Policies And Approvals#

Control-plane resources determine whether a requested action proceeds as submitted or requires an explicit governance outcome first. The public API will expose this layer through canonical Policy and Approval resources rather than hidden business logic or one-off tenant behaviors.

What Belongs Here#

When this concept lands, the layer will cover:

• Policy resources that declare governance rules, control posture, and approval requirements at a scope (enterprise, client, or account)
• Approval cases created by policy evaluation, with explicit approve, reject, and cancel decisions and discoverable eligible approvers
• the link between an approval case and the operation it gates, surfaced through operation status (pending_approval and successors) and approval_ref on the operation view
• four-eyes and separation-of-duties patterns expressed through role assignments and approver eligibility

The model is built so governance is part of the runtime contract — an integration sees governance outcomes through the same operation and event streams it already consumes, not through a separate administrative side-channel.