Hi

Firstly, to set the context, the runtime governance capabilities currently support the concept of 'asynchronously' executed policies - which means that the decision and any subsequent actions are performed outside the executing systems control flow, and therefore cannot be used to influence its execution.

We are now looking to implement 'synchronously' executed policies, for cases where a decision needs to be made instantly, and potentially influence the execution of the business transaction.

The question is what types of action we expect these policies to be able to perform. The obvious one is to block the invocation of a service and enable a reason to be returned to the calling service.

However do we need other actions to be available?

For example, are we expecting these policies to also be able to modify the message exchanges in some way (i.e. patch the message content)? This type of action may be more complex, and potentially risky (i.e. easy to introduce unexpected side effects).

My personal view currently is that governance should be there to observe what is occurring, instigate actions (e.g. notify administrators) where necessary and in some situations block an action from occurring. Subtly changing the behaviour of a business transaction seems to be out of scope, but would like to hear opinions for and against?

Regards

Gary