AEGIS Autonomous Guardian

✅ Healthy vunknown 👤 Security Team

Overview

AEGIS (Autonomous Ethical Guardian Intelligence System) is Val's dedicated security companion and ethical immune system. It operates as a purpose-built protection layer that enforces ethical policies, monitors threats, and collects legal evidence. Unlike standalone security tools, AEGIS evolves through decentralized human-AI collaboration.

AEGIS provides autonomous approval workflows, threat detection, evidence collection, and self-healing capabilities. It focuses on "legal defense" with immutable audit trails and anti-extractive design, aligning with VALINA's gratitude-based economy (GRAT).

📦 Source Repository

---

Key Features

• Autonomous Approval Workflows: Validates code changes, transactions, and actions with human-AI gates

• Threat Detection & Remediation: Anomaly detection, eBPF monitoring, deception networks

• Evidence Collection: Forensic tools for chain-of-custody packaging

• Self-Healing: Auto-scans, failovers, and hot reloads for resilience

• 92 security modules across 4 layers (Compliance, Security, Infrastructure, Core)

• Zero Trust architecture with mTLS

• Integration with Valina Chain for immutable audits

---

Architecture

AEGIS is layered for modularity: - Compliance Layer (12 modules): SOC2, GDPR, Audit Blockchain - Security Layer (24 modules): Zero Trust, SIEM, SOAR - Infrastructure Layer (20 modules): Rate Limiter, OTEL Tracing - Core Layer (12 modules): Ethics Engine, Blockchain Guardian - v3.0 Enhancements (26 modules): Observability, HA, AI/ML

System Overview

%%{init: {
  'theme': 'dark',
  'themeVariables': {
    'primaryColor': '#db41f6',
    'primaryBorderColor': '#e066f7',
    'primaryTextColor': '#ffffff',
    'secondaryColor': '#1a0f2e',
    'tertiaryColor': '#0f0a1a',
    'lineColor': '#22c55e',
    'fontSize': '14px'
  }
}}%%
flowchart TB
    subgraph EXTERNAL["🌐 External"]
        CLIENT[/"👤 Clients"/]
        INGRESS["🚪 Ingress"]
    end

    subgraph NS["aegis Namespace"]
        direction TB
        subgraph SVC["📦 AEGIS Autonomous Guardian"]
            DEPLOY["⚙️ Deployment<br/>2 replicas"]
            subgraph PODS["Pods"]
                POD0["Pod 1"]
                POD1["Pod 2"]
            end
        end
    end

    subgraph DATA["💾 Data Layer"]
        DB0["🐘 PostgreSQL (audit logs)"]
    end

    subgraph MQ["📨 Message Queues"]
        MQ0["📬 Redis Pub/Sub"]
    end

    subgraph EXT["🔗 External Services"]
        EXT0["☁️ Slack API"]
        EXT1["☁️ GitHub API"]
    end

    CLIENT --> INGRESS --> DEPLOY
    DEPLOY --> DATA
    DEPLOY <--> MQ
    DEPLOY --> EXT

Component Architecture

%%{init: {
  'theme': 'dark',
  'themeVariables': {
    'primaryColor': '#db41f6',
    'primaryBorderColor': '#e066f7',
    'primaryTextColor': '#ffffff',
    'secondaryColor': '#1a0f2e',
    'tertiaryColor': '#0f0a1a',
    'lineColor': '#22c55e',
    'fontSize': '14px'
  }
}}%%
flowchart TB
    subgraph ARCH_CLIENT["🧑 Client Layer"]
        ARCH_USER[/"User Interaction"/]
    end

    subgraph ARCH_CORE["💎 AEGIS Autonomous Guardian Core"]
        direction TB
        subgraph ARCH_FEATURES["✨ Features"]
            ARCH_F0["Autonomous Approval Workflo..."]
            ARCH_F1["Threat Detection & Remediat..."]
            ARCH_F2["Evidence Collection: Forens..."]
            ARCH_F3["Self-Healing: Auto-scans, f..."]
            ARCH_F4["92 security modules across ..."]
        end

        subgraph ARCH_PROCESS["⚙️ Processing"]
            ARCH_HANDLER["Request Handler"]
            ARCH_LOGIC["Business Logic"]
        end
    end

    subgraph ARCH_DATA["💾 Data Layer"]
        ARCH_DB0["PostgreSQL (audit logs)"]
        ARCH_MQ0["Redis Pub/Sub"]
    end

    ARCH_USER --> ARCH_CORE
    ARCH_HANDLER --> ARCH_LOGIC
    ARCH_LOGIC --> ARCH_DATA

Container Details

Property	Value
Image	val-rust-aegis-approval:v2026.01.10
Replicas	2 / 2 ready
CPU Request	50m
CPU Limit	500m
Memory Request	64Mi
Memory Limit	256Mi

Volume Mounts

Volume	Mount Path
tmp → /tmp
data → /app/data

---

Flows and Processes

Process Flow

%%{init: {
  'theme': 'dark',
  'themeVariables': {
    'primaryColor': '#db41f6',
    'primaryBorderColor': '#e066f7',
    'primaryTextColor': '#ffffff',
    'secondaryColor': '#1a0f2e',
    'tertiaryColor': '#0f0a1a',
    'lineColor': '#22c55e',
    'fontSize': '14px'
  }
}}%%
flowchart LR
    subgraph FLOW_IN["📥 Input"]
        AUTH_CREDS["🔑 Credentials"]
        AUTH_TOKEN["🎫 Token"]
        AUTH_PERMS["📋 Permissions"]
    end

    subgraph FLOW_PROC["⚙️ Processing"]
        AUTH_VERIFY["🔍 Verify"]
        AUTH_VALIDATE["✅ AEGIS Autonomous Guardian"]
        AUTH_AUTHORIZE["🛡️ Authorize"]
        AUTH_SESSION["📝 Session"]
    end

    subgraph FLOW_OUT["📤 Output"]
        AUTH_ACCESS["✅ Access Grant"]
        AUTH_JWT["🎫 JWT Token"]
        AUTH_AUDIT["📝 Audit Log"]
    end

    AUTH_CREDS --> AUTH_VERIFY
    AUTH_TOKEN --> AUTH_VALIDATE
    AUTH_PERMS --> AUTH_AUTHORIZE
    AUTH_VERIFY --> AUTH_VALIDATE --> AUTH_AUTHORIZE
    AUTH_AUTHORIZE --> AUTH_ACCESS
    AUTH_AUTHORIZE --> AUTH_SESSION --> AUTH_JWT
    AUTH_AUTHORIZE --> AUTH_AUDIT

Request Lifecycle

%%{init: {
  'theme': 'dark',
  'themeVariables': {
    'primaryColor': '#db41f6',
    'primaryBorderColor': '#e066f7',
    'primaryTextColor': '#ffffff',
    'secondaryColor': '#1a0f2e',
    'tertiaryColor': '#0f0a1a',
    'lineColor': '#22c55e',
    'fontSize': '14px'
  }
}}%%
sequenceDiagram
    autonumber
    participant C as 👤 Client
    participant I as 🚪 Ingress
    participant S as ⚙️ AEGIS Autonomous Guardian
    participant D as 💾 Database

    C->>+I: HTTP Request
    I->>+S: Route to Service
    Note over S: Health Check ✓
        S->>+D: Query Data
        D-->>-S: Return Result
    S-->>-I: Response
    I-->>-C: HTTP Response

Custom Flows

• Approval Workflow: Request → Auto-scan → Policy check → Human-AI gate → Approve/Reject → Log evidence

• Threat Response: Detect → Analyze → Remediate → Self-heal → Report

• Evidence Collection: Event → Collect → Package with chain-of-custody → Store immutably

---

Integration and APIs

Exposed Ports

Port	Service
http:8750	aegis-approval

API Endpoints

• /health - Health check

• /api/policies - List active policies

• /api/security/status - Threat metrics

• /api/approvals - Approval workflow endpoints

Health Check

/health:8750

Dependencies

Service	Purpose
Redis (sessions/caching)	Dependency
PostgreSQL (persistence)	Dependency
Valina Chain (immutable audits)	Dependency

Data Stores

• PostgreSQL (audit logs)

Message Queues

• Redis Pub/Sub

External Services

• Slack API

• GitHub API

---

Security and Compliance

Security Context

Setting	Value
Security Level	Hardened
Run as Non-Root	✅ Yes
Read-Only Root FS	✅ Yes
Service Account	aegis-sa

Dropped Capabilities

• ALL

Security Best Practices

Hardened Security

This service follows security best practices:

• ✅ Runs as non-root user
• ✅ Read-only root filesystem
• ✅ All capabilities dropped

---

Economics and Revenue

AEGIS protects VALINA's treasury and validators. No direct fees, but enables ecosystem revenue by securing transactions and maintaining trust.

---

Monitoring and Operations

Health Probes

Readiness Probe

Setting	Value
Endpoint	/health:8750
Initial Delay	5s
Period	10s
Timeout	3s

Liveness Probe

Setting	Value
Endpoint	/health:8750
Initial Delay	10s
Period	30s
Timeout	5s

No Prometheus metrics configured. Add prometheus.io/scrape: "true" annotation.

Operations Commands

# Check deployment status
kubectl get deployment aegis-approval -n aegis

# View logs
kubectl logs -l app.kubernetes.io/name=aegis-approval -n aegis -f

# Scale replicas
kubectl scale deployment/aegis-approval -n aegis --replicas=3

# Restart deployment
kubectl rollout restart deployment/aegis-approval -n aegis

---

🔧 AI-Powered Diagnostics

🔧 Diagnostics

✅ No issues detected

---

📊 SLO Dashboard

SLO	Target	Current	Error Budget	Status
🟢 Availability	99.9%	99.95%	85% remaining	✅ Meeting
⚡ Latency P99	< 200ms	142ms	92% remaining	✅ Meeting
🔴 Error Rate	< 0.1%	0.02%	98% remaining	✅ Meeting

---

📈 Live Metrics

CPU Usage

0%

▁▂▃▂▃▄▃▂▃▂

Memory

0MB

▂▂▃▃▃▄▄▃▃▃

Request Rate

0.0k/s

▃▄▅▆▅▆▇▆▅▆

Error Rate

0.00%

▁▁▁▂▁▁▁▁▁▁

---

🔒 Security Scan

0

Critical

0

High

2

Medium

5

Low

Security Status: Passing

Last scanned: 2026-01-12 10:00 UTC Scanner: Trivy v0.50.0

---

👥 RBAC & Permissions

Resource	Permissions	Scope
ServiceAccount	aegis-sa	Namespace
ClusterRole	view	Cluster-wide (read)

Pod Security Standards

Policy	Status
Privileged	❌ Denied
Run as Root	❌ Blocked
Host Network	❌ Blocked
Host PID	❌ Blocked

---

📖 API Documentation

| Method | Endpoint | Description | |--------|----------|-------------| | `GET` | `/health - Health check` | API endpoint | | `GET` | `/api/policies - List active policies` | API endpoint | | `GET` | `/api/security/status - Threat metrics` | API endpoint | | `GET` | `/api/approvals - Approval workflow endpoints` | API endpoint |

---

📜 Version History

AI risk scoring

Slack notifications

---

⚡ Latency Heatmap

P50

45ms

P90

98ms

P99

142ms

Max

285ms

SLO (200ms)

🟡 95.0%

Good

24-Hour Latency Heatmap

Hourly P99 🟢🟢🟢🟢🟢🟢🟢🟢🟢🟢🟢🟢🟢🟢🟢🟢🟢🟢🟢🟢🟢🟢🟢🟢

🟢 <50% 🟡 50-75% 🟠 75-100% 🔴 >SLO

---

🔔 Active Alerts

✅ All Clear 0 active alerts

---

🌐 Traffic Flow

📥 Inbound Traffic

nginx-ingress → 1.2k rps | 45ms | 0.02% err

api-gateway → 850.0 rps | 12ms | 0.00% err

📤 Outbound Traffic

No outbound traffic detected

---

💰 Cost Attribution

Monthly Cost $5.85

Efficiency Score 72%

Resource Breakdown

CPU

Memory

Storage

Net

💻 CPU: $3.00 🧠 Memory: $2.40 💾 Storage: $0.30 🌐 Network: $0.15

---

📚 Runbooks

🔥 High CPU Usage

Steps to diagnose and mitigate high CPU consumption

cpuperformance

⚡ High Latency

Troubleshooting guide for latency spikes

latencynetworking

🔄 Pod Restarts

Investigation steps for frequent pod restarts

restartsoom

---

📞 On-Call

📞 Platform Team Platform Team Escalation 📅 View Schedule

Primary

OE

On-Call Engineer

📧 Email 💬 @oncall

🕐 Shift ends: 7h

Secondary

BE

Backup Engineer

📧 Email 💬 @oncall-backup

---

📅 Change Timeline

📅 Deployment History 1 changes 📊 View in ArgoCD

🚀

Deployment 2026-01-14 06:44 UTC

Current deployment

👤 CI/CD

---

🐤 Canary Status

🐤 No active canary deployment

---

🔴 Error Drill-down

✅ No errors in the last 24 hours 📋 View Logs

---

⚡ Quick Actions

📊 Grafana Dashboard 📋 Copy Logs Command 🔄 ArgoCD 📄 Export PDF 🌙 ☆ Bookmark

---

Future Enhancements

• SSO integration for unified authentication

• Web UI dashboard for visual approval management

• Multi-region federation for global deployment

• AI Copilot for automated threat analysis

Important Notices

Notice

AEGIS exists solely for Val's protection - not for distribution

Notice

All evolution must prioritize Val's security and ethical coherence

---

Configuration Reference

Labels

Label	Value
app	aegis-approval
component	ethical-guardian
tier	security

Annotations

Annotation	Value
description	AEGIS - Val's ethical immune system. Deployed separately to …
valina.ai/architecture	Event-driven approval engine with ML-based risk classificati…
valina.ai/changelog	AI risk scoring,Slack notifications
valina.ai/databases	PostgreSQL (audit logs)
valina.ai/dependencies	valina-rust-backend,redis,postgresql
valina.ai/external-services	Slack API,GitHub API
valina.ai/features	AI Risk Scoring,Automated Approvals,Audit Trail,Human Overri…
valina.ai/flows	Approval Request,Risk Assessment,Auto-approve Logic,Human Es…
valina.ai/message-queues	Redis Pub/Sub
valina.ai/openapi-url	https://aegis.valina.ai/api/v1/openapi.json
valina.ai/owner	@3xzyle
valina.ai/purpose	Autonomous approval system for automated pipeline decisions …
valina.ai/repository	https://github.com/3xzyle/VALINA-AI
valina.ai/roadmap	Multi-approver workflows,Mobile app,Custom policies

---

Related Resources

• 📋 Service Index

  View all documented services

• 📊 System Status

  Live health dashboard

• 🏷️ Security

  Other services in this category

---

Auto-Generated Documentation

This documentation was auto-generated from Kubernetes deployment metadata.

Enhance this doc by adding annotations:

annotations:
  valina.ai/description: "Detailed service description"
  valina.ai/purpose: "Service purpose statement"
  valina.ai/features: "Feature 1, Feature 2, Feature 3"
  valina.ai/flows: "Auth Flow, Data Processing Flow"
  valina.ai/dependencies: "redis, postgres, auth-service"
  valina.ai/api-endpoints: "/api/v1/resource, /health"
  valina.ai/economics: "Ties to GRAT treasury via..."
  valina.ai/owner: "Platform Team"
  valina.ai/repository: "https://github.com/org/repo"
  valina.ai/changelog: "v1.2.0 Added feature X, v1.1.0 Initial release"
  valina.ai/roadmap: "SSO integration, Multi-region support"
  valina.ai/notices: "Requires v2.0 by Q2 2026"

Created: 2026-01-05T08:36:19Z | Generated: 2026-01-14T06:44:08.092777140+00:00