stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

Repair live watchlist frontdoor routing

Browse Source
This commit is contained in:
master
2026-03-10 00:25:34 +02:00
parent 359fafa9da
commit ac544c0064
11 changed files with 474 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docs/modules/attestor/guides/identity-watchlist.md
View File

@@ -52,10 +52,12 @@ A watchlist entry defines an identity pattern to monitor and alert configuration
| Scope | Description | Who Can Create |
|-------|-------------|----------------|
| `tenant` | Visible only to owning tenant | Any user with `watchlist:write` |
| `global` | Shared across all tenants | Administrators only |
| `tenant` | Visible only to owning tenant | Any user with `trust:write` |
| `global` | Shared across all tenants | Administrators with `trust:admin` |
| `system` | System-managed entries | System only |
Console and frontdoor watchlist flows use the canonical trust scope family: `trust:read`, `trust:write`, and `trust:admin`. Legacy `watchlist:*` aliases remain accepted for older clients, but new integrations should use the trust scopes.
## CLI Usage
### Adding a Watchlist Entry