Platform administration
Manage multi-environment deployments, export pipelines, and operational integrations while keeping resiliency and failover targets intact.
Deployments & resiliency
On-prem + cloud| Environment | Status | Notes |
|---|---|---|
| Production (US-East) | Healthy | Failover ready - 3 zones |
Admin user access control
Invite, assign roles, and govern access| Admin user | Status | Roles | Actions |
|---|---|---|---|
| Loading admin users… | |||
Invite new admin
Creates a Cognito invite and pre-assigns roles. Status updates after first login.
Access control notes
Provisioning
Cognito invite, then role assignment on first login.
Disable/Enable
Immediate revocation of console access.
Reset MFA
Forces credential + MFA reset on next sign-in.
Runtime capability gates
Safe rollback toggles for MRF telemetryIf an MRF change is rolled back, set the related capability to Disabled to prevent UI or data expectations.
Access & role-based control
CSP-grade RBAC templatesRole templates
| Role | Primary scope | Typical capabilities |
|---|---|---|
| Platform Owner | All environments | Full admin, break-glass, approve critical changes |
| Security Admin | Security controls | SSO, MFA, IP allowlists, security tooling |
| Compliance Auditor | Audit + evidence | Read-only audit, export evidence, attestations |
| NOC Operator | Operations | Live monitoring, alert triage, fail-open review |
| Fraud Ops | Whisper + decoy | Adjust thresholds, monitor decoy sessions |
| Policy Admin | Policy bundles | Create/publish policy, manage consent strategy |
| Model Release Manager | Model lifecycle | Approve model rollout/rollback, retrain cadence |
| Forensics Approver | Forensics access | Approve evidence access + exports |
| Forensics Analyst | Investigation | Case review, evidence prep (no publish) |
| Billing Operator | Billing exports | Manage usage export schedules + reconciliation |
| Read-only Observer | Dashboards | View-only access across all sections |
Identity integration
Roles map to Entra ID groups with environment scoping (prod, staging, sandbox). MFA is required for privileged roles with time-bound access for break-glass workflows.
SSO provider
Microsoft Entra ID (SAML/OIDC).
Privileged access
Just-in-time + approval gates.
Access approvals
Two-person review for privileged changes| Target | Role | Requester | Status | Actions |
|---|---|---|---|---|
| No approval requests. | ||||
Commercial telemetry & reconciliation
Usage records, exports, and reconciliationUsage records
| Export | Schedule | Status |
|---|---|---|
| Awaiting data | — | Pending |
Dispute support
Exactly one usage record per call with correlation IDs for audit and reconciliation.
94% exports delivered within SLAUsage record samples
| Call ID | Mode | Duration | Chargeable | Policy bundle | Models |
|---|---|---|---|---|---|
| Awaiting data | — | — | — | — | — |
Deterministic counters
| Counter | Value | Window |
|---|---|---|
| Awaiting data | — | — |
Export destination configuration
Export destinations
| Type | Host | Port | Path | Key path | Username | Auth | Status |
|---|---|---|---|---|---|---|---|
| SFTP | sftp.operator.local | 22 | /exports/openspan | /run/secrets/operator_sftp_key | operator_exports | SSH key | Configured |
Export delivery status
| Export | Scope | Delivery | Status | Time | Detail |
|---|---|---|---|---|---|
| EXP-KPI-20260125-01 | KPIS | SFTP | DELIVERED | 2026-01-25 05:12 | Daily KPI export delivered to operator landing zone. |
Operational integrations
Security + ticketingServiceNow incidents
P1 workflow + escalation SLA tracking.
Tenable Nessus
Weekly vulnerability scans.
SentinelOne
Threat detection + containment.
Security findings & remediation
Vulnerability management| Finding | Severity | Status | SLA |
|---|---|---|---|
| NSS-8821 | High | Remediating | 7 days |