fix(agent): auto-authorize noncritical alert control
All checks were successful
CD Pipeline / workflow-shape (push) Successful in 1s
CD Pipeline / cancel-stale-cd (push) Has been skipped
CD Pipeline / tests (push) Successful in 2m38s
CD Pipeline / build-and-deploy (push) Successful in 6m58s
CD Pipeline / post-deploy-checks (push) Successful in 1m42s
All checks were successful
CD Pipeline / workflow-shape (push) Successful in 1s
CD Pipeline / cancel-stale-cd (push) Has been skipped
CD Pipeline / tests (push) Successful in 2m38s
CD Pipeline / build-and-deploy (push) Successful in 6m58s
CD Pipeline / post-deploy-checks (push) Successful in 1m42s
This commit is contained in:
@@ -5,8 +5,8 @@ CISO-101: 授權請求與簽核資料模型
|
||||
|
||||
Features:
|
||||
- 狀態機 (PENDING → APPROVED/REJECTED/EXPIRED)
|
||||
- 風險等級判定 (LOW/MEDIUM/CRITICAL)
|
||||
- Multi-Sig 簽核追蹤
|
||||
- 風險等級判定 (LOW/MEDIUM/HIGH/CRITICAL)
|
||||
- Controlled-apply / break-glass 簽核追蹤
|
||||
- Pydantic 強型別驗證
|
||||
"""
|
||||
|
||||
@@ -41,10 +41,9 @@ class RiskLevel(str, Enum):
|
||||
"""
|
||||
風險等級 - 決定所需簽核人數
|
||||
|
||||
- LOW: 0 人,自動放行
|
||||
- MEDIUM: 需 1 人簽核
|
||||
- HIGH: 需 1 人簽核 (信任引擎可降級至 MEDIUM)
|
||||
- CRITICAL: 需 2 人 Multi-Sig 雙重簽核 (永不降級)
|
||||
- LOW/MEDIUM/HIGH: current owner policy 自動授權,後續仍須
|
||||
check-mode、bounded execution、獨立 verifier 與 rollback receipt
|
||||
- CRITICAL: break-glass 人工授權 (永不自動降級)
|
||||
|
||||
變更紀錄:
|
||||
- 2026-03-25: 新增 HIGH (Phase 16 R2 合併自 trust_engine.py)
|
||||
|
||||
Reference in New Issue
Block a user