Features & Controls
Understanding the governance layer, feature registry, and compliance controls
Blazing Core Compose includes a governance layer that tracks platform capabilities and ensures compliance through features and controls.
Overview
Two registries govern platform capabilities:
| Registry | Purpose | Example | |----------|---------|---------| | Feature Registry | Tracks platform capabilities | GPU-MIG, NET-ANYCAST | | Control Registry | Defines compliance requirements | PCI-DSS-4.0, GDPR |
Both are version-controlled and audited automatically.
Feature Registry
What Are Features?
Features are specific capabilities offered by the platform:
- NET-ANYCAST: Anycast IP addressing
- GPU-MIG: NVIDIA MIG GPU slicing
- EGR-LOCK-COUNTRY: Egress country lock
- TLS-ROTATION: TLS blue-green rotation
Feature States
| State | Meaning | Behavior | |-------|---------|----------| | implemented | Fully available | No warnings, works everywhere | | experimental | Available with warnings | Works but may change | | planned | Coming soon | Warns or blocks (depends on policy) | | deprecated | Being phased out | Warns, suggests replacement | | removed | No longer exists | Blocks deployment |
Feature Example
Checking Feature Availability
Sample output:
Control Registry
What Are Controls?
Controls are compliance policies that map to business requirements:
- PCI-DSS-4.0: Payment Card Industry compliance
- GDPR: European data protection
- HIPAA: Healthcare data compliance
- SOC2: Security and availability standards
Control Structure
Controls define required and optional features:
Declaring Controls
Add controls to your services:
Enforcement Levels
| Mode | Description | Behavior | |------|-------------|----------| | strict | Blocking | Deployment fails if requirements not met | | advisory | Warning | Warns but allows deployment | | informative | Logging | Logs only, no user notification |
Validation Flow
Validation Process
Validation Pseudocode
Common Controls
PCI-DSS-4.0
Payment Card Industry compliance:
DATA-RESIDENCY-EU
European data residency:
SOC2-TYPE2
Security and availability compliance:
HIPAA
Healthcare data compliance:
Policy Hooks
Organization-Level Policy
Set global requirements:
Project-Level Policy
Override for specific projects:
Validation Examples
Example 1: Feature Not Yet Supported
Example 2: Control Not Satisfied
Example 3: Feature Removed
Audit Records
Every deployment creates an audit record:
Viewing Audit Logs
Feature Map
The Feature Map links YAML paths to feature IDs:
This enables automatic feature detection:
Future Extensions
Planned governance enhancements:
| Extension | Description | Target Version | |-----------|-------------|----------------| | depends_on | Feature dependencies | v0.3.0 | | supersedes | Replacement mapping | v0.3.0 | | conditions | ALL/ANY evaluation | v0.4.0 | | score | Weighted compliance | v0.4.0 | | custom_controls | User-defined controls | v0.5.0 |
Best Practices
1. Declare Controls Early
Validation catches issues before deployment.
2. Use Advisory Mode for Testing
3. Check Features Before Using
Avoid surprises during deployment.
4. Review Audit Logs Regularly
Track compliance failures.
5. Stay Updated
See newly available features.