Feature Notes

Feature Notes are the acceptance and validation layer for OneProtect Phase 1. They connect requirements, client architecture clarifications, implementation artifacts, deployment posture, UI/API validation, smoke checks, and remaining limitations.

These are not release notes. They are handoff notes for reviewers who need to prove that a feature exists, understand what was actually implemented, and know what remains planned.

How To Use Feature Notes

For each feature:

1. Check the status: implemented, partial, contract designed, planned, or deferred.
2. Review the related SRS, client-response, ADR, and task-board references.
3. Follow the UI, API, and smoke validation steps.
4. Confirm known limitations before treating the feature as complete.

Categories

• Foundation: tenancy, storage, event spine, and platform guardrails.
• Platform: tenant administration, console activation guardrails, and cross-pillar platform workflows.
• Auth & Identity: OIDC, Keycloak local profile, roles, SCIM contracts, and enrollment identity.
• Integrations: delivery, credentials, retries, and operations workbench.
• Asset Discovery: contracts, storage, heartbeat ingestion, and future discovery.
• RMM Operations: browser SSH, macOS agent scope, and endpoint management connector contracts.
• SIEM: log source, normalized event, bounded search, deterministic alert, and evidence/audit contracts.
• Ticketing: implemented internal OneProtect ticket/work-item runtime.
• Compliance: auditor/evidence, export/redaction runtime, control catalog, and policy catalog/forking runtime.
• Observability: worker metrics, logs, health, and future dashboards.
• Deployment: AWS, Helm, CI/CD, docs publishing, and apply gates.
• Future / Planned: Phase 1 work that is not implemented yet.

Every completed milestone should add or update a Feature Note before merge.