generated from coulomb/repo-seed
113 lines
2.9 KiB
YAML
113 lines
2.9 KiB
YAML
id: small-saas
|
|
kind: profile
|
|
profile: small-saas
|
|
title: Small SaaS System Profile
|
|
scope: A compact tenant-aware SaaS service with users, teams, data, access, deployment, governance evidence, and incident handling.
|
|
status: proof
|
|
conformance_level: profile-proof
|
|
assumptions:
|
|
- The SaaS product has a single service boundary and two example tenants.
|
|
- Tenants are separated by namespace and data partitioning claims.
|
|
- User management is represented through users, teams, access grants, policies, controls, and evidence.
|
|
- Runtime concerns are represented by one production deployment.
|
|
required_standards:
|
|
- kernel/itc-core
|
|
- model/landscape
|
|
- model/organization
|
|
- model/governance
|
|
- model/task
|
|
- model/access-control
|
|
- model/security
|
|
- model/data
|
|
- model/devsecops
|
|
- model/network
|
|
- model/observability
|
|
- standard/tagging
|
|
- standard/caring
|
|
required_concepts:
|
|
service:
|
|
status: required
|
|
model: model/landscape
|
|
system:
|
|
status: required
|
|
model: model/landscape
|
|
tenant:
|
|
status: required
|
|
model: model/organization
|
|
user:
|
|
status: required
|
|
model: model/organization
|
|
team:
|
|
status: required
|
|
model: model/organization
|
|
dataset:
|
|
status: required
|
|
model: model/data
|
|
deployment:
|
|
status: required
|
|
model: model/devsecops
|
|
task:
|
|
status: required
|
|
model: model/task
|
|
policy:
|
|
status: required
|
|
model: model/governance
|
|
control:
|
|
status: required
|
|
model: model/security
|
|
evidence:
|
|
status: required
|
|
model: model/observability
|
|
incident:
|
|
status: required
|
|
model: model/security
|
|
optional_concepts:
|
|
billing-plan:
|
|
status: optional
|
|
model: model/data
|
|
notification:
|
|
status: optional
|
|
model: model/observability
|
|
out_of_scope:
|
|
- multi-region disaster recovery
|
|
- tenant-managed encryption keys
|
|
- marketplace billing integrations
|
|
artifact_ids:
|
|
- profile/small-saas
|
|
- small-saas/service/billing-portal
|
|
- small-saas/system/billing-system
|
|
- small-saas/tenant/acme
|
|
- small-saas/tenant/globex
|
|
- small-saas/user/ada-admin
|
|
- small-saas/team/platform
|
|
- small-saas/dataset/subscription-ledger
|
|
- small-saas/deployment/production
|
|
- small-saas/task/onboard-tenant
|
|
- small-saas/policy/tenant-isolation
|
|
- small-saas/control/namespace-per-tenant
|
|
- small-saas/evidence/access-review-2026-05
|
|
- small-saas/incident/cross-tenant-access-attempt
|
|
validation_rules:
|
|
required_artifact_kinds:
|
|
- service
|
|
- system
|
|
- tenant
|
|
- user
|
|
- team
|
|
- dataset
|
|
- deployment
|
|
- task
|
|
- policy
|
|
- control
|
|
- evidence
|
|
- incident
|
|
service_ownership: required
|
|
tenant_namespace_separation: required
|
|
user_management_trace: required
|
|
access_control_trace: required
|
|
governance_evidence: required
|
|
demo_commands:
|
|
- PYTHONPATH=src python3 -m info_tech_canon profile inspect small-saas
|
|
- PYTHONPATH=src python3 -m info_tech_canon profile validate small-saas
|
|
- PYTHONPATH=src python3 -m info_tech_canon profile graph small-saas
|