Add enterprise audit logging and compliance architecture
Publish Docs / publish-docs (push) Successful in 18s
Details
Publish Docs / publish-docs (push) Successful in 18s
Details
This commit is contained in:
parent
1abd605f82
commit
4a575e506f
|
|
@ -0,0 +1,56 @@
|
||||||
|
@startuml
|
||||||
|
!include https://raw.githubusercontent.com/plantuml-stdlib/C4-PlantUML/master/C4_Container.puml
|
||||||
|
|
||||||
|
LAYOUT_WITH_LEGEND()
|
||||||
|
|
||||||
|
title Kell Creations - Enterprise Audit, Logging & Compliance Architecture
|
||||||
|
|
||||||
|
Person(owner, "Business Owner", "Reviews business activity, privileged actions, and compliance evidence")
|
||||||
|
Person(staff, "Operations Staff", "Performs operational actions that require traceability")
|
||||||
|
|
||||||
|
System_Boundary(platform, "Kell Creations Platform") {
|
||||||
|
Container(audit, "Audit & Logging Service", "Observability Service", "Collects audit records, operational logs, workflow traces, and compliance-relevant events")
|
||||||
|
Container(evidence, "Compliance Evidence Repository", "Evidence Store", "Stores retained audit outputs, review records, approval evidence, and compliance artifacts")
|
||||||
|
Container(policyrepo, "Policy Repository", "Document Service", "Maintains policies, procedures, standards, reviews, and controlled records")
|
||||||
|
Container(auth, "Authentication Service", "Identity Service", "Generates authentication, session, and privileged access events")
|
||||||
|
Container(rbac, "Authorization & Role Policy", "Policy Service", "Generates role enforcement and access decision events")
|
||||||
|
Container(api, "API Orchestrator", "Integration Service", "Generates service-to-service and external integration audit events")
|
||||||
|
Container(n8nflow, "Workflow Orchestration", "Automation Service", "Generates workflow execution, approval, and automation trace records")
|
||||||
|
Container(notify, "Notification Service", "Messaging Service", "Generates delivery and notification activity records")
|
||||||
|
|
||||||
|
Container(inventory, "Inventory Application", "Business Application", "Generates operational stock, adjustment, and reporting events")
|
||||||
|
Container(social, "Social Media Management", "Business Application", "Generates publishing, campaign, and engagement workflow events")
|
||||||
|
Container(wpmanage, "WordPress Management", "Business Application", "Generates site administration, publishing, and synchronization events")
|
||||||
|
Container(mrp, "Craft Manufacturing / MRP", "Business Application", "Generates production, BOM, work-order, and fulfillment events")
|
||||||
|
Container(finance, "Financial Analysis", "Business Application", "Generates reporting, analysis, and privileged access events")
|
||||||
|
}
|
||||||
|
|
||||||
|
System_Ext(mail, "Mail Server", "mail.kellcreations.com")
|
||||||
|
System_Ext(wordpress, "WordPress", "www.kellcreations.com")
|
||||||
|
System_Ext(git, "Forgejo Git", "git.kellsupport.com")
|
||||||
|
|
||||||
|
Rel(owner, evidence, "Reviews retained evidence in")
|
||||||
|
Rel(owner, audit, "Reviews audit trails in")
|
||||||
|
Rel(staff, auth, "Generates authentication events through")
|
||||||
|
|
||||||
|
Rel(auth, audit, "Sends authentication and session events to")
|
||||||
|
Rel(rbac, audit, "Sends authorization and role decision events to")
|
||||||
|
Rel(api, audit, "Sends integration events to")
|
||||||
|
Rel(n8nflow, audit, "Sends workflow trace events to")
|
||||||
|
Rel(notify, audit, "Sends notification activity events to")
|
||||||
|
|
||||||
|
Rel(inventory, audit, "Sends inventory activity events to")
|
||||||
|
Rel(social, audit, "Sends publishing and campaign events to")
|
||||||
|
Rel(wpmanage, audit, "Sends site administration and publish events to")
|
||||||
|
Rel(mrp, audit, "Sends production and fulfillment events to")
|
||||||
|
Rel(finance, audit, "Sends reporting and privileged access events to")
|
||||||
|
Rel(policyrepo, audit, "Sends document access, review, and approval events to")
|
||||||
|
|
||||||
|
Rel(audit, evidence, "Stores retained compliance evidence in")
|
||||||
|
Rel(policyrepo, evidence, "Stores approved governance records in")
|
||||||
|
Rel(policyrepo, git, "Stores controlled source and change history in")
|
||||||
|
|
||||||
|
Rel(notify, mail, "Sends workflow and approval messages through")
|
||||||
|
Rel(api, wordpress, "Logs synchronized external publishing activity with")
|
||||||
|
|
||||||
|
@enduml
|
||||||
|
|
@ -0,0 +1,42 @@
|
||||||
|
# Enterprise Audit, Logging & Compliance Architecture
|
||||||
|
|
||||||
|
This diagram shows the shared audit, logging, traceability, and compliance-evidence architecture for the Kell Creations platform.
|
||||||
|
|
||||||
|
## Purpose
|
||||||
|
|
||||||
|
This view defines how the platform captures operational events, privileged actions, workflow traces, policy activity, and retained compliance evidence across business applications and shared services.
|
||||||
|
|
||||||
|
## Diagram Source
|
||||||
|
|
||||||
|
The source for this diagram is maintained as architecture code in:
|
||||||
|
|
||||||
|
`architecture/workspace/enterprise-audit-logging-compliance-architecture.puml`
|
||||||
|
|
||||||
|
## Included Shared Audit and Compliance Services
|
||||||
|
|
||||||
|
- Audit & Logging Service
|
||||||
|
- Compliance Evidence Repository
|
||||||
|
- Policy Repository
|
||||||
|
- Authentication Service
|
||||||
|
- Authorization & Role Policy
|
||||||
|
- API Orchestrator
|
||||||
|
- Workflow Orchestration
|
||||||
|
- Notification Service
|
||||||
|
|
||||||
|
## Connected Business Applications
|
||||||
|
|
||||||
|
- Inventory Application
|
||||||
|
- Social Media Management
|
||||||
|
- WordPress Management
|
||||||
|
- Craft Manufacturing / MRP
|
||||||
|
- Financial Analysis
|
||||||
|
|
||||||
|
## Connected External Systems
|
||||||
|
|
||||||
|
- Mail Server at `mail.kellcreations.com`
|
||||||
|
- WordPress at `www.kellcreations.com`
|
||||||
|
- Forgejo Git at `git.kellsupport.com`
|
||||||
|
|
||||||
|
## Notes
|
||||||
|
|
||||||
|
This architecture establishes the enterprise model for traceability, retained evidence, privileged activity logging, workflow audit trails, policy governance records, and future compliance support. Future application and component designs should align to this audit and evidence pattern so that accountability, reviewability, and operational traceability remain consistent across the Kell Creations platform.
|
||||||
|
|
@ -41,6 +41,7 @@ nav:
|
||||||
- Enterprise Data Architecture: "architecture/containers/enterprise-data-architecture.md"
|
- Enterprise Data Architecture: "architecture/containers/enterprise-data-architecture.md"
|
||||||
- Enterprise Identity & Access Architecture: "architecture/containers/enterprise-identity-access-architecture.md"
|
- Enterprise Identity & Access Architecture: "architecture/containers/enterprise-identity-access-architecture.md"
|
||||||
- Enterprise Integration & Orchestration Architecture: "architecture/containers/enterprise-integration-orchestration-architecture.md"
|
- Enterprise Integration & Orchestration Architecture: "architecture/containers/enterprise-integration-orchestration-architecture.md"
|
||||||
|
- Enterprise Audit, Logging & Compliance Architecture: "architecture/containers/enterprise-audit-logging-compliance-architecture.md"
|
||||||
- Components:
|
- Components:
|
||||||
- Inventory Components: "architecture/components/inventory.md"
|
- Inventory Components: "architecture/components/inventory.md"
|
||||||
- Deployment:
|
- Deployment:
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue