard_change",
|
||
"sudo_action",
|
||
"deploy_ssh_action",
|
||
"route_smoke",
|
||
"public_gateway_reload",
|
||
"nginx_reload",
|
||
"host_restart",
|
||
"docker_restart",
|
||
"systemd_restart",
|
||
"secret_value_collection",
|
||
"ssh_key_collection",
|
||
"raw_firewall_dump_storage",
|
||
"raw_key_material_storage",
|
||
"mark_readback_accepted_without_reviewer_record",
|
||
"mark_incident_resolved_without_postcheck",
|
||
"hide_cross_project_impact",
|
||
"treat_route_200_as_all_green",
|
||
"treat_break_glass_as_approval",
|
||
"close_management_port_without_owner",
|
||
"open_runtime_gate",
|
||
"add_action_button",
|
||
"production_write",
|
||
"active_scan",
|
||
"provider_switch",
|
||
"prompt_send"
|
||
],
|
||
"change_or_incident_ref": null,
|
||
"change_window_ref": null,
|
||
"config_kind": "monitoring_ssh_deploy_script",
|
||
"control_tier": "C1",
|
||
"cross_project_sync_accepted": false,
|
||
"cross_project_sync_ref": null,
|
||
"customer_or_product_impact_ref": null,
|
||
"expected_scope": "192.168.0.188",
|
||
"firewall_change_authorized": false,
|
||
"followup_owner": "pending_post_incident_readback",
|
||
"host_restart_authorized": false,
|
||
"incident_detected_at_ref": null,
|
||
"live_firewall_read_authorized": false,
|
||
"maintenance_window": "pending_post_incident_readback",
|
||
"maintenance_window_accepted": false,
|
||
"monitoring_alert_impact_accepted": false,
|
||
"monitoring_alert_impact_ref": null,
|
||
"network_policy_apply_authorized": false,
|
||
"no_false_green_accepted": false,
|
||
"nodeport_change_authorized": false,
|
||
"not_approval": true,
|
||
"operator_notification_accepted": false,
|
||
"operator_notification_ref": null,
|
||
"outcome_lanes": [
|
||
"waiting_post_incident_readback",
|
||
"request_actor_supplement",
|
||
"request_before_after_supplement",
|
||
"request_health_impact_supplement",
|
||
"quarantine_raw_payload",
|
||
"reject_unattributed_incident",
|
||
"ready_for_post_incident_review",
|
||
"incident_readback_only_update",
|
||
"recurrence_guard_backfill_required",
|
||
"waiting_runtime_gate"
|
||
],
|
||
"policy_or_exposure_surface": false,
|
||
"port_change_authorized": false,
|
||
"port_close_authorized": false,
|
||
"port_open_authorized": false,
|
||
"post_incident_readback_accepted": false,
|
||
"post_incident_readback_received": false,
|
||
"postcheck_readback_accepted": false,
|
||
"postcheck_readback_ref": null,
|
||
"production_write_authorized": false,
|
||
"prompt_send_authorized": false,
|
||
"provider_switch_authorized": false,
|
||
"public_route_impact_accepted": false,
|
||
"public_route_impact_ref": null,
|
||
"readback_candidate_id": "ssh_network_post_incident_readback:monitoring_exporter_deploy_ssh",
|
||
"readback_fields": [
|
||
"readback_candidate_id",
|
||
"source_change_evidence_candidate_id",
|
||
"surface_id",
|
||
"config_kind",
|
||
"control_tier",
|
||
"expected_scope",
|
||
"write_capable_surface",
|
||
"policy_or_exposure_surface",
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"reviewer_outcome",
|
||
"followup_owner",
|
||
"not_approval"
|
||
],
|
||
"recurrence_guard_accepted": false,
|
||
"recurrence_guard_ref": null,
|
||
"required_readback_fields": [
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"followup_owner",
|
||
"redacted_evidence_refs",
|
||
"no_secret_value_attestation",
|
||
"no_raw_firewall_dump_attestation",
|
||
"no_false_green_attestation"
|
||
],
|
||
"restoration_evidence_accepted": false,
|
||
"restoration_evidence_ref": null,
|
||
"reviewer_checks": [
|
||
"source_change_evidence_current",
|
||
"incident_ref_present",
|
||
"actor_not_anonymous",
|
||
"before_after_state_present",
|
||
"port_policy_redacted",
|
||
"service_dependency_present",
|
||
"public_route_impact_present",
|
||
"ai_provider_impact_present",
|
||
"monitoring_alert_impact_present",
|
||
"customer_product_impact_present",
|
||
"operator_notification_present",
|
||
"cross_project_sync_present",
|
||
"restoration_evidence_present",
|
||
"postcheck_independent",
|
||
"recurrence_guard_present",
|
||
"emergency_classification_present",
|
||
"maintenance_window_present",
|
||
"rollback_owner_present",
|
||
"no_false_green_route_200",
|
||
"raw_firewall_dump_absent",
|
||
"secret_or_key_value_absent",
|
||
"hidden_impact_absent",
|
||
"counts_transition_safe",
|
||
"runtime_stays_zero"
|
||
],
|
||
"reviewer_outcome": "waiting_post_incident_readback",
|
||
"rollback_owner": "pending_post_incident_readback",
|
||
"rollback_owner_accepted": false,
|
||
"route_smoke_authorized": false,
|
||
"runtime_gate": false,
|
||
"secret_value_collection_allowed": false,
|
||
"service_dependency_accepted": false,
|
||
"service_dependency_ref": null,
|
||
"source_change_evidence_candidate_id": "port_firewall_change_evidence:monitoring_exporter_deploy_ssh",
|
||
"ssh_read_authorized": false,
|
||
"ssh_write_authorized": false,
|
||
"status": "waiting_post_incident_readback",
|
||
"surface_id": "monitoring_exporter_deploy_ssh",
|
||
"wireguard_change_authorized": false,
|
||
"write_capable_surface": true
|
||
},
|
||
{
|
||
"action_buttons_allowed": false,
|
||
"active_scan_authorized": false,
|
||
"actor_attribution_accepted": false,
|
||
"actor_attribution_ref": null,
|
||
"affected_port_or_policy_ref": null,
|
||
"after_state_ref": null,
|
||
"ai_provider_impact_accepted": false,
|
||
"ai_provider_impact_ref": null,
|
||
"before_after_state_accepted": false,
|
||
"before_state_ref": null,
|
||
"blocked_actions": [
|
||
"ssh_read",
|
||
"ssh_write",
|
||
"live_firewall_read",
|
||
"firewall_change",
|
||
"port_change",
|
||
"port_close",
|
||
"port_open",
|
||
"network_policy_apply",
|
||
"nodeport_change",
|
||
"wireguard_change",
|
||
"sudo_action",
|
||
"deploy_ssh_action",
|
||
"route_smoke",
|
||
"public_gateway_reload",
|
||
"nginx_reload",
|
||
"host_restart",
|
||
"docker_restart",
|
||
"systemd_restart",
|
||
"secret_value_collection",
|
||
"ssh_key_collection",
|
||
"raw_firewall_dump_storage",
|
||
"raw_key_material_storage",
|
||
"mark_readback_accepted_without_reviewer_record",
|
||
"mark_incident_resolved_without_postcheck",
|
||
"hide_cross_project_impact",
|
||
"treat_route_200_as_all_green",
|
||
"treat_break_glass_as_approval",
|
||
"close_management_port_without_owner",
|
||
"open_runtime_gate",
|
||
"add_action_button",
|
||
"production_write",
|
||
"active_scan",
|
||
"provider_switch",
|
||
"prompt_send"
|
||
],
|
||
"change_or_incident_ref": null,
|
||
"change_window_ref": null,
|
||
"config_kind": "ssh_backup_capture",
|
||
"control_tier": "C1",
|
||
"cross_project_sync_accepted": false,
|
||
"cross_project_sync_ref": null,
|
||
"customer_or_product_impact_ref": null,
|
||
"expected_scope": "110_188_120_121_cluster",
|
||
"firewall_change_authorized": false,
|
||
"followup_owner": "pending_post_incident_readback",
|
||
"host_restart_authorized": false,
|
||
"incident_detected_at_ref": null,
|
||
"live_firewall_read_authorized": false,
|
||
"maintenance_window": "pending_post_incident_readback",
|
||
"maintenance_window_accepted": false,
|
||
"monitoring_alert_impact_accepted": false,
|
||
"monitoring_alert_impact_ref": null,
|
||
"network_policy_apply_authorized": false,
|
||
"no_false_green_accepted": false,
|
||
"nodeport_change_authorized": false,
|
||
"not_approval": true,
|
||
"operator_notification_accepted": false,
|
||
"operator_notification_ref": null,
|
||
"outcome_lanes": [
|
||
"waiting_post_incident_readback",
|
||
"request_actor_supplement",
|
||
"request_before_after_supplement",
|
||
"request_health_impact_supplement",
|
||
"quarantine_raw_payload",
|
||
"reject_unattributed_incident",
|
||
"ready_for_post_incident_review",
|
||
"incident_readback_only_update",
|
||
"recurrence_guard_backfill_required",
|
||
"waiting_runtime_gate"
|
||
],
|
||
"policy_or_exposure_surface": false,
|
||
"port_change_authorized": false,
|
||
"port_close_authorized": false,
|
||
"port_open_authorized": false,
|
||
"post_incident_readback_accepted": false,
|
||
"post_incident_readback_received": false,
|
||
"postcheck_readback_accepted": false,
|
||
"postcheck_readback_ref": null,
|
||
"production_write_authorized": false,
|
||
"prompt_send_authorized": false,
|
||
"provider_switch_authorized": false,
|
||
"public_route_impact_accepted": false,
|
||
"public_route_impact_ref": null,
|
||
"readback_candidate_id": "ssh_network_post_incident_readback:backup_config_ssh_capture",
|
||
"readback_fields": [
|
||
"readback_candidate_id",
|
||
"source_change_evidence_candidate_id",
|
||
"surface_id",
|
||
"config_kind",
|
||
"control_tier",
|
||
"expected_scope",
|
||
"write_capable_surface",
|
||
"policy_or_exposure_surface",
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"reviewer_outcome",
|
||
"followup_owner",
|
||
"not_approval"
|
||
],
|
||
"recurrence_guard_accepted": false,
|
||
"recurrence_guard_ref": null,
|
||
"required_readback_fields": [
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"followup_owner",
|
||
"redacted_evidence_refs",
|
||
"no_secret_value_attestation",
|
||
"no_raw_firewall_dump_attestation",
|
||
"no_false_green_attestation"
|
||
],
|
||
"restoration_evidence_accepted": false,
|
||
"restoration_evidence_ref": null,
|
||
"reviewer_checks": [
|
||
"source_change_evidence_current",
|
||
"incident_ref_present",
|
||
"actor_not_anonymous",
|
||
"before_after_state_present",
|
||
"port_policy_redacted",
|
||
"service_dependency_present",
|
||
"public_route_impact_present",
|
||
"ai_provider_impact_present",
|
||
"monitoring_alert_impact_present",
|
||
"customer_product_impact_present",
|
||
"operator_notification_present",
|
||
"cross_project_sync_present",
|
||
"restoration_evidence_present",
|
||
"postcheck_independent",
|
||
"recurrence_guard_present",
|
||
"emergency_classification_present",
|
||
"maintenance_window_present",
|
||
"rollback_owner_present",
|
||
"no_false_green_route_200",
|
||
"raw_firewall_dump_absent",
|
||
"secret_or_key_value_absent",
|
||
"hidden_impact_absent",
|
||
"counts_transition_safe",
|
||
"runtime_stays_zero"
|
||
],
|
||
"reviewer_outcome": "waiting_post_incident_readback",
|
||
"rollback_owner": "pending_post_incident_readback",
|
||
"rollback_owner_accepted": false,
|
||
"route_smoke_authorized": false,
|
||
"runtime_gate": false,
|
||
"secret_value_collection_allowed": false,
|
||
"service_dependency_accepted": false,
|
||
"service_dependency_ref": null,
|
||
"source_change_evidence_candidate_id": "port_firewall_change_evidence:backup_config_ssh_capture",
|
||
"ssh_read_authorized": false,
|
||
"ssh_write_authorized": false,
|
||
"status": "waiting_post_incident_readback",
|
||
"surface_id": "backup_config_ssh_capture",
|
||
"wireguard_change_authorized": false,
|
||
"write_capable_surface": false
|
||
},
|
||
{
|
||
"action_buttons_allowed": false,
|
||
"active_scan_authorized": false,
|
||
"actor_attribution_accepted": false,
|
||
"actor_attribution_ref": null,
|
||
"affected_port_or_policy_ref": null,
|
||
"after_state_ref": null,
|
||
"ai_provider_impact_accepted": false,
|
||
"ai_provider_impact_ref": null,
|
||
"before_after_state_accepted": false,
|
||
"before_state_ref": null,
|
||
"blocked_actions": [
|
||
"ssh_read",
|
||
"ssh_write",
|
||
"live_firewall_read",
|
||
"firewall_change",
|
||
"port_change",
|
||
"port_close",
|
||
"port_open",
|
||
"network_policy_apply",
|
||
"nodeport_change",
|
||
"wireguard_change",
|
||
"sudo_action",
|
||
"deploy_ssh_action",
|
||
"route_smoke",
|
||
"public_gateway_reload",
|
||
"nginx_reload",
|
||
"host_restart",
|
||
"docker_restart",
|
||
"systemd_restart",
|
||
"secret_value_collection",
|
||
"ssh_key_collection",
|
||
"raw_firewall_dump_storage",
|
||
"raw_key_material_storage",
|
||
"mark_readback_accepted_without_reviewer_record",
|
||
"mark_incident_resolved_without_postcheck",
|
||
"hide_cross_project_impact",
|
||
"treat_route_200_as_all_green",
|
||
"treat_break_glass_as_approval",
|
||
"close_management_port_without_owner",
|
||
"open_runtime_gate",
|
||
"add_action_button",
|
||
"production_write",
|
||
"active_scan",
|
||
"provider_switch",
|
||
"prompt_send"
|
||
],
|
||
"change_or_incident_ref": null,
|
||
"change_window_ref": null,
|
||
"config_kind": "sudoers_policy",
|
||
"control_tier": "C1",
|
||
"cross_project_sync_accepted": false,
|
||
"cross_project_sync_ref": null,
|
||
"customer_or_product_impact_ref": null,
|
||
"expected_scope": "host_ops_minimal_sudo",
|
||
"firewall_change_authorized": false,
|
||
"followup_owner": "pending_post_incident_readback",
|
||
"host_restart_authorized": false,
|
||
"incident_detected_at_ref": null,
|
||
"live_firewall_read_authorized": false,
|
||
"maintenance_window": "pending_post_incident_readback",
|
||
"maintenance_window_accepted": false,
|
||
"monitoring_alert_impact_accepted": false,
|
||
"monitoring_alert_impact_ref": null,
|
||
"network_policy_apply_authorized": false,
|
||
"no_false_green_accepted": false,
|
||
"nodeport_change_authorized": false,
|
||
"not_approval": true,
|
||
"operator_notification_accepted": false,
|
||
"operator_notification_ref": null,
|
||
"outcome_lanes": [
|
||
"waiting_post_incident_readback",
|
||
"request_actor_supplement",
|
||
"request_before_after_supplement",
|
||
"request_health_impact_supplement",
|
||
"quarantine_raw_payload",
|
||
"reject_unattributed_incident",
|
||
"ready_for_post_incident_review",
|
||
"incident_readback_only_update",
|
||
"recurrence_guard_backfill_required",
|
||
"waiting_runtime_gate"
|
||
],
|
||
"policy_or_exposure_surface": false,
|
||
"port_change_authorized": false,
|
||
"port_close_authorized": false,
|
||
"port_open_authorized": false,
|
||
"post_incident_readback_accepted": false,
|
||
"post_incident_readback_received": false,
|
||
"postcheck_readback_accepted": false,
|
||
"postcheck_readback_ref": null,
|
||
"production_write_authorized": false,
|
||
"prompt_send_authorized": false,
|
||
"provider_switch_authorized": false,
|
||
"public_route_impact_accepted": false,
|
||
"public_route_impact_ref": null,
|
||
"readback_candidate_id": "ssh_network_post_incident_readback:host_ops_sudoers_wrapper",
|
||
"readback_fields": [
|
||
"readback_candidate_id",
|
||
"source_change_evidence_candidate_id",
|
||
"surface_id",
|
||
"config_kind",
|
||
"control_tier",
|
||
"expected_scope",
|
||
"write_capable_surface",
|
||
"policy_or_exposure_surface",
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"reviewer_outcome",
|
||
"followup_owner",
|
||
"not_approval"
|
||
],
|
||
"recurrence_guard_accepted": false,
|
||
"recurrence_guard_ref": null,
|
||
"required_readback_fields": [
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"followup_owner",
|
||
"redacted_evidence_refs",
|
||
"no_secret_value_attestation",
|
||
"no_raw_firewall_dump_attestation",
|
||
"no_false_green_attestation"
|
||
],
|
||
"restoration_evidence_accepted": false,
|
||
"restoration_evidence_ref": null,
|
||
"reviewer_checks": [
|
||
"source_change_evidence_current",
|
||
"incident_ref_present",
|
||
"actor_not_anonymous",
|
||
"before_after_state_present",
|
||
"port_policy_redacted",
|
||
"service_dependency_present",
|
||
"public_route_impact_present",
|
||
"ai_provider_impact_present",
|
||
"monitoring_alert_impact_present",
|
||
"customer_product_impact_present",
|
||
"operator_notification_present",
|
||
"cross_project_sync_present",
|
||
"restoration_evidence_present",
|
||
"postcheck_independent",
|
||
"recurrence_guard_present",
|
||
"emergency_classification_present",
|
||
"maintenance_window_present",
|
||
"rollback_owner_present",
|
||
"no_false_green_route_200",
|
||
"raw_firewall_dump_absent",
|
||
"secret_or_key_value_absent",
|
||
"hidden_impact_absent",
|
||
"counts_transition_safe",
|
||
"runtime_stays_zero"
|
||
],
|
||
"reviewer_outcome": "waiting_post_incident_readback",
|
||
"rollback_owner": "pending_post_incident_readback",
|
||
"rollback_owner_accepted": false,
|
||
"route_smoke_authorized": false,
|
||
"runtime_gate": false,
|
||
"secret_value_collection_allowed": false,
|
||
"service_dependency_accepted": false,
|
||
"service_dependency_ref": null,
|
||
"source_change_evidence_candidate_id": "port_firewall_change_evidence:host_ops_sudoers_wrapper",
|
||
"ssh_read_authorized": false,
|
||
"ssh_write_authorized": false,
|
||
"status": "waiting_post_incident_readback",
|
||
"surface_id": "host_ops_sudoers_wrapper",
|
||
"wireguard_change_authorized": false,
|
||
"write_capable_surface": true
|
||
},
|
||
{
|
||
"action_buttons_allowed": false,
|
||
"active_scan_authorized": false,
|
||
"actor_attribution_accepted": false,
|
||
"actor_attribution_ref": null,
|
||
"affected_port_or_policy_ref": null,
|
||
"after_state_ref": null,
|
||
"ai_provider_impact_accepted": false,
|
||
"ai_provider_impact_ref": null,
|
||
"before_after_state_accepted": false,
|
||
"before_state_ref": null,
|
||
"blocked_actions": [
|
||
"ssh_read",
|
||
"ssh_write",
|
||
"live_firewall_read",
|
||
"firewall_change",
|
||
"port_change",
|
||
"port_close",
|
||
"port_open",
|
||
"network_policy_apply",
|
||
"nodeport_change",
|
||
"wireguard_change",
|
||
"sudo_action",
|
||
"deploy_ssh_action",
|
||
"route_smoke",
|
||
"public_gateway_reload",
|
||
"nginx_reload",
|
||
"host_restart",
|
||
"docker_restart",
|
||
"systemd_restart",
|
||
"secret_value_collection",
|
||
"ssh_key_collection",
|
||
"raw_firewall_dump_storage",
|
||
"raw_key_material_storage",
|
||
"mark_readback_accepted_without_reviewer_record",
|
||
"mark_incident_resolved_without_postcheck",
|
||
"hide_cross_project_impact",
|
||
"treat_route_200_as_all_green",
|
||
"treat_break_glass_as_approval",
|
||
"close_management_port_without_owner",
|
||
"open_runtime_gate",
|
||
"add_action_button",
|
||
"production_write",
|
||
"active_scan",
|
||
"provider_switch",
|
||
"prompt_send"
|
||
],
|
||
"change_or_incident_ref": null,
|
||
"change_window_ref": null,
|
||
"config_kind": "k8s_network_policy",
|
||
"control_tier": "C1",
|
||
"cross_project_sync_accepted": false,
|
||
"cross_project_sync_ref": null,
|
||
"customer_or_product_impact_ref": null,
|
||
"expected_scope": "awoooi_prod_namespace",
|
||
"firewall_change_authorized": false,
|
||
"followup_owner": "pending_post_incident_readback",
|
||
"host_restart_authorized": false,
|
||
"incident_detected_at_ref": null,
|
||
"live_firewall_read_authorized": false,
|
||
"maintenance_window": "pending_post_incident_readback",
|
||
"maintenance_window_accepted": false,
|
||
"monitoring_alert_impact_accepted": false,
|
||
"monitoring_alert_impact_ref": null,
|
||
"network_policy_apply_authorized": false,
|
||
"no_false_green_accepted": false,
|
||
"nodeport_change_authorized": false,
|
||
"not_approval": true,
|
||
"operator_notification_accepted": false,
|
||
"operator_notification_ref": null,
|
||
"outcome_lanes": [
|
||
"waiting_post_incident_readback",
|
||
"request_actor_supplement",
|
||
"request_before_after_supplement",
|
||
"request_health_impact_supplement",
|
||
"quarantine_raw_payload",
|
||
"reject_unattributed_incident",
|
||
"ready_for_post_incident_review",
|
||
"incident_readback_only_update",
|
||
"recurrence_guard_backfill_required",
|
||
"waiting_runtime_gate"
|
||
],
|
||
"policy_or_exposure_surface": true,
|
||
"port_change_authorized": false,
|
||
"port_close_authorized": false,
|
||
"port_open_authorized": false,
|
||
"post_incident_readback_accepted": false,
|
||
"post_incident_readback_received": false,
|
||
"postcheck_readback_accepted": false,
|
||
"postcheck_readback_ref": null,
|
||
"production_write_authorized": false,
|
||
"prompt_send_authorized": false,
|
||
"provider_switch_authorized": false,
|
||
"public_route_impact_accepted": false,
|
||
"public_route_impact_ref": null,
|
||
"readback_candidate_id": "ssh_network_post_incident_readback:k8s_prod_network_policy",
|
||
"readback_fields": [
|
||
"readback_candidate_id",
|
||
"source_change_evidence_candidate_id",
|
||
"surface_id",
|
||
"config_kind",
|
||
"control_tier",
|
||
"expected_scope",
|
||
"write_capable_surface",
|
||
"policy_or_exposure_surface",
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"reviewer_outcome",
|
||
"followup_owner",
|
||
"not_approval"
|
||
],
|
||
"recurrence_guard_accepted": false,
|
||
"recurrence_guard_ref": null,
|
||
"required_readback_fields": [
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"followup_owner",
|
||
"redacted_evidence_refs",
|
||
"no_secret_value_attestation",
|
||
"no_raw_firewall_dump_attestation",
|
||
"no_false_green_attestation"
|
||
],
|
||
"restoration_evidence_accepted": false,
|
||
"restoration_evidence_ref": null,
|
||
"reviewer_checks": [
|
||
"source_change_evidence_current",
|
||
"incident_ref_present",
|
||
"actor_not_anonymous",
|
||
"before_after_state_present",
|
||
"port_policy_redacted",
|
||
"service_dependency_present",
|
||
"public_route_impact_present",
|
||
"ai_provider_impact_present",
|
||
"monitoring_alert_impact_present",
|
||
"customer_product_impact_present",
|
||
"operator_notification_present",
|
||
"cross_project_sync_present",
|
||
"restoration_evidence_present",
|
||
"postcheck_independent",
|
||
"recurrence_guard_present",
|
||
"emergency_classification_present",
|
||
"maintenance_window_present",
|
||
"rollback_owner_present",
|
||
"no_false_green_route_200",
|
||
"raw_firewall_dump_absent",
|
||
"secret_or_key_value_absent",
|
||
"hidden_impact_absent",
|
||
"counts_transition_safe",
|
||
"runtime_stays_zero"
|
||
],
|
||
"reviewer_outcome": "waiting_post_incident_readback",
|
||
"rollback_owner": "pending_post_incident_readback",
|
||
"rollback_owner_accepted": false,
|
||
"route_smoke_authorized": false,
|
||
"runtime_gate": false,
|
||
"secret_value_collection_allowed": false,
|
||
"service_dependency_accepted": false,
|
||
"service_dependency_ref": null,
|
||
"source_change_evidence_candidate_id": "port_firewall_change_evidence:k8s_prod_network_policy",
|
||
"ssh_read_authorized": false,
|
||
"ssh_write_authorized": false,
|
||
"status": "waiting_post_incident_readback",
|
||
"surface_id": "k8s_prod_network_policy",
|
||
"wireguard_change_authorized": false,
|
||
"write_capable_surface": false
|
||
},
|
||
{
|
||
"action_buttons_allowed": false,
|
||
"active_scan_authorized": false,
|
||
"actor_attribution_accepted": false,
|
||
"actor_attribution_ref": null,
|
||
"affected_port_or_policy_ref": null,
|
||
"after_state_ref": null,
|
||
"ai_provider_impact_accepted": false,
|
||
"ai_provider_impact_ref": null,
|
||
"before_after_state_accepted": false,
|
||
"before_state_ref": null,
|
||
"blocked_actions": [
|
||
"ssh_read",
|
||
"ssh_write",
|
||
"live_firewall_read",
|
||
"firewall_change",
|
||
"port_change",
|
||
"port_close",
|
||
"port_open",
|
||
"network_policy_apply",
|
||
"nodeport_change",
|
||
"wireguard_change",
|
||
"sudo_action",
|
||
"deploy_ssh_action",
|
||
"route_smoke",
|
||
"public_gateway_reload",
|
||
"nginx_reload",
|
||
"host_restart",
|
||
"docker_restart",
|
||
"systemd_restart",
|
||
"secret_value_collection",
|
||
"ssh_key_collection",
|
||
"raw_firewall_dump_storage",
|
||
"raw_key_material_storage",
|
||
"mark_readback_accepted_without_reviewer_record",
|
||
"mark_incident_resolved_without_postcheck",
|
||
"hide_cross_project_impact",
|
||
"treat_route_200_as_all_green",
|
||
"treat_break_glass_as_approval",
|
||
"close_management_port_without_owner",
|
||
"open_runtime_gate",
|
||
"add_action_button",
|
||
"production_write",
|
||
"active_scan",
|
||
"provider_switch",
|
||
"prompt_send"
|
||
],
|
||
"change_or_incident_ref": null,
|
||
"change_window_ref": null,
|
||
"config_kind": "k8s_network_policy",
|
||
"control_tier": "C1",
|
||
"cross_project_sync_accepted": false,
|
||
"cross_project_sync_ref": null,
|
||
"customer_or_product_impact_ref": null,
|
||
"expected_scope": "argocd_namespace",
|
||
"firewall_change_authorized": false,
|
||
"followup_owner": "pending_post_incident_readback",
|
||
"host_restart_authorized": false,
|
||
"incident_detected_at_ref": null,
|
||
"live_firewall_read_authorized": false,
|
||
"maintenance_window": "pending_post_incident_readback",
|
||
"maintenance_window_accepted": false,
|
||
"monitoring_alert_impact_accepted": false,
|
||
"monitoring_alert_impact_ref": null,
|
||
"network_policy_apply_authorized": false,
|
||
"no_false_green_accepted": false,
|
||
"nodeport_change_authorized": false,
|
||
"not_approval": true,
|
||
"operator_notification_accepted": false,
|
||
"operator_notification_ref": null,
|
||
"outcome_lanes": [
|
||
"waiting_post_incident_readback",
|
||
"request_actor_supplement",
|
||
"request_before_after_supplement",
|
||
"request_health_impact_supplement",
|
||
"quarantine_raw_payload",
|
||
"reject_unattributed_incident",
|
||
"ready_for_post_incident_review",
|
||
"incident_readback_only_update",
|
||
"recurrence_guard_backfill_required",
|
||
"waiting_runtime_gate"
|
||
],
|
||
"policy_or_exposure_surface": true,
|
||
"port_change_authorized": false,
|
||
"port_close_authorized": false,
|
||
"port_open_authorized": false,
|
||
"post_incident_readback_accepted": false,
|
||
"post_incident_readback_received": false,
|
||
"postcheck_readback_accepted": false,
|
||
"postcheck_readback_ref": null,
|
||
"production_write_authorized": false,
|
||
"prompt_send_authorized": false,
|
||
"provider_switch_authorized": false,
|
||
"public_route_impact_accepted": false,
|
||
"public_route_impact_ref": null,
|
||
"readback_candidate_id": "ssh_network_post_incident_readback:argocd_metrics_network_policy",
|
||
"readback_fields": [
|
||
"readback_candidate_id",
|
||
"source_change_evidence_candidate_id",
|
||
"surface_id",
|
||
"config_kind",
|
||
"control_tier",
|
||
"expected_scope",
|
||
"write_capable_surface",
|
||
"policy_or_exposure_surface",
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"reviewer_outcome",
|
||
"followup_owner",
|
||
"not_approval"
|
||
],
|
||
"recurrence_guard_accepted": false,
|
||
"recurrence_guard_ref": null,
|
||
"required_readback_fields": [
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"followup_owner",
|
||
"redacted_evidence_refs",
|
||
"no_secret_value_attestation",
|
||
"no_raw_firewall_dump_attestation",
|
||
"no_false_green_attestation"
|
||
],
|
||
"restoration_evidence_accepted": false,
|
||
"restoration_evidence_ref": null,
|
||
"reviewer_checks": [
|
||
"source_change_evidence_current",
|
||
"incident_ref_present",
|
||
"actor_not_anonymous",
|
||
"before_after_state_present",
|
||
"port_policy_redacted",
|
||
"service_dependency_present",
|
||
"public_route_impact_present",
|
||
"ai_provider_impact_present",
|
||
"monitoring_alert_impact_present",
|
||
"customer_product_impact_present",
|
||
"operator_notification_present",
|
||
"cross_project_sync_present",
|
||
"restoration_evidence_present",
|
||
"postcheck_independent",
|
||
"recurrence_guard_present",
|
||
"emergency_classification_present",
|
||
"maintenance_window_present",
|
||
"rollback_owner_present",
|
||
"no_false_green_route_200",
|
||
"raw_firewall_dump_absent",
|
||
"secret_or_key_value_absent",
|
||
"hidden_impact_absent",
|
||
"counts_transition_safe",
|
||
"runtime_stays_zero"
|
||
],
|
||
"reviewer_outcome": "waiting_post_incident_readback",
|
||
"rollback_owner": "pending_post_incident_readback",
|
||
"rollback_owner_accepted": false,
|
||
"route_smoke_authorized": false,
|
||
"runtime_gate": false,
|
||
"secret_value_collection_allowed": false,
|
||
"service_dependency_accepted": false,
|
||
"service_dependency_ref": null,
|
||
"source_change_evidence_candidate_id": "port_firewall_change_evidence:argocd_metrics_network_policy",
|
||
"ssh_read_authorized": false,
|
||
"ssh_write_authorized": false,
|
||
"status": "waiting_post_incident_readback",
|
||
"surface_id": "argocd_metrics_network_policy",
|
||
"wireguard_change_authorized": false,
|
||
"write_capable_surface": false
|
||
},
|
||
{
|
||
"action_buttons_allowed": false,
|
||
"active_scan_authorized": false,
|
||
"actor_attribution_accepted": false,
|
||
"actor_attribution_ref": null,
|
||
"affected_port_or_policy_ref": null,
|
||
"after_state_ref": null,
|
||
"ai_provider_impact_accepted": false,
|
||
"ai_provider_impact_ref": null,
|
||
"before_after_state_accepted": false,
|
||
"before_state_ref": null,
|
||
"blocked_actions": [
|
||
"ssh_read",
|
||
"ssh_write",
|
||
"live_firewall_read",
|
||
"firewall_change",
|
||
"port_change",
|
||
"port_close",
|
||
"port_open",
|
||
"network_policy_apply",
|
||
"nodeport_change",
|
||
"wireguard_change",
|
||
"sudo_action",
|
||
"deploy_ssh_action",
|
||
"route_smoke",
|
||
"public_gateway_reload",
|
||
"nginx_reload",
|
||
"host_restart",
|
||
"docker_restart",
|
||
"systemd_restart",
|
||
"secret_value_collection",
|
||
"ssh_key_collection",
|
||
"raw_firewall_dump_storage",
|
||
"raw_key_material_storage",
|
||
"mark_readback_accepted_without_reviewer_record",
|
||
"mark_incident_resolved_without_postcheck",
|
||
"hide_cross_project_impact",
|
||
"treat_route_200_as_all_green",
|
||
"treat_break_glass_as_approval",
|
||
"close_management_port_without_owner",
|
||
"open_runtime_gate",
|
||
"add_action_button",
|
||
"production_write",
|
||
"active_scan",
|
||
"provider_switch",
|
||
"prompt_send"
|
||
],
|
||
"change_or_incident_ref": null,
|
||
"change_window_ref": null,
|
||
"config_kind": "k8s_nodeport_service",
|
||
"control_tier": "C1",
|
||
"cross_project_sync_accepted": false,
|
||
"cross_project_sync_ref": null,
|
||
"customer_or_product_impact_ref": null,
|
||
"expected_scope": "argocd_nodeport_30882_30883",
|
||
"firewall_change_authorized": false,
|
||
"followup_owner": "pending_post_incident_readback",
|
||
"host_restart_authorized": false,
|
||
"incident_detected_at_ref": null,
|
||
"live_firewall_read_authorized": false,
|
||
"maintenance_window": "pending_post_incident_readback",
|
||
"maintenance_window_accepted": false,
|
||
"monitoring_alert_impact_accepted": false,
|
||
"monitoring_alert_impact_ref": null,
|
||
"network_policy_apply_authorized": false,
|
||
"no_false_green_accepted": false,
|
||
"nodeport_change_authorized": false,
|
||
"not_approval": true,
|
||
"operator_notification_accepted": false,
|
||
"operator_notification_ref": null,
|
||
"outcome_lanes": [
|
||
"waiting_post_incident_readback",
|
||
"request_actor_supplement",
|
||
"request_before_after_supplement",
|
||
"request_health_impact_supplement",
|
||
"quarantine_raw_payload",
|
||
"reject_unattributed_incident",
|
||
"ready_for_post_incident_review",
|
||
"incident_readback_only_update",
|
||
"recurrence_guard_backfill_required",
|
||
"waiting_runtime_gate"
|
||
],
|
||
"policy_or_exposure_surface": true,
|
||
"port_change_authorized": false,
|
||
"port_close_authorized": false,
|
||
"port_open_authorized": false,
|
||
"post_incident_readback_accepted": false,
|
||
"post_incident_readback_received": false,
|
||
"postcheck_readback_accepted": false,
|
||
"postcheck_readback_ref": null,
|
||
"production_write_authorized": false,
|
||
"prompt_send_authorized": false,
|
||
"provider_switch_authorized": false,
|
||
"public_route_impact_accepted": false,
|
||
"public_route_impact_ref": null,
|
||
"readback_candidate_id": "ssh_network_post_incident_readback:argocd_metrics_nodeport",
|
||
"readback_fields": [
|
||
"readback_candidate_id",
|
||
"source_change_evidence_candidate_id",
|
||
"surface_id",
|
||
"config_kind",
|
||
"control_tier",
|
||
"expected_scope",
|
||
"write_capable_surface",
|
||
"policy_or_exposure_surface",
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"reviewer_outcome",
|
||
"followup_owner",
|
||
"not_approval"
|
||
],
|
||
"recurrence_guard_accepted": false,
|
||
"recurrence_guard_ref": null,
|
||
"required_readback_fields": [
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"followup_owner",
|
||
"redacted_evidence_refs",
|
||
"no_secret_value_attestation",
|
||
"no_raw_firewall_dump_attestation",
|
||
"no_false_green_attestation"
|
||
],
|
||
"restoration_evidence_accepted": false,
|
||
"restoration_evidence_ref": null,
|
||
"reviewer_checks": [
|
||
"source_change_evidence_current",
|
||
"incident_ref_present",
|
||
"actor_not_anonymous",
|
||
"before_after_state_present",
|
||
"port_policy_redacted",
|
||
"service_dependency_present",
|
||
"public_route_impact_present",
|
||
"ai_provider_impact_present",
|
||
"monitoring_alert_impact_present",
|
||
"customer_product_impact_present",
|
||
"operator_notification_present",
|
||
"cross_project_sync_present",
|
||
"restoration_evidence_present",
|
||
"postcheck_independent",
|
||
"recurrence_guard_present",
|
||
"emergency_classification_present",
|
||
"maintenance_window_present",
|
||
"rollback_owner_present",
|
||
"no_false_green_route_200",
|
||
"raw_firewall_dump_absent",
|
||
"secret_or_key_value_absent",
|
||
"hidden_impact_absent",
|
||
"counts_transition_safe",
|
||
"runtime_stays_zero"
|
||
],
|
||
"reviewer_outcome": "waiting_post_incident_readback",
|
||
"rollback_owner": "pending_post_incident_readback",
|
||
"rollback_owner_accepted": false,
|
||
"route_smoke_authorized": false,
|
||
"runtime_gate": false,
|
||
"secret_value_collection_allowed": false,
|
||
"service_dependency_accepted": false,
|
||
"service_dependency_ref": null,
|
||
"source_change_evidence_candidate_id": "port_firewall_change_evidence:argocd_metrics_nodeport",
|
||
"ssh_read_authorized": false,
|
||
"ssh_write_authorized": false,
|
||
"status": "waiting_post_incident_readback",
|
||
"surface_id": "argocd_metrics_nodeport",
|
||
"wireguard_change_authorized": false,
|
||
"write_capable_surface": false
|
||
},
|
||
{
|
||
"action_buttons_allowed": false,
|
||
"active_scan_authorized": false,
|
||
"actor_attribution_accepted": false,
|
||
"actor_attribution_ref": null,
|
||
"affected_port_or_policy_ref": null,
|
||
"after_state_ref": null,
|
||
"ai_provider_impact_accepted": false,
|
||
"ai_provider_impact_ref": null,
|
||
"before_after_state_accepted": false,
|
||
"before_state_ref": null,
|
||
"blocked_actions": [
|
||
"ssh_read",
|
||
"ssh_write",
|
||
"live_firewall_read",
|
||
"firewall_change",
|
||
"port_change",
|
||
"port_close",
|
||
"port_open",
|
||
"network_policy_apply",
|
||
"nodeport_change",
|
||
"wireguard_change",
|
||
"sudo_action",
|
||
"deploy_ssh_action",
|
||
"route_smoke",
|
||
"public_gateway_reload",
|
||
"nginx_reload",
|
||
"host_restart",
|
||
"docker_restart",
|
||
"systemd_restart",
|
||
"secret_value_collection",
|
||
"ssh_key_collection",
|
||
"raw_firewall_dump_storage",
|
||
"raw_key_material_storage",
|
||
"mark_readback_accepted_without_reviewer_record",
|
||
"mark_incident_resolved_without_postcheck",
|
||
"hide_cross_project_impact",
|
||
"treat_route_200_as_all_green",
|
||
"treat_break_glass_as_approval",
|
||
"close_management_port_without_owner",
|
||
"open_runtime_gate",
|
||
"add_action_button",
|
||
"production_write",
|
||
"active_scan",
|
||
"provider_switch",
|
||
"prompt_send"
|
||
],
|
||
"change_or_incident_ref": null,
|
||
"change_window_ref": null,
|
||
"config_kind": "k8s_nodeport_service",
|
||
"control_tier": "C1",
|
||
"cross_project_sync_accepted": false,
|
||
"cross_project_sync_ref": null,
|
||
"customer_or_product_impact_ref": null,
|
||
"expected_scope": "velero_nodeport_30885",
|
||
"firewall_change_authorized": false,
|
||
"followup_owner": "pending_post_incident_readback",
|
||
"host_restart_authorized": false,
|
||
"incident_detected_at_ref": null,
|
||
"live_firewall_read_authorized": false,
|
||
"maintenance_window": "pending_post_incident_readback",
|
||
"maintenance_window_accepted": false,
|
||
"monitoring_alert_impact_accepted": false,
|
||
"monitoring_alert_impact_ref": null,
|
||
"network_policy_apply_authorized": false,
|
||
"no_false_green_accepted": false,
|
||
"nodeport_change_authorized": false,
|
||
"not_approval": true,
|
||
"operator_notification_accepted": false,
|
||
"operator_notification_ref": null,
|
||
"outcome_lanes": [
|
||
"waiting_post_incident_readback",
|
||
"request_actor_supplement",
|
||
"request_before_after_supplement",
|
||
"request_health_impact_supplement",
|
||
"quarantine_raw_payload",
|
||
"reject_unattributed_incident",
|
||
"ready_for_post_incident_review",
|
||
"incident_readback_only_update",
|
||
"recurrence_guard_backfill_required",
|
||
"waiting_runtime_gate"
|
||
],
|
||
"policy_or_exposure_surface": true,
|
||
"port_change_authorized": false,
|
||
"port_close_authorized": false,
|
||
"port_open_authorized": false,
|
||
"post_incident_readback_accepted": false,
|
||
"post_incident_readback_received": false,
|
||
"postcheck_readback_accepted": false,
|
||
"postcheck_readback_ref": null,
|
||
"production_write_authorized": false,
|
||
"prompt_send_authorized": false,
|
||
"provider_switch_authorized": false,
|
||
"public_route_impact_accepted": false,
|
||
"public_route_impact_ref": null,
|
||
"readback_candidate_id": "ssh_network_post_incident_readback:velero_metrics_nodeport",
|
||
"readback_fields": [
|
||
"readback_candidate_id",
|
||
"source_change_evidence_candidate_id",
|
||
"surface_id",
|
||
"config_kind",
|
||
"control_tier",
|
||
"expected_scope",
|
||
"write_capable_surface",
|
||
"policy_or_exposure_surface",
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"reviewer_outcome",
|
||
"followup_owner",
|
||
"not_approval"
|
||
],
|
||
"recurrence_guard_accepted": false,
|
||
"recurrence_guard_ref": null,
|
||
"required_readback_fields": [
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"followup_owner",
|
||
"redacted_evidence_refs",
|
||
"no_secret_value_attestation",
|
||
"no_raw_firewall_dump_attestation",
|
||
"no_false_green_attestation"
|
||
],
|
||
"restoration_evidence_accepted": false,
|
||
"restoration_evidence_ref": null,
|
||
"reviewer_checks": [
|
||
"source_change_evidence_current",
|
||
"incident_ref_present",
|
||
"actor_not_anonymous",
|
||
"before_after_state_present",
|
||
"port_policy_redacted",
|
||
"service_dependency_present",
|
||
"public_route_impact_present",
|
||
"ai_provider_impact_present",
|
||
"monitoring_alert_impact_present",
|
||
"customer_product_impact_present",
|
||
"operator_notification_present",
|
||
"cross_project_sync_present",
|
||
"restoration_evidence_present",
|
||
"postcheck_independent",
|
||
"recurrence_guard_present",
|
||
"emergency_classification_present",
|
||
"maintenance_window_present",
|
||
"rollback_owner_present",
|
||
"no_false_green_route_200",
|
||
"raw_firewall_dump_absent",
|
||
"secret_or_key_value_absent",
|
||
"hidden_impact_absent",
|
||
"counts_transition_safe",
|
||
"runtime_stays_zero"
|
||
],
|
||
"reviewer_outcome": "waiting_post_incident_readback",
|
||
"rollback_owner": "pending_post_incident_readback",
|
||
"rollback_owner_accepted": false,
|
||
"route_smoke_authorized": false,
|
||
"runtime_gate": false,
|
||
"secret_value_collection_allowed": false,
|
||
"service_dependency_accepted": false,
|
||
"service_dependency_ref": null,
|
||
"source_change_evidence_candidate_id": "port_firewall_change_evidence:velero_metrics_nodeport",
|
||
"ssh_read_authorized": false,
|
||
"ssh_write_authorized": false,
|
||
"status": "waiting_post_incident_readback",
|
||
"surface_id": "velero_metrics_nodeport",
|
||
"wireguard_change_authorized": false,
|
||
"write_capable_surface": false
|
||
},
|
||
{
|
||
"action_buttons_allowed": false,
|
||
"active_scan_authorized": false,
|
||
"actor_attribution_accepted": false,
|
||
"actor_attribution_ref": null,
|
||
"affected_port_or_policy_ref": null,
|
||
"after_state_ref": null,
|
||
"ai_provider_impact_accepted": false,
|
||
"ai_provider_impact_ref": null,
|
||
"before_after_state_accepted": false,
|
||
"before_state_ref": null,
|
||
"blocked_actions": [
|
||
"ssh_read",
|
||
"ssh_write",
|
||
"live_firewall_read",
|
||
"firewall_change",
|
||
"port_change",
|
||
"port_close",
|
||
"port_open",
|
||
"network_policy_apply",
|
||
"nodeport_change",
|
||
"wireguard_change",
|
||
"sudo_action",
|
||
"deploy_ssh_action",
|
||
"route_smoke",
|
||
"public_gateway_reload",
|
||
"nginx_reload",
|
||
"host_restart",
|
||
"docker_restart",
|
||
"systemd_restart",
|
||
"secret_value_collection",
|
||
"ssh_key_collection",
|
||
"raw_firewall_dump_storage",
|
||
"raw_key_material_storage",
|
||
"mark_readback_accepted_without_reviewer_record",
|
||
"mark_incident_resolved_without_postcheck",
|
||
"hide_cross_project_impact",
|
||
"treat_route_200_as_all_green",
|
||
"treat_break_glass_as_approval",
|
||
"close_management_port_without_owner",
|
||
"open_runtime_gate",
|
||
"add_action_button",
|
||
"production_write",
|
||
"active_scan",
|
||
"provider_switch",
|
||
"prompt_send"
|
||
],
|
||
"change_or_incident_ref": null,
|
||
"change_window_ref": null,
|
||
"config_kind": "wireguard_runbook",
|
||
"control_tier": "C1",
|
||
"cross_project_sync_accepted": false,
|
||
"cross_project_sync_ref": null,
|
||
"customer_or_product_impact_ref": null,
|
||
"expected_scope": "110_111_120_121_gcp_a_gcp_b",
|
||
"firewall_change_authorized": false,
|
||
"followup_owner": "pending_post_incident_readback",
|
||
"host_restart_authorized": false,
|
||
"incident_detected_at_ref": null,
|
||
"live_firewall_read_authorized": false,
|
||
"maintenance_window": "pending_post_incident_readback",
|
||
"maintenance_window_accepted": false,
|
||
"monitoring_alert_impact_accepted": false,
|
||
"monitoring_alert_impact_ref": null,
|
||
"network_policy_apply_authorized": false,
|
||
"no_false_green_accepted": false,
|
||
"nodeport_change_authorized": false,
|
||
"not_approval": true,
|
||
"operator_notification_accepted": false,
|
||
"operator_notification_ref": null,
|
||
"outcome_lanes": [
|
||
"waiting_post_incident_readback",
|
||
"request_actor_supplement",
|
||
"request_before_after_supplement",
|
||
"request_health_impact_supplement",
|
||
"quarantine_raw_payload",
|
||
"reject_unattributed_incident",
|
||
"ready_for_post_incident_review",
|
||
"incident_readback_only_update",
|
||
"recurrence_guard_backfill_required",
|
||
"waiting_runtime_gate"
|
||
],
|
||
"policy_or_exposure_surface": true,
|
||
"port_change_authorized": false,
|
||
"port_close_authorized": false,
|
||
"port_open_authorized": false,
|
||
"post_incident_readback_accepted": false,
|
||
"post_incident_readback_received": false,
|
||
"postcheck_readback_accepted": false,
|
||
"postcheck_readback_ref": null,
|
||
"production_write_authorized": false,
|
||
"prompt_send_authorized": false,
|
||
"provider_switch_authorized": false,
|
||
"public_route_impact_accepted": false,
|
||
"public_route_impact_ref": null,
|
||
"readback_candidate_id": "ssh_network_post_incident_readback:wireguard_mesh_runbook",
|
||
"readback_fields": [
|
||
"readback_candidate_id",
|
||
"source_change_evidence_candidate_id",
|
||
"surface_id",
|
||
"config_kind",
|
||
"control_tier",
|
||
"expected_scope",
|
||
"write_capable_surface",
|
||
"policy_or_exposure_surface",
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"reviewer_outcome",
|
||
"followup_owner",
|
||
"not_approval"
|
||
],
|
||
"recurrence_guard_accepted": false,
|
||
"recurrence_guard_ref": null,
|
||
"required_readback_fields": [
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"followup_owner",
|
||
"redacted_evidence_refs",
|
||
"no_secret_value_attestation",
|
||
"no_raw_firewall_dump_attestation",
|
||
"no_false_green_attestation"
|
||
],
|
||
"restoration_evidence_accepted": false,
|
||
"restoration_evidence_ref": null,
|
||
"reviewer_checks": [
|
||
"source_change_evidence_current",
|
||
"incident_ref_present",
|
||
"actor_not_anonymous",
|
||
"before_after_state_present",
|
||
"port_policy_redacted",
|
||
"service_dependency_present",
|
||
"public_route_impact_present",
|
||
"ai_provider_impact_present",
|
||
"monitoring_alert_impact_present",
|
||
"customer_product_impact_present",
|
||
"operator_notification_present",
|
||
"cross_project_sync_present",
|
||
"restoration_evidence_present",
|
||
"postcheck_independent",
|
||
"recurrence_guard_present",
|
||
"emergency_classification_present",
|
||
"maintenance_window_present",
|
||
"rollback_owner_present",
|
||
"no_false_green_route_200",
|
||
"raw_firewall_dump_absent",
|
||
"secret_or_key_value_absent",
|
||
"hidden_impact_absent",
|
||
"counts_transition_safe",
|
||
"runtime_stays_zero"
|
||
],
|
||
"reviewer_outcome": "waiting_post_incident_readback",
|
||
"rollback_owner": "pending_post_incident_readback",
|
||
"rollback_owner_accepted": false,
|
||
"route_smoke_authorized": false,
|
||
"runtime_gate": false,
|
||
"secret_value_collection_allowed": false,
|
||
"service_dependency_accepted": false,
|
||
"service_dependency_ref": null,
|
||
"source_change_evidence_candidate_id": "port_firewall_change_evidence:wireguard_mesh_runbook",
|
||
"ssh_read_authorized": false,
|
||
"ssh_write_authorized": false,
|
||
"status": "waiting_post_incident_readback",
|
||
"surface_id": "wireguard_mesh_runbook",
|
||
"wireguard_change_authorized": false,
|
||
"write_capable_surface": false
|
||
},
|
||
{
|
||
"action_buttons_allowed": false,
|
||
"active_scan_authorized": false,
|
||
"actor_attribution_accepted": false,
|
||
"actor_attribution_ref": null,
|
||
"affected_port_or_policy_ref": null,
|
||
"after_state_ref": null,
|
||
"ai_provider_impact_accepted": false,
|
||
"ai_provider_impact_ref": null,
|
||
"before_after_state_accepted": false,
|
||
"before_state_ref": null,
|
||
"blocked_actions": [
|
||
"ssh_read",
|
||
"ssh_write",
|
||
"live_firewall_read",
|
||
"firewall_change",
|
||
"port_change",
|
||
"port_close",
|
||
"port_open",
|
||
"network_policy_apply",
|
||
"nodeport_change",
|
||
"wireguard_change",
|
||
"sudo_action",
|
||
"deploy_ssh_action",
|
||
"route_smoke",
|
||
"public_gateway_reload",
|
||
"nginx_reload",
|
||
"host_restart",
|
||
"docker_restart",
|
||
"systemd_restart",
|
||
"secret_value_collection",
|
||
"ssh_key_collection",
|
||
"raw_firewall_dump_storage",
|
||
"raw_key_material_storage",
|
||
"mark_readback_accepted_without_reviewer_record",
|
||
"mark_incident_resolved_without_postcheck",
|
||
"hide_cross_project_impact",
|
||
"treat_route_200_as_all_green",
|
||
"treat_break_glass_as_approval",
|
||
"close_management_port_without_owner",
|
||
"open_runtime_gate",
|
||
"add_action_button",
|
||
"production_write",
|
||
"active_scan",
|
||
"provider_switch",
|
||
"prompt_send"
|
||
],
|
||
"change_or_incident_ref": null,
|
||
"change_window_ref": null,
|
||
"config_kind": "alert_ssh_action_rules",
|
||
"control_tier": "C1",
|
||
"cross_project_sync_accepted": false,
|
||
"cross_project_sync_ref": null,
|
||
"customer_or_product_impact_ref": null,
|
||
"expected_scope": "ssh_mcp_action_catalog",
|
||
"firewall_change_authorized": false,
|
||
"followup_owner": "pending_post_incident_readback",
|
||
"host_restart_authorized": false,
|
||
"incident_detected_at_ref": null,
|
||
"live_firewall_read_authorized": false,
|
||
"maintenance_window": "pending_post_incident_readback",
|
||
"maintenance_window_accepted": false,
|
||
"monitoring_alert_impact_accepted": false,
|
||
"monitoring_alert_impact_ref": null,
|
||
"network_policy_apply_authorized": false,
|
||
"no_false_green_accepted": false,
|
||
"nodeport_change_authorized": false,
|
||
"not_approval": true,
|
||
"operator_notification_accepted": false,
|
||
"operator_notification_ref": null,
|
||
"outcome_lanes": [
|
||
"waiting_post_incident_readback",
|
||
"request_actor_supplement",
|
||
"request_before_after_supplement",
|
||
"request_health_impact_supplement",
|
||
"quarantine_raw_payload",
|
||
"reject_unattributed_incident",
|
||
"ready_for_post_incident_review",
|
||
"incident_readback_only_update",
|
||
"recurrence_guard_backfill_required",
|
||
"waiting_runtime_gate"
|
||
],
|
||
"policy_or_exposure_surface": false,
|
||
"port_change_authorized": false,
|
||
"port_close_authorized": false,
|
||
"port_open_authorized": false,
|
||
"post_incident_readback_accepted": false,
|
||
"post_incident_readback_received": false,
|
||
"postcheck_readback_accepted": false,
|
||
"postcheck_readback_ref": null,
|
||
"production_write_authorized": false,
|
||
"prompt_send_authorized": false,
|
||
"provider_switch_authorized": false,
|
||
"public_route_impact_accepted": false,
|
||
"public_route_impact_ref": null,
|
||
"readback_candidate_id": "ssh_network_post_incident_readback:alert_rules_ssh_actions",
|
||
"readback_fields": [
|
||
"readback_candidate_id",
|
||
"source_change_evidence_candidate_id",
|
||
"surface_id",
|
||
"config_kind",
|
||
"control_tier",
|
||
"expected_scope",
|
||
"write_capable_surface",
|
||
"policy_or_exposure_surface",
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"reviewer_outcome",
|
||
"followup_owner",
|
||
"not_approval"
|
||
],
|
||
"recurrence_guard_accepted": false,
|
||
"recurrence_guard_ref": null,
|
||
"required_readback_fields": [
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"followup_owner",
|
||
"redacted_evidence_refs",
|
||
"no_secret_value_attestation",
|
||
"no_raw_firewall_dump_attestation",
|
||
"no_false_green_attestation"
|
||
],
|
||
"restoration_evidence_accepted": false,
|
||
"restoration_evidence_ref": null,
|
||
"reviewer_checks": [
|
||
"source_change_evidence_current",
|
||
"incident_ref_present",
|
||
"actor_not_anonymous",
|
||
"before_after_state_present",
|
||
"port_policy_redacted",
|
||
"service_dependency_present",
|
||
"public_route_impact_present",
|
||
"ai_provider_impact_present",
|
||
"monitoring_alert_impact_present",
|
||
"customer_product_impact_present",
|
||
"operator_notification_present",
|
||
"cross_project_sync_present",
|
||
"restoration_evidence_present",
|
||
"postcheck_independent",
|
||
"recurrence_guard_present",
|
||
"emergency_classification_present",
|
||
"maintenance_window_present",
|
||
"rollback_owner_present",
|
||
"no_false_green_route_200",
|
||
"raw_firewall_dump_absent",
|
||
"secret_or_key_value_absent",
|
||
"hidden_impact_absent",
|
||
"counts_transition_safe",
|
||
"runtime_stays_zero"
|
||
],
|
||
"reviewer_outcome": "waiting_post_incident_readback",
|
||
"rollback_owner": "pending_post_incident_readback",
|
||
"rollback_owner_accepted": false,
|
||
"route_smoke_authorized": false,
|
||
"runtime_gate": false,
|
||
"secret_value_collection_allowed": false,
|
||
"service_dependency_accepted": false,
|
||
"service_dependency_ref": null,
|
||
"source_change_evidence_candidate_id": "port_firewall_change_evidence:alert_rules_ssh_actions",
|
||
"ssh_read_authorized": false,
|
||
"ssh_write_authorized": false,
|
||
"status": "waiting_post_incident_readback",
|
||
"surface_id": "alert_rules_ssh_actions",
|
||
"wireguard_change_authorized": false,
|
||
"write_capable_surface": true
|
||
}
|
||
],
|
||
"required_readback_fields": [
|
||
"change_or_incident_ref",
|
||
"actor_attribution_ref",
|
||
"incident_detected_at_ref",
|
||
"change_window_ref",
|
||
"affected_port_or_policy_ref",
|
||
"before_state_ref",
|
||
"after_state_ref",
|
||
"service_dependency_ref",
|
||
"public_route_impact_ref",
|
||
"ai_provider_impact_ref",
|
||
"monitoring_alert_impact_ref",
|
||
"customer_or_product_impact_ref",
|
||
"operator_notification_ref",
|
||
"cross_project_sync_ref",
|
||
"restoration_evidence_ref",
|
||
"postcheck_readback_ref",
|
||
"recurrence_guard_ref",
|
||
"maintenance_window",
|
||
"rollback_owner",
|
||
"followup_owner",
|
||
"redacted_evidence_refs",
|
||
"no_secret_value_attestation",
|
||
"no_raw_firewall_dump_attestation",
|
||
"no_false_green_attestation"
|
||
],
|
||
"reviewer_checks": [
|
||
{
|
||
"check_id": "source_change_evidence_current",
|
||
"instruction": "來源 change evidence snapshot 必須是目前版本。"
|
||
},
|
||
{
|
||
"check_id": "incident_ref_present",
|
||
"instruction": "必須有可追溯 incident / change ref。"
|
||
},
|
||
{
|
||
"check_id": "actor_not_anonymous",
|
||
"instruction": "必須標示 actor role / team,不接受匿名端口關閉。"
|
||
},
|
||
{
|
||
"check_id": "before_after_state_present",
|
||
"instruction": "必須有變更前與恢復後狀態 ref。"
|
||
},
|
||
{
|
||
"check_id": "port_policy_redacted",
|
||
"instruction": "端口、policy、host 只收脫敏 ref 或 alias,不保存 raw dump。"
|
||
},
|
||
{
|
||
"check_id": "service_dependency_present",
|
||
"instruction": "必須列出受影響服務、agent、public route、monitoring 或 deploy path。"
|
||
},
|
||
{
|
||
"check_id": "public_route_impact_present",
|
||
"instruction": "必須列出 public route / admin route / callback 影響 ref。"
|
||
},
|
||
{
|
||
"check_id": "ai_provider_impact_present",
|
||
"instruction": "若影響 Ollama / provider health,需列出脫敏 impact ref。"
|
||
},
|
||
{
|
||
"check_id": "monitoring_alert_impact_present",
|
||
"instruction": "必須列出 alert / SRE / dashboard 影響與 false-green 風險。"
|
||
},
|
||
{
|
||
"check_id": "customer_product_impact_present",
|
||
"instruction": "需標示產品或使用者影響,不得只寫已恢復。"
|
||
},
|
||
{
|
||
"check_id": "operator_notification_present",
|
||
"instruction": "必須有受影響 owner / Session / product 的通知 ref。"
|
||
},
|
||
{
|
||
"check_id": "cross_project_sync_present",
|
||
"instruction": "跨專案同步 ref 必須存在,避免單點修改。"
|
||
},
|
||
{
|
||
"check_id": "restoration_evidence_present",
|
||
"instruction": "必須有恢復時間與恢復證據 ref。"
|
||
},
|
||
{
|
||
"check_id": "postcheck_independent",
|
||
"instruction": "post-check 需獨立於原操作人與 UI 卡片。"
|
||
},
|
||
{
|
||
"check_id": "recurrence_guard_present",
|
||
"instruction": "必須提出防再發 guard、change freeze 或 owner review。"
|
||
},
|
||
{
|
||
"check_id": "emergency_classification_present",
|
||
"instruction": "緊急破窗需標示分類與事後補件責任。"
|
||
},
|
||
{
|
||
"check_id": "maintenance_window_present",
|
||
"instruction": "後續任何 port / firewall 操作都需維護窗口。"
|
||
},
|
||
{
|
||
"check_id": "rollback_owner_present",
|
||
"instruction": "rollback owner 與回復 plan 必須同時存在。"
|
||
},
|
||
{
|
||
"check_id": "no_false_green_route_200",
|
||
"instruction": "不得只用 route 200 / service up 當成事故已驗收。"
|
||
},
|
||
{
|
||
"check_id": "raw_firewall_dump_absent",
|
||
"instruction": "不得保存 raw firewall dump、raw iptables、raw nftables 或 raw ACL。"
|
||
},
|
||
{
|
||
"check_id": "secret_or_key_value_absent",
|
||
"instruction": "不得包含 secret、SSH key、token、cookie、私鑰或 partial secret。"
|
||
},
|
||
{
|
||
"check_id": "hidden_impact_absent",
|
||
"instruction": "不得隱藏 AI provider、registry、monitoring、deploy 或 product route 影響。"
|
||
},
|
||
{
|
||
"check_id": "counts_transition_safe",
|
||
"instruction": "只有 reviewer record 能更新 accepted count,且不得同時開 runtime gate。"
|
||
},
|
||
{
|
||
"check_id": "runtime_stays_zero",
|
||
"instruction": "readback plan 不得觸發任何 SSH、firewall、route smoke、restart 或 production write。"
|
||
}
|
||
],
|
||
"schema_version": "ssh_network_post_incident_readback_plan_v1",
|
||
"source_paths": [
|
||
"docs/security/PORT-FIREWALL-CHANGE-EVIDENCE-ACCEPTANCE.md",
|
||
"docs/security/port-firewall-change-evidence-acceptance.snapshot.json",
|
||
"docs/security/SSH-NETWORK-OWNER-RESPONSE-ACCEPTANCE.md",
|
||
"docs/security/ssh-network-owner-response-acceptance.snapshot.json"
|
||
],
|
||
"source_schema_version": "port_firewall_change_evidence_acceptance_v1",
|
||
"source_status": "change_evidence_acceptance_ready_no_runtime_action",
|
||
"status": "post_incident_readback_plan_ready_no_runtime_action",
|
||
"summary": {
|
||
"action_button_count": 0,
|
||
"actor_attribution_accepted_count": 0,
|
||
"ai_provider_impact_accepted_count": 0,
|
||
"before_after_state_accepted_count": 0,
|
||
"blocked_action_count": 34,
|
||
"coverage_percent_after_readback_plan": 64,
|
||
"cross_project_sync_accepted_count": 0,
|
||
"cross_project_sync_required_candidate_count": 14,
|
||
"health_impact_review_required_candidate_count": 14,
|
||
"monitoring_alert_impact_accepted_count": 0,
|
||
"no_false_green_accepted_count": 0,
|
||
"operator_notification_accepted_count": 0,
|
||
"outcome_lane_count": 10,
|
||
"policy_or_exposure_readback_candidate_count": 5,
|
||
"post_incident_readback_accepted_count": 0,
|
||
"post_incident_readback_received_count": 0,
|
||
"postcheck_readback_accepted_count": 0,
|
||
"public_route_impact_accepted_count": 0,
|
||
"readback_candidate_count": 14,
|
||
"readback_field_count": 30,
|
||
"recurrence_guard_accepted_count": 0,
|
||
"recurrence_guard_required_candidate_count": 14,
|
||
"required_readback_field_count": 24,
|
||
"restoration_evidence_accepted_count": 0,
|
||
"reviewer_check_count": 24,
|
||
"runtime_gate_count": 0,
|
||
"service_dependency_accepted_count": 0,
|
||
"write_capable_readback_candidate_count": 6
|
||
}
|
||
}
|