> ## Documentation Index
> Fetch the complete documentation index at: https://docs.budecosystem.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Access Review Workflow

> Run recurring permission reviews for least-privilege access

## Overview

Recurring access reviews keep your RBAC model aligned with real responsibilities.

```mermaid theme={null}
flowchart LR
    A[Export Current Users & Scopes] --> B[Group by Team and Role]
    B --> C[Review High-Risk Permissions]
    C --> D[Approve / Revoke]
    D --> E[Apply Changes in User Management]
    E --> F[Record Review Outcome]
```

## Recommended Cadence

* **Weekly**: Review `manage` scopes for critical modules.
* **Monthly**: Review all admin users and dormant accounts.
* **Quarterly**: Full organization-wide certification.

## High-Risk Permissions to Prioritize

* `user:manage`
* `cluster:manage`
* `project:manage` for shared production projects
* Any broad role grants that bypass normal workflow

## Evidence to Capture

* Reviewer name and date
* Users changed and scopes updated
* Business justification for exceptions
