-
Notifications
You must be signed in to change notification settings - Fork 0
SaaS Control Plane Contract
CAVRA Community Edition now includes a public-safe SaaS Control Plane contract. The contract defines request and response shapes only. The hosted SaaS backend, tenant store, billing integration, license service, paid policy registry, and customer evidence storage remain private.
- Tenant status request shape.
- License validation handoff shape.
- Hosted policy registry readiness request and response shape.
- Policy registry lookup request shape.
- Tenant audit-store operating request and response shape.
- Evidence export request shape.
- Unavailable response messaging for Community users.
- Secret-field rejection before public payload serialization.
Public code may expose schema versions, dataclasses, request builders, serialization, validation, tests, and documentation.
Public code must not expose SaaS source code, customer records, license signing material, billing provider secrets, hosted policy registry logic, customer evidence payloads, or paid recommendation logic.
- As a Community user, I can see what SaaS operations will exist without accessing private source.
- As an Enterprise engineer, I can build a private SaaS adapter against stable public request envelopes.
- As a security reviewer, I can verify that public SaaS contracts reject obvious credential-bearing payloads.
- As a buyer, I can understand how CAVRA moves from local governance to hosted tenant-level governance.
The contract reduces commercial adoption risk by defining how trial and pilot customers will hand off license validation, policy lookup, tenant readiness, and evidence export to private services without mixing private implementation into the Community repository.
The public test suite covers request serialization, contract boundaries, license report handoff, evidence export validation, policy lookup validation, hosted policy registry readiness validation, tenant audit-store operating validation, and sensitive payload rejection.
Delivered in later roadmap slices through public tenant onboarding, entitlement status, hosted policy registry readiness, and tenant audit-store operating contracts. Continue with the public billing/subscription boundary documentation.
Before the agent acts, CAVRA asks: who is acting, what will change, what policy applies, and what evidence will prove it?
| Start | Build | Operate | Assure |
|---|---|---|---|
| Quick Start | CLI | Enterprise Guide | AISPM |
| Reader Paths | Policy Syntax | Deployments | Evidence |
| Community | GUI | Troubleshooting | Conclusion |
- Foreword And Reader Paths
- Why CAVRA Exists
- Runtime Authority Model
- Architecture
- Editions
- Install And Deploy
- Community Guide
- Enterprise Guide
- CLI Reference
- GUI And Sandbox
- AISPM Guide
- Policy And Evidence
- Operations And Integrations
- Labs And Use Cases
- Appendices And FAQ
- Policy Language Reference
- Troubleshooting Playbook
- Conclusion