lightspeed - v1.1.0

lightspeed/tenant/policy

Tenant isolation and policy runtime contracts (M29/M52 expansion).

Types

Action

Policy action category.

pub type Action {
  Read(resource_tenant_id: String)
  Write(resource_tenant_id: String)
  Delete(resource_tenant_id: String)
  EmitEvent(units: Int)
  OpenSession(units: Int)
  StartJob(units: Int)
  StartPipelineRun(units: Int)
  ReplayPipelineRun(units: Int)
  ApplyMitigation(mitigation: Mitigation, units: Int)
}

Constructors 

  • Read(resource_tenant_id: String)
  • Write(resource_tenant_id: String)
  • Delete(resource_tenant_id: String)
  • EmitEvent(units: Int)
  • OpenSession(units: Int)
  • StartJob(units: Int)
  • StartPipelineRun(units: Int)
  • ReplayPipelineRun(units: Int)
  • ApplyMitigation(mitigation: Mitigation, units: Int)

Budget

Per-tenant budget configuration.

pub type Budget {
  Budget(
    max_events: Int,
    max_sessions: Int,
    max_jobs: Int,
    max_pipeline_runs: Int,
    max_pipeline_replays: Int,
    max_mitigations: Int,
  )
}

Constructors 

  • Budget(
  max_events: Int,
  max_sessions: Int,
  max_jobs: Int,
  max_pipeline_runs: Int,
  max_pipeline_replays: Int,
  max_mitigations: Int,
)

Context

Tenant context propagated across runtime/data/telemetry boundaries.

pub type Context {
  TenantContext(actor_id: String, tenant_id: String, role: Role)
  SystemContext(actor_id: String)
}

Constructors 

  • TenantContext(actor_id: String, tenant_id: String, role: Role)
  • SystemContext(actor_id: String)

DecisionKind

Decision class for full audit traceability.

pub type DecisionKind {
  AllowedDecision
  DeniedDecision
  MitigatedDecision
}

Constructors 

  • AllowedDecision
  • DeniedDecision
  • MitigatedDecision

DecisionTelemetry

Decision telemetry emitted for allow/deny/mitigate outcomes.

pub type DecisionTelemetry {
  DecisionTelemetry(
    actor_id: String,
    tenant_id: String,
    surface: Surface,
    action: Action,
    decision: DecisionKind,
    reason: String,
    usage: Usage,
    budget: Budget,
  )
}

Constructors

DenialTelemetry

Denial telemetry emitted by policy runtime.

pub type DenialTelemetry {
  DenialTelemetry(
    actor_id: String,
    tenant_id: String,
    action: Action,
    reason: String,
    usage: Usage,
    budget: Budget,
  )
}

Constructors 

  • DenialTelemetry(
  actor_id: String,
  tenant_id: String,
  action: Action,
  reason: String,
  usage: Usage,
  budget: Budget,
)

Mitigation

Tenant containment mitigation strategy.

pub type Mitigation {
  ThrottleEvents
  PausePipelines
  IsolateTenant
}

Constructors 

  • ThrottleEvents
  • PausePipelines
  • IsolateTenant

Outcome

Policy evaluation result.

pub type Outcome {
  Allowed(reason: String)
  Denied(denial: DenialTelemetry)
}

Constructors

Role

Tenant-scoped role for runtime/data policy checks.

pub type Role {
  Viewer
  Editor
  TenantAdmin
}

Constructors 

  • Viewer
  • Editor
  • TenantAdmin

Runtime

opaque

Tenant policy runtime state.

pub opaque type Runtime

Surface

Policy decision surface.

pub type Surface {
  RuntimeSurface
  DataSurface
  PipelineSurface
  PolicySurface
}

Constructors 

  • RuntimeSurface
  • DataSurface
  • PipelineSurface
  • PolicySurface

Usage

Current per-tenant budget usage.

pub type Usage {
  Usage(
    events: Int,
    sessions: Int,
    jobs: Int,
    pipeline_runs: Int,
    pipeline_replays: Int,
    mitigations: Int,
  )
}

Constructors 

  • Usage(
  events: Int,
  sessions: Int,
  jobs: Int,
  pipeline_runs: Int,
  pipeline_replays: Int,
  mitigations: Int,
)

Values

action_label 

pub fn action_label(action: Action) -> String

Stable action label.

budget 

pub fn budget(
  max_events: Int,
  max_sessions: Int,
  max_jobs: Int,
) -> Budget

Build one budget.

budget_label 

pub fn budget_label(budget: Budget) -> String

Stable budget label.

context 

pub fn context(runtime: Runtime) -> Context

Runtime context accessor.

context_label 

pub fn context_label(context: Context) -> String

Stable context label.

decision_kind_label 

pub fn decision_kind_label(decision: DecisionKind) -> String

Stable decision-kind label.

decision_label 

pub fn decision_label(entry: DecisionTelemetry) -> String

Stable decision-telemetry label.

decision_metric 

pub fn decision_metric(
  entry: DecisionTelemetry,
) -> telemetry.Metric

Convert one decision telemetry event into a counter metric.

decisions 

pub fn decisions(runtime: Runtime) -> List(DecisionTelemetry)

Runtime decisions in stable order.

default_budget 

pub fn default_budget() -> Budget

Default tenant budget profile.

denial_label 

pub fn denial_label(denial: DenialTelemetry) -> String

Stable denial telemetry label.

denial_metric 

pub fn denial_metric(denial: DenialTelemetry) -> telemetry.Metric

Convert one denial telemetry event into a counter metric.

denials 

pub fn denials(runtime: Runtime) -> List(DenialTelemetry)

Runtime denials in stable order.

evaluate 

pub fn evaluate(
  runtime: Runtime,
  action: Action,
) -> #(Runtime, Outcome)

Evaluate one policy action.

expanded_budget 

pub fn expanded_budget(
  max_events: Int,
  max_sessions: Int,
  max_jobs: Int,
  max_pipeline_runs: Int,
  max_pipeline_replays: Int,
  max_mitigations: Int,
) -> Budget

Build one expanded budget profile for runtime/data/pipeline controls.

expanded_budget_label 

pub fn expanded_budget_label(budget: Budget) -> String

Stable expanded budget label for M52 cross-surface policy evidence.

expanded_usage_label 

pub fn expanded_usage_label(usage: Usage) -> String

Stable expanded usage label for M52 cross-surface policy evidence.

mitigation_label 

pub fn mitigation_label(mitigation: Mitigation) -> String

Stable mitigation label.

new 

pub fn new(context: Context, budget: Budget) -> Runtime

Build one policy runtime.

outcome_label 

pub fn outcome_label(outcome: Outcome) -> String

Stable outcome label.

repository_scope 

pub fn repository_scope(context: Context) -> repository.Scope

Convert context to data repository scope.

role_label 

pub fn role_label(role: Role) -> String

Stable role label.

runtime_budget 

pub fn runtime_budget(runtime: Runtime) -> Budget

Runtime budget accessor.

runtime_usage 

pub fn runtime_usage(runtime: Runtime) -> Usage

Runtime usage accessor.

signature 

pub fn signature(runtime: Runtime) -> String

Stable runtime signature.

surface_label 

pub fn surface_label(surface: Surface) -> String

Stable surface label.

system_context 

pub fn system_context(actor_id: String) -> Context

Build one system context.

telemetry_tags 

pub fn telemetry_tags(context: Context) -> List(telemetry.Tag)

Emit telemetry tags for one context.

tenant_context 

pub fn tenant_context(
  actor_id: String,
  tenant_id: String,
  role: Role,
) -> Context

Build one tenant context.

usage_label 

pub fn usage_label(usage: Usage) -> String

Stable usage label.

valid 

pub fn valid(runtime: Runtime) -> Bool

Validate policy runtime invariants.

Search Document