# Strategic Surfaces

This list is the Spec 323 baseline of inventory rows classified as `Strategic Surface`. Priority reflects design urgency, not implementation sequencing.

Priority model:

- P0: customer/operator-critical, dangerous, audit-sensitive, or core first-read surface.
- P1: important product surface that needs a target artifact or explicit product decision before major UI work.
- P2: platform/internal strategic surface that can follow after customer/admin-facing P0/P1 coverage.

## Spec 325 Target Image Selection Overlay

Spec 325 selected 9 P0/P1 surface groups for screenshot-anchored target briefs and dark/light target images. The table below marks selected and deferred decisions without removing or rewriting the original Spec 323 baseline rows.

### Selected For Spec 325 Target Image

| Surface group | Covered strategic rows | Target brief | Target sidecar |
| --- | --- | --- | --- |
| Workspace Overview | UI-001, UI-002 | `target-experience-briefs/workspace-overview.md` | `target-images/target/workspace-overview-target.md` |
| Environment Dashboard | UI-011 | `target-experience-briefs/environment-dashboard.md` | `target-images/target/environment-dashboard-target.md` |
| Operations Hub | UI-016 | `target-experience-briefs/operations-hub.md` | `target-images/target/operations-hub-target.md` |
| Governance Inbox | UI-028 | `target-experience-briefs/governance-inbox.md` | `target-images/target/governance-inbox-target.md` |
| Customer Review Workspace | UI-038 | `target-experience-briefs/customer-review-workspace.md` | `target-images/target/customer-review-workspace-target.md` |
| Audit Log | UI-025 | `target-experience-briefs/audit-log.md` | `target-images/target/audit-log-target.md` |
| Restore Safety Workflow | UI-053, UI-054 | `target-experience-briefs/restore-safety-workflow.md` | `target-images/target/restore-safety-workflow-target.md` |
| Provider Readiness | UI-072, UI-073 | `target-experience-briefs/provider-readiness.md` | `target-images/target/provider-readiness-target.md` |
| Baseline Compare / Drift | UI-061 | `target-experience-briefs/baseline-compare-drift.md` | `target-images/target/baseline-compare-drift-target.md` |

### Deferred By Spec 325

| Deferred rows | Deferral reason | Later coverage |
| --- | --- | --- |
| UI-029, UI-034, UI-036, UI-076 | Governance/detail variants need seeded records after inbox pattern is accepted. | Governance Inbox decision experience and Drift/Baseline decision experience. |
| UI-037, UI-040, UI-042, UI-044, UI-046, UI-048, UI-099 | Evidence/review detail and export surfaces need customer-safe pattern work after the customer workspace and audit anchors. | Evidence and review pack consumption productization. |
| UI-049, UI-051, UI-052 | Backup pages need capability-backed fixtures; restore safety is the first high-risk anchor. | Backup/Restore safety workflow spec. |
| UI-055, UI-057, UI-058, UI-063, UI-069 | Baseline/library/inventory detail pages should follow after baseline compare/drift hierarchy is verified. | Drift/Baseline and inventory proof patterns. |
| UI-007, UI-010, UI-013, UI-014 | Admin/access/onboarding surfaces are important but outside the first target-image wave. | Admin/settings and provider onboarding specs. |
| UI-017, UI-018 | Operation detail and alerting follow the Operations Hub target grammar. | Operations and alerting pattern spec. |
| UI-085, UI-091, UI-094, UI-095, UI-097, UI-098 | System-plane P2 surfaces require separate platform auth/capability fixture. | System-plane controls target spec. |

| Priority | ID | Surface | Route | Why Strategic | Current Risk | Recommended Target Artifact |
| --- | --- | --- | --- | --- | --- | --- |
| P0 | UI-001 | Workspace Overview | `/admin` -> `/admin/workspaces/{workspace}/overview` | First admin landing after login. | Multiple competing next actions. | Individual target mockup. |
| P0 | UI-002 | Workspace Overview Direct | `/admin/workspaces/{workspace}/overview` | Canonical workspace shell route. | Same hierarchy risk as UI-001. | Same target as UI-001. |
| P0 | UI-011 | Environment Dashboard | `/admin/workspaces/{workspace}/environments/{environment}` | Core environment decision page. | Status, evidence, and action priority can blur. | Individual target mockup. |
| P0 | UI-016 | Operations | `/admin/workspaces/{workspace}/operations` | OperationRun control and observability hub. | Diagnostic events can look like governance health. | Individual target mockup plus status grammar. |
| P0 | UI-025 | Audit Log | `/admin/audit-log` | Auditability proof surface. | Raw logs can overpower decision context. | Evidence/audit target pattern. |
| P0 | UI-026 | Finding Exceptions Queue | `/admin/finding-exceptions/queue` | Accepted-risk work queue. | Risk acceptance can feel like routine list handling. | Individual accepted-risk target. |
| P0 | UI-028 | Governance Inbox | `/admin/governance/inbox` | Strategic operator inbox. | Needs sharp ownership and next-action hierarchy. | Individual target mockup. |
| P0 | UI-029 | Decision Register | `/admin/governance/decisions` | Decision/proof register. | Evidence links and decision status need clarity. | Individual target mockup. |
| P0 | UI-034 | Finding Detail | `/admin/workspaces/{workspace}/environments/{environment}/findings/{record}` | Core triage detail. | Not browser-reviewed; ownership/close/risk actions unknown. | Individual detail mockup. |
| P0 | UI-036 | Exception Detail | `/admin/workspaces/{workspace}/environments/{environment}/finding-exceptions/{record}` | Accepted-risk detail. | Expiry, approver, and audit trail need strong hierarchy. | Individual detail mockup. |
| P0 | UI-038 | Customer Review Workspace | `/admin/reviews/workspace` | Customer/auditor-facing workspace. | Customer-safe language and proof context are critical. | Individual target mockup. |
| P0 | UI-049 | Backup Schedules | `/admin/workspaces/{workspace}/environments/{environment}/backup-schedules` | Backup readiness and schedule safety. | Run/retry controls are high impact. | Backup pattern target. |
| P0 | UI-051 | Backup Sets | `/admin/workspaces/{workspace}/environments/{environment}/backup-sets` | Restore-point truth and recovery evidence. | Spec 371 adds seeded browser proof for list/detail; richer failure/create states remain separate. | Keep restore execution and backup creation targets separate. |
| P0 | UI-053 | Restore Runs | `/admin/workspaces/{workspace}/environments/{environment}/restore-runs` | Restore execution history. | Browser blocked; destructive workflow context unknown. | Individual restore target with fixture. |
| P0 | UI-054 | Restore Run Create/View | `/admin/workspaces/{workspace}/environments/{environment}/restore-runs/create` and `/view` | High-impact restore workflow. | Dry-run, confirmation, partial restore, and audit UX need proof. | Restore workflow target. |
| P0 | UI-055 | Baseline Profiles | `/admin/baseline-profiles` | Baseline source of governance truth. | Assignment/capture/compare semantics need hierarchy. | Drift/diff target pattern. |
| P0 | UI-061 | Baseline Compare | `/admin/workspaces/{workspace}/environments/{environment}/baseline-compare` | Environment drift decision page. | Browser blocked/404 in fixture. | Individual compare target with seeded state. |
| P0 | UI-072 | Provider Connections | `/admin/provider-connections` | Credential and provider health surface. | Permission/connection truth must be trusted. | Individual integration target. |
| P0 | UI-073 | Create Provider Connection | `/admin/provider-connections/create` | Consent/credential setup. | Least-privilege, scopes, and handoff copy need review. | Provider onboarding target. |
| P1 | UI-007 | Manage Workspaces | `/admin/workspaces` | Workspace administration and membership entry point. | RBAC and entitlement language not browser-reviewed. | Workspace admin target. |
| P1 | UI-010 | Managed Environments | `/admin/workspaces/{workspace}/environments` | Environment portfolio entry point. | Needs portfolio-level status and context. | Environment portfolio target. |
| P1 | UI-013 | Environment Access Scopes | `/admin/workspaces/{workspace}/environments/{environment}/access-scopes` | Environment RBAC surface. | Access changes need confirmation/audit treatment. | Access-control target. |
| P1 | UI-014 | Environment Onboarding | `/admin/onboarding` | Provider/environment setup wizard. | Long workflow and provider scopes need productization. | Wizard target. |
| P1 | UI-017 | Operation Detail | `/admin/workspaces/{workspace}/operations/{run}` | OperationRun proof and diagnostics. | Dynamic record state not reviewed. | Operation detail pattern. |
| P1 | UI-018 | Alerts | `/admin/alerts` | Alerting entry point. | Cluster redirects to delivery list; target hierarchy unclear. | Monitoring pattern target. |
| P1 | UI-037 | Review Register | `/admin/reviews` | Review planning and proof register. | Needs timeline and customer/auditor framing. | Review pattern target. |
| P1 | UI-040 | Environment Review Detail | `/admin/workspaces/{workspace}/environments/{environment}/environment-reviews/{record}` | Customer/auditor review detail. | Dynamic detail not reviewed. | Review detail target. |
| P1 | UI-042 | Review Pack Detail | `/admin/workspaces/{workspace}/environments/{environment}/review-packs/{record}` | Export/evidence artifact detail. | Export context and proof trust need review. | Review-pack target. |
| P1 | UI-099 | Rendered Review Report | `/admin/review-packs/{reviewPack}/report` | Signed stakeholder report derived from the current review-pack contract. | New read-first route needs browser evidence and hierarchy validation. | Rendered-report target. |
| P1 | UI-044 | Evidence Overview | `/admin/evidence/overview` | Workspace-wide evidence landing. | Not captured; evidence taxonomy unknown. | Evidence overview target. |
| P1 | UI-046 | Evidence Snapshot Detail | `/admin/workspaces/{workspace}/environments/{environment}/evidence/{record}` | Raw/support evidence detail. | Raw data exposure risk. | Evidence detail pattern. |
| P1 | UI-048 | Stored Report Detail | `/admin/workspaces/{workspace}/environments/{environment}/stored-reports/{record}` | Customer-readable report artifact. | Claims, freshness, and export context need review. | Stored report target. |
| P1 | UI-052 | Backup Set Create/View | `/admin/workspaces/{workspace}/environments/{environment}/backup-sets/create` and `/view` | Backup creation and restore-point detail. | Safety and proof state not reviewed. | Backup workflow target. |
| P1 | UI-057 | Baseline Profile Detail/Edit | `/admin/baseline-profiles/{record}` and `/edit` | Baseline capture/edit detail. | Capture/compare actions need dangerous-action treatment. | Baseline detail target. |
| P1 | UI-058 | Baseline Compare Matrix | `/admin/baseline-profiles/{record}/compare-matrix` | Cross-baseline comparison. | Matrix hierarchy and evidence gaps unknown. | Compare matrix target. |
| P1 | UI-063 | Inventory Coverage | `/admin/workspaces/{workspace}/environments/{environment}/inventory/inventory-coverage` | Evidence confidence gate. | Coverage truth and unknown states need target grammar. | Inventory coverage target. |
| P1 | UI-069 | Policy Version Detail | `/admin/workspaces/{workspace}/environments/{environment}/policy-versions/{record}` | Immutable snapshot/diff proof. | Snapshot/diff detail not reviewed. | Policy version target. |
| P1 | UI-074 | Provider Connection Detail/Edit | `/admin/provider-connections/{record}` and `/edit` | Provider health and permission detail. | Raw/diagnostic data can dominate. | Integration detail target. |
| P1 | UI-076 | Cross Environment Compare | `/admin/cross-environment-compare` | Portfolio drift/promotion comparison. | Environment scoping and result hierarchy unknown. | Cross-environment target. |
| P2 | UI-085 | System Dashboard | `/system` | Platform control tower. | Separate guard/capability state not reviewed. | System-plane dashboard target. |
| P2 | UI-091 | Operational Controls | `/system/ops/controls` | Platform-wide operational control surface. | High-impact controls need confirmation grammar. | System controls pattern. |
| P2 | UI-094 | System Operations | `/system/ops/runs` | Platform operation monitor. | System-plane status grammar not reviewed. | System operations pattern. |
| P2 | UI-095 | System Operation Detail | `/system/ops/runs/{run}` | Platform run detail and controls. | Dynamic record state not reviewed. | System operation detail target. |
| P2 | UI-097 | Repair Workspace Owners | `/system/repair-workspace-owners` | Break-glass ownership repair. | High-impact repair action needs strict confirmation. | Break-glass target. |
| P2 | UI-098 | Access Logs | `/system/security/access-logs` | Platform access audit. | Access-log evidence hierarchy not reviewed. | System audit target. |