After bundles are approved through the governance lifecycle, gates enforce those approval requirements by controlling specific user actions in real time.
Gates help teams limit risk, automate compliance, and respond quickly to policy changes. Gating decisions are applied automatically and recorded for audit.
You need the GovernanceAdmin role to define gates in policies. Roles and security has details on role assignment.
Domino evaluates gated actions when you create or restart an Application or deploy an Endpoint, blocking users from completing these actions until the required approval is granted.
Common use cases include:
-
Blocking GPU or high-cost hardware tiers until reviews are complete
-
Controlling deployments to specific data planes
-
Rechecking approval status on restart to maintain compliance
Gates apply only to governed actions in projects where a bundle with gating policies has been attached.
Governance Admins define gates as part of a policy using YAML. Each gate includes:
-
One or more rules that define the governed action and its parameters
-
A list of required approvals for the action to proceed
- Example: Define gates in YAML
-
In this example, the gate blocks creation of apps that use the
large-k8sorgpu-small-k8shardware tiers unless theValidation sign offstage has been completed:
gates:
- name: Prod
rules:
- action: CreateApp
parameters:
hardwareTierId:
- large-k8s
- gpu-small-k8s
approvals:
- Validation sign offWhen a practitioner attaches a bundle with gating policies to a project, the system begins enforcing the gate rules. Only governed actions and parameters are affected. All other activity proceeds normally.
Gates remain active as long as the bundle is attached and the policy requires the relevant approvals.
When a user attempts a governed action, the system evaluates gate rules in real time. If the action and its parameters match a gated rule, the system checks for approval before allowing it to proceed.
-
During creation: invalid configuration options are blocked in the UI
-
On restart: users receive an error if a previously approved configuration no longer meets policy requirements
| Action | Result |
|---|---|
User creates an app using allowed settings | Action proceeds |
User selects a gated hardware tier without approval | Action is blocked |
Approval is granted after creation | Gated actions become allowed |
Approval is revoked after creation | Gated actions are blocked on restart |
When a user attempts a governed action, the system evaluates the gate rules in real time. If the action and its parameters match a gated rule, the system checks for approval before allowing it to proceed.
During creation, invalid configuration options are blocked in the UI. On restart, users receive an error if a previously allowed configuration no longer meets approval requirements.
Gating decisions are enforced by two internal services:
-
Governance Service manages policies, approvals, and gate definitions
-
Rules Service applies gate logic and determines whether to allow or block actions in real time
Gate rules are stored in the shared governance database. When a policy is activated, the Rules Service sets all governed actions to "deny" by default. Actions are allowed only after the required approvals are granted.
All rule evaluations and gating outcomes are:
-
Recorded in the Audit Log
-
Tracked in MixPanel to support compliance reporting and usage analysis
-
Create bundles: package models and artifacts for review
-
Automated checks: run validation checks during bundle progression
-
Monitoring checks: respond to drift and data quality alerts from deployed models
-
Add findings to a bundle: document review decisions and track issues
-
Send bundles for review: submit bundles for formal approval