Governance Service Overview
Governance Service is the core platform API for organizations, projects, policies, controls, declarations, reviews, indicators, credentials, evidence attachments, activity logs, and governance certificates.
It is deployed behind the platform ingress and is normally reached through the
/governanceService path.
Responsibilities
Section titled “Responsibilities”- Manage organizations, projects, policies, applied policies, and controls.
- Store declarations, reviews, activity history, and evidence attachment metadata.
- Evaluate indicator events and store evaluation results.
- Coordinate with Auth Service for bearer credential validation and permissions.
- Coordinate with Integrity Service for statements, CIDs, lineage, and certificates.
- Run database migrations when configured by the deployment chart.
Customer Interfaces
Section titled “Customer Interfaces”- Browser traffic from Governance Studio.
- External API traffic for supported governance workflows.
- Event ingestion and indicator APIs for customer monitoring integrations.
- Health and readiness endpoints for operators.
Dependencies
Section titled “Dependencies”Governance Service requires PostgreSQL, Auth Service, configured object storage for production evidence attachments, and Integrity Service for integrity-backed workflows.