Governance decision tree

Walk through the GATEKEEP framework for any architecture decision. Select a category, answer the questions, and get a structured verdict: Approve, Reject, or Defer.

What the tree covers

SEC Security

Endpoint exposure, secret storage, dependency vulnerabilities, OWASP patterns.

COST Cost

AWS Free Tier compliance, known cost traps, monitoring thresholds.

DES Design

Architecture changes, data model migrations, backward compatibility.

DEP Deployment

CI status, Terraform plan review, resource destruction safety check.

DATA Data

GDPR lawful basis, data residency (EU regions), retention and deletion.

The GATEKEEP framework is documented in Governance as code. Source available at github.com/ticketyboo-dev.