๐ TL;DR
Governance is layered: OPA enforces data rules; middleware applies consistent execution gates; circuit breakers contain failures; and an AuditAgent finds behaviours policy can’t express. Together these layers make compliance auditable and operational.
โฎ๏ธ Previous: Building the Engine: Core ETL Stages with Agent Instrumentation โ ย |ย โญ๏ธ Next: Real-Time Intelligence: Kafka Streaming and Event-Driven Agent Triggers โ
Part 1 : From Scripts to Sentience: Building an Agentic Data Platform
Part 2 : Engineering the Foundation: A Production-Grade Development Environment
Part 3 : Designing for Intelligence: The Agentic Data Pipeline Architecture
Part 4 : Synthetic Data Engineering: Teaching Your Platform What Real Data Looks Like
๐ In This Article
- The Problem With Compliance-as-Code
- Layer 1: OPA Enforces Data Access
- Layer 2: The Governance Middleware Decorator
- Layer 3: Circuit Breakers and Rate Limits
- Layer 4: Specialised Governance Agents
- MCP Server: Governance as an API
- Compliance Framework Mapping
- DAMA DMBOK Alignment
- The Decision Log Is the Audit Evidence
- Key Takeaways
โ ๏ธ The Problem With Compliance-as-Code
A senior engineer writes validate_compliance(transaction). It works until a threshold changes, the number is updated inline, the PR merges, and nobody notices until audit time.
The real problem is that the rule lives in application code โ hard to audit, easy to bypass, and slow to change. OPA fixes the data layer. Financial agents still need their own governance layer: rate limits, execution boundaries, and failure recovery.
Open Policy Agent (OPA) moves data rules out of application logic into tested, versioned policy. Agents still need governance: execution gates, rate limits, and failure recovery applied consistently across the platform โ the layers described below.
โ Back to top ยท Next: Layer 1: OPA Enforces Data Access โ
โ๏ธ Layer 1: OPA Enforces Data Access
OPA runs as a sidecar service. The pipeline’s OPAPolicyEnforcementStage evaluates every write against a Rego policy before data reaches the database.
The Rego policy in infra/opa/pipeline_policy.rego uses role-based access control. A write is allowed only when the requester has the right role and passes four checks:
default allow = false
allow {
role_permissions[input.identity][_] == input.action
check_data_classification # sensitive datasets โ compliance/auditor only
check_compliance # domain-specific transaction rules
check_retention_policy # 7 years for staged_data, 10 for audit_logs
check_audit_requirements # write operations must be audit_logged
}
The key rule is default allow = false. Policy errors, missing rules, or odd input shapes return deny, not allow. A bug stops the pipeline instead of opening data.
๐ Retention Baked Into Policy, Not Code
One of the more powerful aspects of this setup is that retention requirements live in the Rego file, not in the pipeline application:
check_retention_policy {
input.resource.name == "staged_data"
input.context.retention_days >= 2555 # 7 years โ SOX Section 802
}
When the rule changes, the Rego file is updated, tested with opa test, and deployed. The application code does not change. That is policy-as-code in practice.
Next: apply consistent governance to agent behaviour across the platform.
โ Back to top ยท Next: Layer 2: The Governance Middleware Decorator โ
๐ Layer 2: The Governance Middleware Decorator
With data access controlled, we must also control agent behaviour. How do we prevent runaway agents or resource exhaustion? Enter the @governed_execution decorator in libs/agents/governance_middleware.py:
class ComplianceAuditAgent:
@governed_execution("compliance_audit")
def process(self, state: AgentState) -> AgentState:
# agent logic here
...
Before process() runs, the decorator checks permission and, afterwards, records the result. This keeps domain code simple and governance centralised.
โ Back to top ยท Next: Layer 3: Circuit Breakers and Rate Limits โ
๐ Layer 3: Circuit Breakers and Rate Limits
The AgentGovernanceAgent maintains an AgentGovernancePolicy for each registered agent. The policy includes two protective mechanisms that operate automatically.
Rate limiting blocks an agent once it exceeds max_invocations_per_hour in a rolling window, and circuit breaking opens after repeated failures and disables the agent for a cooldown period.
Normal mode โ N failures โ Circuit OPEN (agent disabled) โ cooldown โ Circuit HALF-OPEN โ probe โ success โ Circuit CLOSED
Without this, a failing agent can spam logs and alerts indefinitely. The breaker turns that sustained noise into one clear signal: this agent is disabled for now.
โ Back to top ยท Next: Layer 4: Specialised Governance Agents โ
๐ค Layer 4: Specialised Governance Agents
Three dedicated agents handle concerns that OPA and the middleware cannot address because they require reasoning, not just rule evaluation.
๐ AuditAgent โ Anomaly Detection in the Audit Trail
The AuditAgent in libs/agents/audit_agent.py watches for patterns individual records cannot reveal:
- Repeated failures โ three or more failures within the last ten operations from the same actor suggests a misconfiguration or an attempted probe
- Unusual access patterns โ sudden access to sensitive resources from an identity that does not normally touch them
- Rate limit violations โ access frequency anomalies that policy alone did not catch
When suspicious activity is detected, the agent triggers the alert engine with severity based on the anomaly score. A score above 0.9 fires CRITICAL; above 0.75, SEVERE.
The AuditAgent also produces on-demand reports for operations, success rate, policy violations, and compliance rate.
๐ PolicyEnforcementAgent โ Organisational Policies
Where OPA enforces data-level access rules, the PolicyEnforcementAgent enforces organisational policies across systems: data modification requires approval, expensive agents are scheduled, and API call counts stay within limits.
It manages four policy domains and records each violation with a timestamp and actor.
โ ValidationAgent โ Data Integrity Before It Enters the System
The ValidationAgent applies checks before data reaches OPA. It validates query inputs, checks financial data ranges, and detects structural anomalies such as oversized state or missing critical fields.
In strict mode, validation failures block execution entirely. In standard mode, they are recorded and the pipeline continues with degraded confidence.
โ Back to top ยท Next: MCP Server: Governance as an API โ
๐ MCP Server: Governance as an API
All of the above is accessible through the MCP server’s governance routes (apps/mcp_server/routes/governance_routes.py). The endpoints expose governance state to the operational dashboard and to downstream tooling:
POST /api/governance/policy-enforcement/checkโ check whether an operation is compliant before executing itGET /api/governance/audit/trailโ filtered audit log by actor or event typeGET /api/governance/audit/suspiciousโ current anomaly list with severity scoresGET /api/governance/meta-governance/agent-status/{agent_name}โ execution mode, success rate, circuit breaker statePOST /api/governance/meta-governance/update-policyโ dynamically update an agent’s governance policy
The last endpoint is worth calling out. An operator can update an agent’s rate limit, failure threshold, or execution mode at runtime โ without a code change or deployment.
โ Back to top ยท Next: Compliance Framework Mapping โ
๐บ๏ธ Compliance Framework Mapping
Every Rego rule traces to a specific regulatory obligation. Maintaining this mapping is what turns the policy file into audit evidence rather than just configuration:
| OPA Rule | Regulatory Obligation | Framework |
|---|---|---|
default allow = false | Least-privilege access to personal data | GDPR Article 25 |
retention_days >= 2555 | 7-year minimum for financial records | SOX Section 802 |
audit_logged == true | Complete audit trail for all writes | SOX Section 404 |
check_data_classification | Sensitive data restricted to authorised roles | MiFID II, GDPR Article 9 |
| EDD on high-value transactions | Enhanced due diligence above thresholds | FATF Recommendation 10, Basel III/IV |
This table is maintained as inline comments in the Rego file and as a standalone compliance matrix. During audits, both are provided to show each requirement is implemented, machine-testable, and traceable to policy code.
โ Back to top ยท Next: DAMA DMBOK Alignment โ
๐ DAMA DMBOK Alignment
DAMA DMBOK defines eleven data management knowledge areas. This governance architecture directly addresses four of them:
Data Governance (KA 1): OPA policies are executable, version-controlled controls; CI/CD tests enforce governance changes.
Data Security (KA 7): OPA, execution gates, circuit breakers, and AuditAgent create layered defence.
Data Quality (KA 6): The ValidationAgent checks structure and domain rules before data enters the pipeline.
Metadata Management (KA 12): OpenMetadata keeps schema, lineage, quality, and ownership current after each run.
โ Back to top ยท Next: The Decision Log Is the Audit Evidence โ
๐๏ธ The Decision Log Is the Audit Evidence
Every OPA evaluation writes a structured log entry โ decision ID, identity, action, result, timestamp. That log is the audit evidence for each batch run.
Not a narrative. Not a process document. A record of every allow and deny decision the policy engine made, queryable like any other structured log.
๐ Thank You, Reader
Thank you for working through the governance layers. The decisions here โ fail-closed defaults, policy-as-code separation, circuit breakers for agents, traceable regulatory mapping โ are the difference between a platform that passes audits and one that discovers its compliance gaps during them.
๐ซ Connect With Me
- ๐ผ LinkedIn: Connect with me on LinkedIn
- ๐ป GitHub
โ Back to top ยท Next: Key Takeaways โ
๐ Key Takeaways
- Governance is layered: OPA for data-level policy,
@governed_executionmiddleware for agent-level policy, circuit breakers for failure recovery, and specialised agents for audit and anomaly detection. default allow = falsein Rego is non-negotiable โ without it, evaluation errors silently grant access instead of failing safely.- Retention requirements and audit obligations belong in the Rego policy, not in application code โ this makes compliance changes operational, not engineering events.
- The circuit breaker pattern prevents a failing agent from creating sustained noise; it converts repeated failure into a single clear signal and automatic recovery.
- Every governance rule should trace to a specific regulatory obligation โ that traceability is what makes the policy file audit evidence, not just configuration.
โ ๏ธ Disclaimer: The information provided on LearnWithNeeraj.com regarding Astrology, Numerology, and other topics is for educational and guidance purposes only.
Not Professional Advice: This content should not be used as a substitute for professional medical, legal, or financial advice. Always consult a certified professional for specific concerns.
Guest Authors: This site features articles by various contributors. The views and interpretations expressed are those of the individual authors and do not necessarily reflect the views of the website administrator.
Your destiny is in your hands. Use this information as a map, not a mandate.