Environments
- dev -> staging -> prod
- No direct dev -> prod promotion.
- All pipeline gates pass.
- Migration checks pass.
- Security checks pass.
- Release notes and compatibility notes present.
- East/west traffic policy validation evidence present (default-deny + allow-list flows).
- Internal mTLS/certificate health check passes (no expired or near-expiry blocking certs).
Rollback Policy
- Blue/green or canary rollback path documented per deployment.
- DB rollback must follow approved migration rollback plan.
Ownership
- Platform owner approves staging->prod.
- Security owner required for high-risk changes.
- Security owner co-approves promotions that modify network policy, mTLS, or certificate authorities.