Data Platform & Governance Infrastructure¶
| System ID | SD07 |
| Repo | bank-platform |
| Business domain | BD09 |
| Tech owner | Platform Engineering |
| Build status | Not started |
The CDC pipeline (Neon to S3 Iceberg), EventBridge domain event buses, IAM, secrets management, and data governance tooling that underpins all other systems.
Modules¶
| ID | Name | Status | ADR |
|---|---|---|---|
| MOD-042 | CDC pipeline — Neon logical replication to S3 Iceberg | Not started | ADR-001, ADR-003 |
| MOD-043 | EventBridge domain event governance | Not started | ADR-029 |
| MOD-044 | JWT role-based access control | Not started | ADR-004 |
| MOD-045 | Secrets & key management | Not started | — |
| MOD-046 | Privileged access management (PAM) | Not started | — |
| MOD-047 | Agent action logger | Not started | ADR-004 |
| MOD-048 | System decision log | Not started | ADR-001 |
For full module specifications and acceptance criteria, see module specifications.
Architecture¶
See ADR-003 for the CDC pipeline decision, ADR-029 for domain event routing, and ADR-004 for the JWT RBAC and agent access control pattern.
Critical constraints¶
- MOD-042 CDC pipeline must deliver Neon Postgres changes to Snowflake within 5 minutes p99 (NFR-015). Monitoring must alert if the CDC Lambda fails for more than 30 continuous hours.
- MOD-044 JWT RBAC is a hard GATE — no system or agent may access data without a valid scoped token.
- MOD-047 must log every agent action with actor, target, action type, and timestamp — no exceptions.
- Secrets must never appear in logs, environment variables visible to application code, or version control.
Modules¶
| Module | Name | Status | Policies |
|---|---|---|---|
| MOD-042 | CDC pipeline — Neon logical replication to S3 Iceberg | Deployed | DT-004 · REP-005 · AML-005 |
| MOD-043 | EventBridge domain event governance | Deployed | DT-004 · DT-001 · PRI-001 · PRI-003 |
| MOD-044 | JWT role-based access control | Deployed | DT-001 · GOV-007 · GOV-006 |
| MOD-045 | Secrets & key management | Deployed | DT-001 · DT-002 · AML-007 |
| MOD-046 | Privileged access management (PAM) | Deployed | DT-001 · GOV-006 · DT-002 |
| MOD-047 | Agent action logger | Deployed | GOV-006 · AML-001 · GOV-005 · CON-002 |
| MOD-048 | System decision log | Deployed | DT-009 · CRE-003 · AML-006 · GOV-006 |
| MOD-062 | Workflow orchestration engine | Deployed | |
| MOD-063 | Notification orchestration | Deployed | CON-001 · GOV-003 |
| MOD-075 | Internal API gateway | Deployed | DT-001 · DT-002 |
| MOD-076 | Observability platform | Deployed | GOV-006 · DT-004 |
| MOD-079 | Snowflake decision publication service | Deployed | GOV-006 · DT-001 |
| MOD-087 | Transaction enrichment engine | Deployed | PRI-001 |
| MOD-093 | Accounting mapper | Not started | PRI-001 |
| MOD-097 | Usage event collector | Deployed | REP-001 |
| MOD-099 | Infrastructure cost reports | Deployed | REP-001 |
| MOD-100 | External asset connector | Deployed | PRI-001 · PRI-003 |
| MOD-102 | Snowflake account configuration & governance | Deployed | DT-001 · DT-002 · DT-004 · GOV-007 |
| MOD-103 | Neon database platform bootstrap | Deployed | DT-001 · PRI-001 · PRI-003 |
| MOD-104 | AWS shared infrastructure bootstrap | Deployed | GOV-005 · GOV-006 · DT-002 |
| MOD-156 | CI/CD pipeline platform | Deployed | DT-007 · DT-010 · OPS-006 |
| MOD-157 | External provider stub service | Deployed | |
| MOD-158 | Test seed data loader | Deployed | |
| MOD-159 | Synthetic transaction engine | Deployed | |
| MOD-160 | Cross-module acceptance suite | Deployed | |
| MOD-168 | Maker-checker enforcement engine | Deployed | GOV-003 · DT-012 · GOV-005 |
| MOD-176 | Snowflake read API service | Deployed | DT-001 · DT-002 |
Compiled 2026-05-22 from source/entities/system-domains/SD07.yaml