Deploy a Computational Policy

This section focuses on deploying computational governance policies in Blindata. Policy deployment is a critical step in ensuring governance processes are seamlessly integrated into your data product lifecycle. Blindata simplifies this by providing robust tools for managing and monitoring deployed policies.

Deployment Card

Summary of Policy Implementation and Types

Policies in Blindata can be categorized into different types based on their evaluation and implementation requirements:

  • Documentation Only Policies: Provide guidelines but do not require formal verification or deployment.
  • Adoption Only Policies: Require acknowledgement but lack verification or an implementation tab.
  • Manual Verification Policies: Include manual workflows for evaluation but do not provide automated implementations.
  • Automated Verification Policies: Require implementation as code and support deployment and redeployment processes.

Implementation Operations by Policy Type

  1. Adoption-Only and Manual Verification Policies: These policies do not include an implementation step. Adoption involves associating policies with data products, and evaluation is managed through manual processes.
  2. Automated Policies: These policies support implementation as code. Deployment involves associating the policy with a code artifact that performs automated evaluations.

Implementation and Deployment in Blindata

To implement and deploy a policy, follow these steps:

Define the Policy

Policies are defined and documented in Computational Governance Policies dedicated guide.

Add Implementation (For Automated Policies)

For automated policies, Blindata provides an intuitive Implementation Tab to manage and configure policy implementations. Follow these steps to add an implementation:

  1. Navigate to the desired policy in the Policies Repository.
  2. Open the Implementation Tab.
  3. Enter the required details for the policy’s evaluation logic, tailored to the validator engine being used.

Deployment Card

When configuring an implementation, you will be prompted to provide the following information:

  • Display Name: A user-friendly name for the implementation.
  • Name: A unique technical identifier for the implementation.
  • Description: A brief description of the implementation.
  • Policy Engine: The policy engine responsible for executing the logic.
  • Policy Body: The code or configuration defining the policy, based on the selected policy engine.
  • Evaluation Condition: A conditional filter applied to events, ensuring the policy is only evaluated when the condition matches the incoming event. This condition is applied as a Spel expression over the policy evaluation content as discussed in the next paragraph.
  • Evaluation Events: One or more specific events that trigger the policy evaluation.
  • Version: The version number of the implementation.
  • Blocking: A flag indicating whether the policy blocks further progression of the associated process if violated.

Note: The Implementation Tab is available only for automated policies. Other policy types do not include this step.

Evaluation Conditions

To ensure that policies are only applied when relevant, you can define evaluation conditions. These conditions act as filters, determining whether a policy should be evaluated based on the incoming event data. Filtering conditions are expressed using Spel (Spring Expression Language), a powerful expression language that allows you to dynamically access and manipulate objects and their properties within the Blindata platform.

Example conditions:

  • afterState.activity.stage == 'Staging' - Applies the policy only when an activity is transitioning to the “Staging” stage.
  • currentState.task.status == 'FAILED' - Triggers the policy only when a specific task fails during execution.
  • afterState.dataProductVersion.info.domain == 'Finance' - Applies the policy only to data products within the “Finance” domain.

By using filtering conditions, you can precisely target policy enforcement, improve efficiency by filtering out irrelevant events, and create a more organized and manageable policy framework.

Deploy the Policy

Once the implementation is ready, deploy the policy to make it operational:

  1. go to the Deployment Card on the right side of the policy detail page.
  2. Click Deploy New Version.
  3. Confirm the deployment. The deployed version will now be available in the card, showing the following details:
    • Deployed Version Number
    • Deployment Timestamp
    • Status (e.g., Active, Pending Validation)

Manage Deployed Policies

The Deployment Card allows you to:

  • View the Deployed Versions: Access details of all active deployments, including implementation logic.
  • Redeploy: If updates to the implementation are needed, click Redeploy New Version to replace the existing deployment.
  • Delete Deployment: Remove the deployed version from the platform, effectively unbinding the policy from automated operations.

Collecting Policy Evaluation Results

Policy evaluation results are gathered by the Blindata Observer for Open Data Mesh. The Policies Upload use case collects all evaluation results for a specified data product and uploads them to Blindata for centralized management.

This process can be triggered following these supported event types:

  • DATA_PRODUCT_VERSION_CREATED: Captures results immediately after a new data product version is registered.
  • DATA_PRODUCT_ACTIVITY_COMPLETED: Gathers results after the completion of a DevOps stage, for example after the release in production.

Updated on 16 Jan 2025