For high-risk systems, only the CI/CD pipeline should be able to promote a model to the production stage. Manual promotion is prohibited because it bypasses the automated validation gates and creates a pathway for untested models to reach production.
This access control is enforced at the registry level. The CI/CD pipeline authenticates with a service account that has the specific permission to transition models from staging to production. Human users, including administrators, do not have this permission. If a human needs to intervene (for example, to roll back to a previous version in an emergency), the rollback is itself a governed event that triggers the validation pipeline and is logged.
The access control configuration should be auditable: the registry’s access control settings, the service account’s permissions, and the authentication mechanism are all documented and verifiable. Penetration testing should specifically test whether manual promotion paths exist that could circumvent the CI/CD pipeline.
Key outputs
- Registry access control restricting production promotion to CI/CD service accounts
- Prohibition of manual promotion with documented enforcement mechanism
- Emergency rollback procedure with governance logging
- Module 10 and Module 9 AISDP documentation