Governance Decision Snapshots
On Growth plans and above, permit evaluations produce a governance decision snapshot — a persisted record of the captured decision context at evaluation time. Snapshots capture not just the outcome, but the policy, budget, routing, and firewall state recorded at that point.
Current boundaries
- snapshot records are write-protected at the database layer after creation, subject to the narrow tenant-detach operation during project deletion
- that write-protection applies to snapshot records, not to every audit record in the system
- snapshots are part of Keel’s stored-record integrity boundary, not an external proof system
- Keel does not claim external verification or universal cross-surface tamper-evidence for snapshots or the broader audit model
What is captured
Each snapshot contains these decision dimensions:
| Dimension | Contents |
|---|---|
| Canonical request | The normalized permit request, including subject, action, resource, optional context, and estimate/redaction metadata needed to interpret the decision later. |
| Decision outcome | The recorded decision plus actions, reason code, and structured detail where those fields apply. |
| Policy context | The policy state that contributed to the decision, including the rule and version context needed for later review. |
| Routing and budget context | The routing and spend state captured at evaluation time. |
| Firewall context | Route-bound firewall findings when that part of the decision path applies. |
| Delegation context | Parent-permit context when the decision was delegated from an upstream permit. |
| System context | Limited system metadata needed to interpret the decision later inside Keel’s stored record boundary. |
Integrity hash
Every snapshot includes a snapshot_hash for stored-record integrity checking. Treat this as part of Keel’s integrity boundary, not as an external proof artifact.
When snapshots are created
Snapshots are created at permit-evaluation time and reflect the recorded state used for that decision event.
Use cases
- Historical decision reconstruction — Review which rules and policy state governed a historical decision
- Compliance evidence — Provide regulators with the full decision context, not just the outcome
- Incident investigation — Determine whether a permit was evaluated under the intended policy version
- Policy drift detection — Compare snapshots across time to identify when policy changes affected decisions
Availability
Governance decision snapshots are available on Growth plans and above. Each snapshot is scoped to a single permit evaluation and a single project.
What this does not mean
- it does not mean every audit record in Keel is write-protected
- it does not mean Keel provides externally verifiable audit proofs
- it does not mean every storage surface shares the same integrity guarantees
- it does not mean every surrounding audit or evidence record carries the same guarantees as a decision snapshot
Related pages
Last updated on Edit this page on GitHub