awoooi/docs/schemas/security_rollout_policy_v1.schema.json

{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "urn:awoooi:security-rollout-policy-v1",
  "title": "AWOOOI 低摩擦資安 Rollout Policy (v1)",
  "description": "定義 Security Supply Chain 初期如何以 observe / warn / approve_required / block_candidate 分階段收斂，避免一開始把資安限制拉太高。",
  "type": "object",
  "required": [
    "schema_version",
    "status",
    "default_mode",
    "enforcement_level",
    "non_blocking_escalation_lane_count",
    "non_blocking_escalation_lanes",
    "allowed_awooop_outputs",
    "policy_items"
  ],
  "properties": {
    "schema_version": {
      "const": "security_rollout_policy_v1"
    },
    "status": {
      "type": "string",
      "enum": ["draft"]
    },
    "default_mode": {
      "type": "string",
      "enum": ["observe"]
    },
    "enforcement_level": {
      "type": "string",
      "enum": ["mirror_only", "read_only_policy", "approval_gate", "enforced"]
    },
    "non_blocking_escalation_lane_count": {
      "type": "integer",
      "minimum": 0
    },
    "non_blocking_escalation_lanes": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "lane_id",
          "display_order",
          "trigger",
          "initial_mode",
          "allowed_action",
          "forbidden_escalation",
          "owner_review_required_before_blocking",
          "runtime_blocking_allowed",
          "awooop_display_mode",
          "not_authorization"
        ],
        "properties": {
          "lane_id": {
            "type": "string"
          },
          "display_order": {
            "type": "integer",
            "minimum": 1
          },
          "trigger": {
            "type": "string"
          },
          "initial_mode": {
            "type": "string",
            "enum": ["observe", "warn"]
          },
          "allowed_action": {
            "type": "string"
          },
          "forbidden_escalation": {
            "type": "string"
          },
          "owner_review_required_before_blocking": {
            "type": "boolean",
            "const": true
          },
          "runtime_blocking_allowed": {
            "type": "boolean",
            "const": false
          },
          "awooop_display_mode": {
            "type": "string",
            "enum": ["display_low_friction_non_blocking_lane_only"]
          },
          "not_authorization": {
            "type": "boolean",
            "const": true
          }
        },
        "additionalProperties": false
      }
    },
    "allowed_awooop_outputs": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "policy_items": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "condition",
          "mode",
          "allowed",
          "forbidden",
          "reason"
        ],
        "properties": {
          "condition": {
            "type": "string"
          },
          "mode": {
            "type": "string",
            "enum": ["observe", "warn", "approve_required", "block_candidate"]
          },
          "allowed": {
            "type": "array",
            "items": {
              "type": "string"
            }
          },
          "forbidden": {
            "type": "array",
            "items": {
              "type": "string"
            }
          },
          "reason": {
            "type": "string"
          }
        },
        "additionalProperties": false
      }
    }
  },
  "additionalProperties": false
}