mtkell
/
kell_creations
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
kell_creations/architecture/workspace/enterprise-identity-access-...

63 lines
3.5 KiB
Plaintext
Raw Blame History

@startuml
!include https://raw.githubusercontent.com/plantuml-stdlib/C4-PlantUML/master/C4_Container.puml
LAYOUT_WITH_LEGEND()
title Kell Creations - Enterprise Identity & Access Architecture
Person(owner, "Business Owner", "Full business governance and administrative authority")
Person(staff, "Operations Staff", "Daily operational user with limited business-role access")
System_Boundary(platform, "Kell Creations Platform") {
Container(auth, "Authentication Service", "Identity Service", "Central authentication, session management, identity verification, and role enforcement")
Container(rbac, "Authorization & Role Policy", "Policy Service", "Defines roles, permissions, and access rules across applications and services")
Container(audit, "Audit & Logging Service", "Observability Service", "Captures authentication events, authorization decisions, and administrative actions")
Container(api, "API Orchestrator", "Integration Service", "Validates identity and enforces access on service-to-service and external integration calls")
Container(inventory, "Inventory Application", "Business Application", "Inventory operations with role-based access controls")
Container(social, "Social Media Management", "Business Application", "Campaign and publishing operations with role-based access controls")
Container(wpmanage, "WordPress Management", "Business Application", "Site administration and publishing management with controlled privileges")
Container(mrp, "Craft Manufacturing / MRP", "Business Application", "Production, BOM, and work-order operations with role-based access controls")
Container(finance, "Financial Analysis", "Business Application", "Reporting and financial analysis with restricted access")
Container(policyrepo, "Policy Repository", "Document Service", "Controlled access to policies, procedures, and governance records")
}
System_Ext(mail, "Mail Server", "mail.kellcreations.com")
System_Ext(wordpress, "WordPress", "www.kellcreations.com")
System_Ext(git, "Forgejo Git", "git.kellsupport.com")
System_Ext(n8n, "n8n", "Automation and workflow engine")
Rel(owner, auth, "Authenticates through")
Rel(staff, auth, "Authenticates through")
Rel(auth, rbac, "Evaluates roles and permissions through")
Rel(auth, audit, "Logs authentication events to")
Rel(inventory, auth, "Authenticates and validates access through")
Rel(social, auth, "Authenticates and validates access through")
Rel(wpmanage, auth, "Authenticates and validates access through")
Rel(mrp, auth, "Authenticates and validates access through")
Rel(finance, auth, "Authenticates and validates access through")
Rel(policyrepo, auth, "Authenticates and validates access through")
Rel(inventory, rbac, "Uses role policies from")
Rel(social, rbac, "Uses role policies from")
Rel(wpmanage, rbac, "Uses role policies from")
Rel(mrp, rbac, "Uses role policies from")
Rel(finance, rbac, "Uses role policies from")
Rel(policyrepo, rbac, "Uses role policies from")
Rel(api, auth, "Validates identity through")
Rel(api, rbac, "Enforces service and integration permissions through")
Rel(api, audit, "Logs access events to")
Rel(wpmanage, wordpress, "Administers and synchronizes with")
Rel(api, n8n, "Applies controlled integration access to")
Rel(policyrepo, git, "Controls governed document access to")
Rel(auth, mail, "Sends authentication and approval notifications through")
Rel(rbac, audit, "Logs policy decisions to")
Rel(policyrepo, audit, "Logs document access and approvals to")
Rel(finance, audit, "Logs privileged access to")
@enduml
Reference in New Issue View Git Blame Copy Permalink