Skip to main content

Governance Interaction Pattern

Page Outline

Governance Interaction Pattern

DIA integrates closely with the Governance Agent (GA) to ensure all decisions comply with organizational policies. This integration happens at multiple stages of the decision lifecycle.

Validation Flow

  1. Request Validation: When DIA receives a simulation or analysis request, it first calls GA.POST /validate_decision with complete request metadata including:

    • Tenant ID
    • Scenario type and parameters
    • User context and permissions
    • Historical decision patterns
    • Resource requirements

  2. Policy Evaluation: GA evaluates the request against all applicable policies and returns a validation result:

    {
      "allowed": true,
      "policy_id": "p-xx",
      "policy_version": "1.2.3",
      "rewrite": null,
      "warnings": [],
      "token": "gt-abc123"
    }

    Or if not allowed:

    {
      "allowed": false,
      "reason": "Policy violation: Marketing spend increase exceeds 10% threshold",
      "violated_policy": "p-marketing-limit",
      "suggestions": ["Reduce increase to 10% or request policy exception"]
    }

  3. Token Attachment: If allowed, DIA receives a governance token that:

    • Links the decision to specific policy validations
    • Enables audit trail reconstruction
    • Supports compliance reporting
    • Allows policy version tracking

  4. Decision Storage: DIA stores the governance token with the decision record, creating an immutable link between the decision and the policies that authorized it.

  5. Policy Change Handling: When DIA receives governance alerts via Kafka (governance.alerts topic), it:

    • Invalidates cached policy decisions
    • Re-evaluates pending simulations if needed
    • Updates policy cache for future validations

Benefits of This Pattern

  • Separation of Concerns: DIA focuses on decision logic, GA handles policy enforcement
  • Auditability: Every decision has a traceable policy validation
  • Flexibility: Policies can change without modifying DIA code
  • Compliance: Complete audit trail for regulatory requirements