7503c19b8f
- Implemented comprehensive tests for verdict artifact generation to ensure deterministic outputs across various scenarios, including identical inputs, parallel execution, and change ordering. - Created helper methods for generating sample verdict inputs and computing canonical hashes. - Added tests to validate the stability of canonical hashes, proof spine ordering, and summary statistics. - Introduced a new PowerShell script to update SHA256 sums for files, ensuring accurate hash generation and file integrity checks.
1.4 KiB
1.4 KiB
Console Tenant Administration
This document describes tenant administration workflows in the Console: creating tenants, managing access, and operating safely in multi-tenant deployments.
Tenant Lifecycle
Typical tenant operations:
- Create and deactivate tenants
- Configure tenant identity and display attributes (name, tags)
- Review tenant-level configuration and capabilities (feature exposure is configuration-driven)
Access Control
Tenant administration typically includes:
- Role assignment (who can operate vs approve vs audit)
- Scope allocation (what each role is allowed to do)
- Optional ABAC filters (environment/project constraints)
See:
docs/security/scopes-and-roles.mddocs/security/tenancy-overview.mddocs/architecture/console-admin-rbac.md
Safety and Auditability
- All admin actions must be auditable (who, what, when, tenant).
- Prefer reversible operations:
- deactivate instead of delete
- rotate credentials instead of reusing
- Make tenant context explicit in the UI to avoid cross-tenant mistakes.
Offline / Air-Gap Notes
- Admin actions should remain available in sealed-mode, but any import/export should be explicit and verified.
- When operating from Offline Kit snapshots, show snapshot identity and staleness for admin-relevant views (feeds, policies, issuer trust).
References
- Console operator guide:
docs/15_UI_GUIDE.md - Offline Kit:
docs/24_OFFLINE_KIT.md