For platform teams and regulated organizations — multi-tenant, governance, compliance, audit
The platform owns the foundation decisions. The product owns the business decisions. Most of the tug-of-war I've watched between platform and product teams comes down to no one having drawn that line in writing. DaC draws it, by making the decision surface itself the contract between them.
DSPy optimizes the prompt-and-program layer. MCP standardizes the tool-and-data layer. Put them together and you have the primitives for maintainable agents, the stack I've been arguing for since the start of the year, finally usable.
The auditor is a first-class persona and almost never gets treated like one. Five surfaces an audit interface needs when it's designed instead of grown, control timeline, faceted filters, signed evidence exports, integrity verification, and rule lookup.
An honest retrospective. The mistakes I made with AI in 2025-26, over-trusting model output, under-investing in evals, picking the wrong abstractions, skipping verification. The lessons I actually learned, written down so I don't have to learn them again.
Policies vary per tenant. Code does not. The architectural payoff of tenant-aware policy bundles. OPA-style, that don't require a tenant-aware codebase. Bundle resolution, defaults, overrides, and the audit story that makes 'what happened for tenant X' answerable without grep.
Sixteen years in: vCAC, vRA, AWS, OpenStack, Kubernetes, Terraform, now AI agents. The honest read on what persists across the eras, idempotency, declarative state, policy-as-code, observability, and what's genuinely different about agents.
Years before AI agents, I was writing workflows that called other workflows, enforcing policy at the orchestration layer, and arguing about idempotency. vCAC turned out to be the apprenticeship for everything I'm doing now.
If your audit trail can't answer all five, what happened, why was it allowed, under what rules, who is accountable, who coordinated, you don't have an audit trail. You have logs. The five questions, what populating them takes, and the predictable failure mode for teams that miss each one.
Default-deny gets framed as a security control. The more useful framing is that it's a compliance posture: every 'yes' becomes a justified positive choice, and every action ties back to a specific allowed-rule the auditor can read.
Most people will never read an AI governance framework. They'll get their AI through the device in their pocket. Apple's posture sets the floor for billions of users, and that floor matters more than the governance discourse acknowledges.
Most teams attach a confidence score to model output and stop there. The mature pattern uses it as a routing signal, high to fast-path, mid to human-in-loop, low to rejected-with-reason. The thresholds are product-specific, the audit story is per-path, and calibration is a discipline.
You've inherited a 1,500-line values.yaml. The fix isn't refactoring it in place, it's the six-step migration to a DaC shape: catalog, cluster, identify, push down, version, ship. Here's the walkthrough, concrete enough to mirror.
