AIAnalysis Approval Policy¶
The AIAnalysis controller uses a Rego policy to determine whether a proposed remediation requires human approval. This page documents the policy schema, input contract, and customization.
Overview¶
| Property | Value |
|---|---|
| ConfigMap name | aianalysis-policies |
| Key | approval.rego |
| Mount path | /etc/aianalysis/policies/ |
| Required | Yes -- chart fails at install if neither policies.content nor policies.existingConfigMap is set |
Provisioning¶
Option A: Inline content via --set-file (recommended)¶
helm install kubernaut charts/kubernaut/ \
--set-file aianalysis.policies.content=my-approval.rego \
...
Option B: Pre-existing ConfigMap¶
kubectl create configmap aianalysis-policies \
--from-file=approval.rego=my-approval.rego \
-n kubernaut-system
helm install kubernaut charts/kubernaut/ \
--set aianalysis.policies.existingConfigMap=aianalysis-policies \
...
Input Contract¶
The approval policy receives this input from the AIAnalysis controller:
| Field | Type | Description |
|---|---|---|
environment |
string | Namespace environment (production, staging, development, etc.) |
confidence |
float | LLM investigation confidence score (0.0--1.0) |
confidence_threshold |
float | Configurable threshold (default 0.8, via aianalysis.rego.confidenceThreshold) |
remediation_target |
object | LLM-identified remediation target (kind, name, namespace) |
target_resource |
object | Original alert target resource |
detected_labels |
map | Detected workload labels (snake_case keys: stateful, git_ops_managed, pdb_protected, hpa_enabled, helm_managed, network_isolated, service_mesh) |
failed_detections |
array | Detection fields that failed (e.g., ["gitOpsManaged"]) |
warnings |
array | Investigation warnings |
Output Contract¶
The policy must produce these outputs:
| Output | Type | Description |
|---|---|---|
require_approval |
boolean | true to require human approval, false to auto-approve |
reason |
string | Human-readable explanation for the decision |
Default Behavior¶
The reference policy (charts/kubernaut/examples/approval.rego) implements:
- Production environments: Always require approval (controlled via
kubernaut.ai/environment=productionnamespace label) - Sensitive resources (Node, StatefulSet): Always require approval regardless of environment
- Missing remediation target: Always require approval (safety default)
- Non-production: Auto-approved unless critical safety conditions are met
Risk Factors¶
The reference policy uses scored risk factors for reason generation:
| Score | Condition |
|---|---|
| 90 | Missing remediation target |
| 85 | Sensitive resource kind (Node/StatefulSet) |
| 80 | Production + sensitive resource |
| 70 | Production environment |
The highest-scoring factor determines the approval reason.
Customization¶
Always Require Approval¶
package aianalysis.approval
import rego.v1
default require_approval := true
default reason := "All remediations require manual approval"
Auto-Approve Everything (testing only)¶
package aianalysis.approval
import rego.v1
default require_approval := false
default reason := "Auto-approved (testing mode)"
Environment-Specific Thresholds¶
CRD Safety Gate¶
Block automated CRD modifications and require human approval. CRD changes cascade to all CRs of that type, making them high-risk for automated remediation:
require_approval if {
input.remediation_target.kind == "CustomResourceDefinition"
}
risk_factors contains {"score": 95, "reason": "CRD modification — cascades to all CRs of this type"} if {
input.remediation_target.kind == "CustomResourceDefinition"
}
For GitOps-managed clusters, combine with detected_labels — see CRD Safety Policy for the full pattern.
Hot-Reload¶
The approval policy supports hot-reload via fsnotify (~60s kubelet sync delay). If the new policy has a syntax error, the previous policy is kept and an error is logged.
Reference File¶
A complete reference policy is available in the chart: charts/kubernaut/examples/approval.rego