Protected Resources & Confirmations
v1.0
·
Updated 5 days ago
Protected Resources & Confirmations
In addition to scopes, each profile knows two kinds of protected resources that require a typed confirmation token for destructive actions:
| Entry | Protects against | Token |
|---|---|---|
critical_compose_projects | accidentally stopping/updating important stacks | --confirm=<project> |
protected_paths | accidentally writing into sensitive paths (e.g. /etc) | --confirm=<server> |
Example profile:
## Protected Resources
- critical_compose_projects: db, monitoring
- protected_paths: /etc, /root/.sshThe philosophy behind it
The token makes intent visible on the command line and guards against accidental runs. It is explicitly not an agent-proof gate — honestly, an agent could append the token itself. For non-interactive workflows, the confirmation can be set via the environment variable FM_CONFIRM_CRITICAL=yes.