ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
6a27609875
TenantAtlas/specs/043-cross-tenant-compare-and-promotion/spec.md
Ahmed Darrazi 6a27609875 spec: add inventory specs 039-044
2026-01-07 14:58:39 +01:00

60 lines
2.0 KiB
Markdown
Raw Blame History

# Feature Specification: Cross-tenant Compare and Promotion
**Feature Branch**: `feat/043-cross-tenant-compare-and-promotion`
**Created**: 2026-01-07
**Status**: Draft
## Purpose
Enable safe cross-tenant comparison of inventory and, optionally, controlled promotion workflows.
Comparison is read-only by default. Any write/promotion behavior must be explicitly gated, audited, and separately authorized.
## User Scenarios & Testing
### Scenario 1: Compare two tenants (read-only)
- Given the operator has access to Tenant A and Tenant B
- When they select two tenants and a set of policy types
- Then they can see differences in presence and key metadata
### Scenario 2: Compare with a stable reference
- Given a reference selection scope
- When the operator runs comparison
- Then results are stable and reproducible for that scope
### Scenario 3: Promotion is explicitly gated (optional)
- Given promotion is enabled by policy
- When the operator initiates promotion
- Then the system requires explicit confirmation and records an audit event
## Functional Requirements
- FR1: Support selecting two tenants within authorized scope.
- FR2: Provide read-only diff views based on inventory metadata and stable identifiers.
- FR3: Provide exportable comparison results.
- FR4: If promotion is included:
- require explicit enablement
- require explicit confirmation per operation
- record audit logs
- support dry-run/preview
## Non-Functional Requirements
- NFR1: Enforce tenant isolation and least privilege across tenant selection and data access.
- NFR2: Comparison must not expose secrets or unsafe payload fields.
## Success Criteria
- SC1: Operators can identify which tenant differs for a given policy type in under 2 minutes.
- SC2: Read-only comparisons are reproducible when run again with the same scope.
## Out of Scope
- Bulk remediation without preview/confirmation.
## Related Specs
- Program: `specs/039-inventory-program/spec.md`
- Core: `specs/040-inventory-core/spec.md`
- Drift: `specs/044-drift-mvp/spec.md`
Reference in New Issue View Git Blame Copy Permalink