generated from coulomb/repo-seed
36 lines
862 B
Markdown
36 lines
862 B
Markdown
# Policy-Aware Review Workflow
|
|
|
|
```yaml workflow
|
|
metadata:
|
|
id: policy-aware-review
|
|
intent:
|
|
summary: Declare enterprise identity and policy mapping for a review workflow.
|
|
inputs:
|
|
note:
|
|
file: ../policy/private/internal-note.md
|
|
selector: sections[heading=Decision]
|
|
steps:
|
|
shape:
|
|
kind: shape
|
|
data:
|
|
note: ${sources.note.items}
|
|
outputs:
|
|
review:
|
|
path: out/policy-aware-review.md
|
|
content: ${steps.shape.value.note}
|
|
permissions:
|
|
policy:
|
|
subject_from_token: examples/policy/netkingdom-claims.yaml
|
|
policy_map: examples/policy/enterprise-policy-map.yaml
|
|
required_assurance:
|
|
mfa: true
|
|
decision_log: .markitect/policy-decisions.jsonl
|
|
flex_auth:
|
|
resource_manifest: examples/policy/flex-auth-resource-manifest.yaml
|
|
responsibilities:
|
|
system:
|
|
enforces_policy: true
|
|
human:
|
|
reviews_denials: true
|
|
```
|