Agentic AI Atlas

II.
Workflow JSON
workflow:access-control-audit
Structured · live
Access Control Audit json

Inspect the normalized record payload exactly as the atlas UI reads it.
File · workflows/workflows/workflows-compliance.yamlCluster · workflows
Record JSON
{
  "id": "workflow:access-control-audit",
  "_kind": "Workflow",
  "_file": "workflows/workflows/workflows-compliance.yaml",
  "_cluster": "workflows",
  "attributes": {
    "displayName": "Access Control Audit",
    "workflowKind": "security",
    "triggerType": "scheduled",
    "typicalCadence": "quarterly",
    "complexity": "cross-team",
    "description": "Reviews and validates access permissions across systems — IAM policies,\nRBAC roles, service account privileges, and data access grants — removing\nstale access and enforcing least-privilege principles. Excludes initial access provisioning.\n"
  },
  "outgoingEdges": [
    {
      "from": "workflow:access-control-audit",
      "to": "role:security-reviewer",
      "kind": "involves_role",
      "attributes": {}
    },
    {
      "from": "workflow:access-control-audit",
      "to": "role:platform-engineer",
      "kind": "involves_role",
      "attributes": {}
    },
    {
      "from": "workflow:access-control-audit",
      "to": "role:engineering-manager",
      "kind": "involves_role",
      "attributes": {}
    },
    {
      "from": "workflow:access-control-audit",
      "to": "skill-area:k8s-rbac",
      "kind": "requires_skill_area",
      "attributes": {}
    },
    {
      "from": "workflow:access-control-audit",
      "to": "skill-area:oauth-flows",
      "kind": "requires_skill_area",
      "attributes": {}
    },
    {
      "from": "workflow:access-control-audit",
      "to": "domain:security",
      "kind": "applies_to_domain",
      "attributes": {}
    },
    {
      "from": "workflow:access-control-audit",
      "to": "domain:cybersecurity",
      "kind": "applies_to_domain",
      "attributes": {}
    },
    {
      "from": "workflow:access-control-audit",
      "to": "responsibility:security-review",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:access-control-audit",
      "to": "responsibility:threat-modeling",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:access-control-audit",
      "to": "org-unit:security-team",
      "kind": "performed_by_org_unit",
      "attributes": {}
    },
    {
      "from": "workflow:access-control-audit",
      "to": "org-unit:application-security-team",
      "kind": "performed_by_org_unit",
      "attributes": {}
    }
  ],
  "incomingEdges": [
    {
      "from": "stack-profile:compliance-audit-trail",
      "to": "workflow:access-control-audit",
      "kind": "follows_workflow"
    },
    {
      "from": "stack-profile:identity-governance",
      "to": "workflow:access-control-audit",
      "kind": "follows_workflow"
    },
    {
      "from": "tool:onelogin",
      "to": "workflow:access-control-audit",
      "kind": "supports_work",
      "attributes": {
        "confidence": "high",
        "evidence": "Identity and SSO configuration are direct access-control audit projection points."
      }
    },
    {
      "from": "tool-server:mcp-onelogin-candidate",
      "to": "workflow:access-control-audit",
      "kind": "supports_work",
      "attributes": {
        "confidence": "high",
        "evidence": "SSO and directory data are direct access-control audit evidence."
      }
    }
  ]
}