跳转至

Security and governance(安全与治理)

Security and governance are built into AI FDE, since it operates entirely under your identity and permissions. AI FDE is not a separate service account or bot; it acts on your behalf using your existing Foundry session. Every action it takes is subject to the same permission checks, governance controls, and audit logging as any manual action you perform in Foundry.

Scoped to your permissions

When you use AI FDE, all operations are executed using your authenticated Foundry session. There is no separate credential, service account, or escalated privilege involved.

AI FDE operates under the same permission constraints as your user account:

  • If you do not have permission to create a repository, neither does AI FDE.
  • If you cannot edit an object type or execute an action, neither can AI FDE.
  • Permission errors are identical to what you would see if you performed the same operation manually.

This applies to all capabilities, including OSDK application creation, ontology edits, dataset builds, and code repository operations.

User approval for sensitive actions

Beyond server-side permission enforcement, AI FDE implements a tool approval system that requires explicit user confirmation before executing mutating operations. Defaults are maximally conservative; nothing that could impact production workflows is auto-approved. You can also approve specific tools for the duration of a session, scoped to a branch or project where relevant.

Category Examples
Requires approval every time Executing ontology actions, creating applications or widgets, publishing, or creating tags.
Branch-aware approval File edits and dataset builds auto-approve on feature branches, but require approval on protected branches.
Auto-approved Read-only operations such as searching and reading definitions.

You remain in control of what the agent does. AI FDE cannot perform write operations without your consent, whether consent is given per-action or granted upfront for the session.

Session access and security

Each AI FDE session is only accessible to the user who created it. Sessions cannot be shared with or accessed by other users.

When a new session is created, the markings you have access to are applied to that session. If you lose access to a marking that was applied to a session, access to the session will be lost. Regaining access to the marking will restore access to the session.

Audit logging and attribution

All activity is fully auditable through standard Foundry audit logs. Because every API call carries your identity, Foundry's platform-level audit logging captures all operations attributed to you, exactly as it would for manual actions. This includes repository operations, ontology changes, dataset builds, and all other platform interactions.

LLM usage is also attributed to your individual user identity, ensuring that usage tracking and rate limiting apply per user.

Key takeaways

Control Description
Identity All actions are performed on your behalf using your credentials. There is no service account or separate identity.
Permissions Standard Foundry permissions are enforced server-side on every operation.
User approval Mutating actions require user consent, either confirmed per-action or through session-level pre-approval scoped to a branch or project.
Session access Sessions are only accessible to user who created it and secured by the user's markings.
Audit trail Logging through both AI FDE session logs and standard Foundry audit logs are fully in effect.
LLM attribution Model usage is tracked to your individual account.
Governance Existing Foundry governance including permissions, branching controls, and audits apply without exception.

AI FDE is a productivity tool within your existing Foundry session and cannot exceed your permissions. All actions are logged under your identity, and the standard governance model applies in full effect.


中文翻译

安全与治理

安全与治理已内置于 AI FDE 中,因为它完全在您的身份和权限下运行。AI FDE 并非独立的服务账户或机器人;它使用您现有的 Foundry 会话代表您执行操作。它所执行的每一项操作都受到与您在 Foundry 中手动执行操作相同的权限检查、治理控制和审计日志记录。

受限于您的权限

当您使用 AI FDE 时,所有操作均使用您经过身份验证的 Foundry 会话执行。不涉及任何独立的凭证、服务账户或提升的权限。

AI FDE 在您用户账户相同的权限约束下运行:

  • 如果您没有创建仓库的权限,AI FDE 也没有。
  • 如果您无法编辑对象类型或执行操作,AI FDE 也无法执行。
  • 权限错误与您手动执行相同操作时看到的完全一致。

这适用于所有功能,包括 OSDK 应用程序创建、本体编辑、数据集构建和代码仓库操作。

敏感操作用户审批

除了服务器端权限强制执行外,AI FDE 还实现了一个工具审批系统,要求在执行变更操作前获得用户明确确认。默认设置最为保守;任何可能影响生产工作流的操作都不会自动批准。您还可以在会话期间批准特定工具,并视情况限定到特定分支或项目。

类别 示例
每次均需审批 执行本体操作、创建应用程序或小部件、发布或创建标签。
分支感知审批 文件编辑和数据集构建在功能分支上自动批准,但在受保护分支上需要审批。
自动批准 只读操作,如搜索和读取定义。

您始终掌控代理的行为。未经您的同意,AI FDE 无法执行写入操作,无论同意是针对每次操作授予,还是预先为整个会话授予。

会话访问与安全

每个 AI FDE 会话仅对创建它的用户可访问。会话无法与其他用户共享或由其他用户访问。

创建新会话时,您有权访问的标记(markings)将应用于该会话。如果您失去对应用于会话的某个标记的访问权限,则对该会话的访问权限也将丢失。重新获得对该标记的访问权限将恢复对会话的访问。

审计日志与归属

所有活动均可通过标准的 Foundry 审计日志进行完全审计。由于每个 API 调用都携带您的身份,Foundry 的平台级审计日志会记录归属于您的所有操作,与手动操作完全相同。这包括仓库操作、本体更改、数据集构建以及所有其他平台交互。

LLM 的使用也归属于您个人用户身份,确保使用跟踪和速率限制按用户应用。

关键要点

控制项 描述
身份 所有操作均使用您的凭证代表您执行。不存在服务账户或独立身份。
权限 标准 Foundry 权限在每次操作时均在服务器端强制执行。
用户审批 变更操作需要用户同意,可通过每次操作确认,或通过限定到分支或项目的会话级预授权。
会话访问 会话仅对创建它的用户可访问,并通过用户的标记进行保护。
审计追踪 通过 AI FDE 会话日志和标准 Foundry 审计日志进行的日志记录完全生效。
LLM 归属 模型使用情况跟踪到您的个人账户。
治理 现有的 Foundry 治理(包括权限、分支控制和审计)无一例外地适用。

AI FDE 是您现有 Foundry 会话中的生产力工具,不能超越您的权限。所有操作均在您的身份下记录,标准治理模型完全生效。