EventBridge domain event governance¶
| ID | MOD-043 |
| System | SD07 |
| Repo | bank-platform |
| Build status | Deployed |
| Deployed | Yes |
| Last commit | bbdfbac46a1b5cf6dc25b4c7cd428a8daa669d03 |
Provisions and governs the eight custom EventBridge event buses (one per system domain:
bank.core, bank.kyc, bank-aml, bank.payments, bank.credit, bank.risk,
bank.platform, bank.app). Manages IAM resource policies, EventBridge Schema Registry
schemas, and the SQS dead letter queues attached to every rule target.
Schema Registry enforces backward-compatible event contracts between producing and consuming Lambdas. Breaking changes require a new event type — schema mutation is not permitted. Operations monitoring alerts on DLQ depth > 0 across all buses.
See ADR-029.
Module dependencies¶
Depends on¶
| Module | Title | Required? | Contract | Reason |
|---|---|---|---|---|
| MOD-104 | AWS shared infrastructure bootstrap | Required | — | AWS shared infrastructure provisioned by MOD-104 (EventBridge buses, S3, KMS, Kinesis, Cognito) is required before this module can be deployed. |
Required by¶
| Module | Title | As | Contract |
|---|---|---|---|
| MOD-062 | Workflow orchestration engine | Hard dependency | — |
| MOD-063 | Notification orchestration | Hard dependency | — |
| MOD-068 | Authentication & session management | Hard dependency | — |
| MOD-087 | Transaction enrichment engine | Hard dependency | — |
| MOD-097 | Usage event collector | Hard dependency | — |
| MOD-158 | Test seed data loader | Hard dependency | — |
Policies satisfied¶
| Policy | Title | Mode | How |
|---|---|---|---|
| DT-004 | Data Governance Policy | AUTO |
Domain event buses enforce ownership boundaries — cross-domain subscriptions require an explicit published contract |
| DT-001 | Information Security Policy | AUTO |
EventBridge bus access governed by IAM resource policies — only authorised Lambda functions may publish or subscribe |
| PRI-001 | Privacy Policy | AUTO |
Event payloads must not contain PII — personal data referenced by entity ID only, retrieved from the authoritative domain store |
| PRI-003 | Personal Information Retention & Destruction Policy | AUTO |
DLQ messages capped at 14-day TTL — no event payload retained beyond the operational resolution window |
Capabilities satisfied¶
(No capabilities mapped)
Part of SD07 — Data Platform & Governance Infrastructure
Compiled 2026-05-22 from source/entities/modules/MOD-043.yaml