Policies | Flow Beacon

📄️AC-1: RBAC Posture

Check whether automation ownership and access boundaries are clear enough to support accountability.

Check whether automation connections appear limited to the access they actually need.

Encourage automation designs that are easier to maintain, review, and safely change.

Highlight automations with broad external dependency footprints that may be harder to operate reliably.

Highlight automations that have grown too complex for safe day-to-day maintenance.

Check whether automations rely on supported, appropriate modules and approved connector choices.

Encourage automations to preserve failed work for investigation and recovery instead of dropping it.

Encourage budgets and cost guardrails so automation usage does not drift without visibility.

Check whether automations validate important data before sending it to business systems.

Check whether automations handle data-related failures in a controlled, recoverable way.

Highlight automations that may be vulnerable to schema or mapping changes.

Check whether important automation failures can notify the right people quickly.

Encourage logging and observability so teams can troubleshoot issues and retain useful history.

Highlight OAuth connections that may stop working because token maintenance is not in place.

Encourage regular credential rotation to reduce long-lived exposure.

Check whether public inbound automation endpoints require authentication.

Detect signs that secrets may be stored directly in automation configuration.

Identify additional signs that sensitive values may be exposed or stored unsafely.

Highlight automations with recurring failure activity that may not be well contained.

Check whether automation network traffic uses encrypted transport.

Check whether automations validate and sanitize untrusted input before acting on it.