Veto/docs

BYOC data-flow attestation

Cross-boundary data flow for Veto BYOC.

Data-flow attestation

Veto BYOC separates the Plaw plane from the customer plane.

Veto BYOC plane split

Customer plane

Your Kubernetes cluster runs the operator, PDP/server, dashboard, storage, policies, decisions, approvals, Slack/webhook configuration, and support-bundle redaction. Customer policy content, decision rows, tool-call arguments, agent IDs, end-user IDs, Slack content, compiled NL prompts, env vars, and secrets remain here.

Plaw plane

Plaw supplies signed software artifacts, license verification, and optional anonymous telemetry collection. Plaw does not have inbound network access to the customer plane and does not assume roles, impersonate service accounts, or hold cross-account IAM.

Only cross-boundary payloads

  1. License heartbeat: instance_uuid, license_id, decision_count_30d, sdk_version, operator_version, timestamp.
  2. Optional anonymous telemetry when explicitly enabled by the customer.
  3. Customer-initiated image/chart/SBOM/signature downloads from GHCR and release artifacts.
  4. Optional customer-initiated support bundle after local redaction, excluding inline policy content, decisions, tool args, env vars, and Secrets.

Air-gapped mode disables heartbeat and telemetry and validates the offline license JWT from a mounted customer secret/file.

Budget Constraints

Per-session cost circuit breaker that limits how much an agent can spend.

Plaw is not a BYOC sub-processor

Procurement language for Veto BYOC deployments.

On this page

Data-flow attestation
Customer plane
Plaw plane
Only cross-boundary payloads
Edit this pageFeedback