Readiness
:::info Source
Sourced from services/tenant-service/SERVICE_READINESS.md in the documentation repo.
:::
1. Readiness per Milestone
| Milestone | Level | Justification |
|---|---|---|
| M0 | L2 | Tenants, org units, roles, memberships, basic ABAC. |
| M1 | L3 | Customer-facing for pilots; feature-flag overrides. |
| M2 | L3 | Provider tenants for marketplace. |
| M3 | L4 | SAML JIT provisioning, full ABAC, dynamic groups, compliance reports. |
| M4 | L4 | — |
| M5 | L4 | Data residency migration saga live. |
2. Canonical Gates
G1 — Domain
- Aggregates
Tenant,OrgUnit,Membership,Role,DynamicGroup,FeatureFlagOverride. - Invariants: OrgUnit tree integrity (ltree), unique slug per scope, role system/tenant invariant.
- Unit coverage ≥ 95%.
G2 — API
- OpenAPI published; idempotency + problem+json + cursor pagination.
- Pact contracts with every consumer of tenant data.
G3 — Events
- Subjects:
tenant.org.*,tenant.role.*,tenant.membership.*,tenant.org_unit.*,tenant.dynamic_group.*,tenant.data_residency.*. - Outbox + inbox + schema registry.
G4 — Sync
-
Role,Permission,DynamicGroupreplicable;server_authoritative.
G5 — AI
- No direct AI. ABAC predicate linter is rule-based. N/A.
G6 — Observability
- SLO: authz decision p95 < 20ms (in-process),
/authz/checkp95 < 50ms. - Dashboards: authz grant/deny rates per tenant, policy bundle version.
G7 — Performance
- 50k authz decisions / sec / pod sustained.
- Dynamic group re-eval < 60s for tenants with 100k members.
G8 — Security
- Two-tenant isolation suite green.
- Policy-linter blocks predicates without tenant scope.
- Pen-test #1 closed.
3. SLOs
| SLI | Target |
|---|---|
| Availability | 99.99% |
/authz/check p95 | < 50ms |
| Policy bundle refresh | < 60s |
| Dynamic group re-eval | < 5 min for 100k-member tenant |
| Tenant provisioning | < 30s end-to-end |
4. Definition of Done
- Unit + integration + contract tests green.
- OpenAPI updated.
- Event schemas registered.
- Migrations tested fwd+back.
- Policy linter pass.
- Two-tenant isolation test green.
- Runbook updated.
5. Release Checklists
M3 (L4 target)
- SAML JIT provisioning complete.
- ABAC policy editor UI live.
- Dynamic group performance test at 100k members.
- Compliance officer UI.
- Signed policy bundle pipeline.
M5 (Data Residency)
- Data-residency migration saga tested on production-size tenant.
- Rollback tested.
- Multi-region active-active tenant reads.