@namespace "com.example.governance"
@version "1.0.0"
Entity "PolicyGateway" in governance
Entity "EvidenceService" in governance
Entity "AuditLog" in governance
Resource "PolicyDecision" units in governance
Resource "EvidenceRecord" units in governance
Flow "EvaluatePolicy"
@cqrs { "kind": "query" }
from "PolicyGateway" to "PolicyGateway"
Flow "RecordEvidence"
@cqrs { "kind": "command" }
@tx { "transactional": true }
from "EvidenceService" to "AuditLog"
Policy all_decisions_logged
per Constraint Obligation priority 10
@rationale "Every policy decision must be audited"
as: forall d in flows where d.resource = "PolicyDecision":
exists e in flows where e.name = "RecordEvidence": true
Policy evidence_immutable
per Constraint Prohibition priority 10
as: forall e in resources where e.name = "EvidenceRecord":
(e.modified = false)