guides
Intended Documentation
OpenShell Operations Runbook
Operational rollout runbook for customer-operated OpenShell or NemoClaw runtime integrations governed by Intended.
OpenShell Operations Runbook#
Use this runbook when deploying Intended-generated policy for customer-operated OpenShell / NemoClaw runtime environments.
Preconditions#
- runtime owner and approver identified
- staging environment available
- rollback path validated
- operator has reviewed third-party runtime boundary
Rollout sequence#
- Compile runtime policy artifact:
meritt openshell-compile --input meritt-openshell.json --output meritt-openshell.yaml
- Review inferred presets, endpoint scope, and binary access.
- Apply in staging with review-first execution mode.
- Validate decision-to-audit linkage for first governed runs.
- Promote to production after approver sign-off.
Production checks#
- verify policy hash/change ticket ID is recorded
- verify audit records include runtime correlation metadata
- verify fail-closed paths deny unapproved high-risk actions
- verify escalation flow for blocked or denied actions
Rollback protocol#
- Reapply last-known-good policy artifact.
- Switch runtime-sensitive capabilities to review mode.
- Pause high-risk connector paths until drift is resolved.
- Open incident review and attach decision/audit evidence.
Incident escalation#
- trigger when:
- policy drift detected
- unknown destination egress appears
- execution/audit mismatch occurs
- repeated deny events indicate malformed runtime requests
- include:
- policy artifact hash
- runtime environment
- decision IDs / trace IDs
- impacted systems and mitigation state
Shared-responsibility reminder#
Intended governs authorization and audit boundaries. Your team remains responsible for upstream runtime deployment, host hardening, credentials, and provider-specific operational controls.