Policies & Guardrails
Governance by design: approvals, auditability, and controls without blocking teams.
Argy’s stance is simple: governance must be embedded into delivery and operations workflows.
When governance is an external review step, it becomes a bottleneck. When it is built into the platform (approvals, audit logs, controls), it becomes a repeatable capability.
Approval policies (human-in-the-loop)
Argy supports approval policies that trigger review for sensitive actions.
Policy fields:
- Actions: Create, Update, Delete, Deploy, Publish
- Resources: Module, Project, Deployment, Policy
- Required approvals: 1 to 10
- Auto-approve: Yes / No
- Status: Active / Inactive
Workflow:
- Request → Waiting → Approved (execution) or Rejected (with optional comment)
- Notifications via email and Slack/Teams
- Full audit trail for every decision
Guardrails inside workflows
Argy can embed governance checks directly in workflows and modules, such as:
- Compliance checks
- Policy validation
- Security scanning (e.g., Trivy, Gitleaks)
- Kubernetes policy validation (Kyverno)
Evidence and auditability
- Actions are traceable (who/what/when/resource)
- Logs and evidence can be exported (CSV)
- Minimum retention: 90 days
Next steps
- Security overview: Security Model
- Platform workflow: Platform Engineer Guide