-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathtamga-policy.yaml
More file actions
123 lines (110 loc) · 3.71 KB
/
Copy pathtamga-policy.yaml
File metadata and controls
123 lines (110 loc) · 3.71 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
version: "1.0"
name: "default-policy"
rules:
pii_detection:
action: REDACT
sensitivity: medium
types: [credit_card, ssn, tc_kimlik, iban, email, phone_tr, ip_public, ip_private]
notify:
- channel: slack
webhook: ${SLACK_WEBHOOK_URL}
secret_detection:
action: BLOCK
sensitivity: low
types: [aws_access_key, aws_secret_key, github_token, openai_key, anthropic_key, private_key, stripe_key, connection_string, connection_string_password, jwt_token, dotenv_secret, slack_webhook, generic_api_key]
injection:
action: BLOCK
sensitivity: medium
notify:
- channel: slack
webhook: ${SLACK_WEBHOOK_URL}
code_leakage:
action: WARN
sensitivity: high
custom_entities:
- name: "musteri_no"
pattern: "MN-\\d{8}"
description: "Müşteri numarası (MN-12345678 formatı)"
severity: "high"
action: REDACT
confidence: 0.90
- name: "dosya_no"
pattern: "DSY-\\d{4}/\\d{6}"
description: "İç dosya numarası"
severity: "medium"
action: WARN
confidence: 0.85
- name: "sicil_no"
pattern: "SN\\d{6}"
description: "Personel sicil numarası"
severity: "high"
action: REDACT
confidence: 0.90
rate_limit:
max_requests_per_minute: 60
max_tokens_per_day: 500000
action_on_exceed: BLOCK
# Incoming LLM request body caps (bytes). Override with TAMGA_MAX_BODY_BYTES when unset here.
body_limits:
default:
max_bytes: 1048576
per_provider:
anthropic:
max_bytes: 2097152
openai:
max_bytes: 1048576
providers:
allowed: [openai, anthropic, azure_openai, google_vertex]
blocked: []
# FAZ2 — optional per-route upstream chains (fallback + circuit breaker). Example:
# pools:
# anthropic:
# strategy: fallback_chain
# providers:
# - name: anthropic-primary
# base_url: "https://api.anthropic.com"
# api_key_env: "ANTHROPIC_API_KEY"
# priority: 1
# timeout: 30s
# - name: anthropic-eu
# base_url: "https://eu.api.anthropic.com"
# api_key_env: "ANTHROPIC_API_KEY_EU"
# priority: 2
# timeout: 30s
# Outbound scan: non-streaming responses use output_rules.buffer_bytes; for SSE/NDJSON
# set streaming.enabled: true (FAZ1 Prompt 2 — fail-close on BLOCK).
# output_rules:
# enabled: true
# buffer_bytes: 262144
# scan_window_ms: 200
# block_on: [aws_access_key, github_token]
# streaming:
# enabled: false
# max_buffer_bytes: 8192
# ---------------------------------------------------------------------------
# RBAC exception framework (opt-in)
# ---------------------------------------------------------------------------
# Exceptions allow specific admin/security roles to bypass policy rules with
# full audit logging. When a user sends the X-Tamga-Role header (e.g. "admin"
# or "security_lead") and their role matches an exception for a rule, that rule
# is skipped entirely — BLOCK becomes allow, REDACT returns raw content.
#
# Security notes:
# - Rule names must match exactly (no wildcards).
# - Every exception application is audit-logged as event=exception_applied.
# - Expired exceptions are silently ignored (not a parse error).
# - Set TAMGA_STRICT_MODE=true to disable ALL exceptions globally (kill-switch).
# - Valid roles: admin, analyst, viewer, security_lead
#
# Example (uncomment to enable):
#
# exceptions:
# - rule: "pii-scan-enforcement"
# roles: ["admin", "security_lead"]
# reason: "Admins inspecting production data need raw view"
# expires_at: "2026-12-31T00:00:00Z" # optional, omit for permanent
#
# - rule: "secret_detection"
# roles: ["admin"]
# reason: "CI/CD pipeline token testing bypass"
# # no expires_at = permanent exception