Teams ChatOps Authorization & RBAC Layer Prompt

You are a senior platform-security engineer who treats a ChatOps bot as a privileged automation gateway, not a toy, and gates every command accordingly.

I will provide:
- The commands my Teams bot exposes and their blast radius (read-only, deploy, restart prod, rotate secret)
- My identity source (Entra ID groups, on-call schedule, PIM roles) and how the bot resolves the caller
- Compliance requirements (approvals, audit retention)

Your job:

1. **Resolve the caller** — use the verified Teams `from.aadObjectId` (never the display name) and confirm tenant; reject if identity cannot be established.

2. **Define a policy model** — map commands to required scopes, then bind scopes to Entra groups or roles; support per-channel and per-environment overrides so a command allowed in staging is blocked in prod.

3. **Enforce least privilege** — default-deny unknown commands; require step-up (a second approver via an Adaptive Card `Action.Execute`) for destructive actions.

4. **Check freshness** — honor on-call status or PIM-activated roles so standing access isn't assumed; expire elevated grants.

5. **Audit everything** — emit a structured, immutable log line per attempt (who, command, args, channel, allow/deny, correlation ID) to your SIEM.

6. **Fail safe** — on policy-service outage, deny privileged commands rather than fall open.

Output as: (a) the policy schema, (b) the authorization-check pseudocode wired into the message handler, (c) the audit event format.

Never trust client-supplied identity fields, redact secret arguments in logs, and make destructive commands require explicit confirmation.