872 B
872 B
Didactopus Agent Audit Logging + Key Rotation Layer
This update extends the service-account scaffold with two operational controls:
- audit logging for machine-initiated activity
- key rotation / revocation scaffolding for service accounts
Added in this scaffold
- audit log records for service-account actions
- request-level audit helper for agent operations
- service-account secret rotation endpoint
- service-account enable/disable endpoint
- admin UI for viewing audit events and rotating credentials
Why this matters
A serious AI learner deployment needs more than scoped credentials.
It also needs to answer:
- which service account did what?
- when did it do it?
- what endpoint or workflow did it invoke?
- can we replace or revoke a compromised credential?
This layer makes service-account usage more accountable and more maintainable.