{ "manifestVersion": "0.2", "subject": { "layer": "artifact", "name": "metrics-dashboard-api", "version": "2.4.1", "digest": { "sha256": "9b1f4c6e2d8a3f7b5c9e1d2a4f6b8c0e3d5a7f1b9c2e4d6a8f0b2c4e6d8a0f2b" }, "sbomRef": "https://artifacts.example.com/metrics-dashboard-api/2.4.1/sbom.cdx.json" }, "intent": { "purpose": "Aggregates user activity, billing, and team metrics from internal services and renders a per-tenant dashboard. Read-heavy. Designed for SaaS deployment, not on-prem.", "audience": "multi_tenant", "tenancy": { "model": "shared", "isolationGuarantees": [ "data", "identity" ], "dataResidency": [ "EU", "US-EAST", "US-WEST" ] }, "outOfScope": [ "Air-gapped deployment", "Sub-200ms response times for tenants with >10M events", "Strong consistency across regions" ] }, "envelope": { "throughput": { "targetRps": 500, "maxRps": 2000, "latency": { "p50Ms": 80, "p95Ms": 200, "p99Ms": 600 }, "concurrency": { "maxConcurrentRequests": 1500, "maxConcurrentUsers": 5000 } }, "scaling": { "axis": "horizontal", "stateful": false, "maxInstances": 50 }, "instantiation": { "mode": "multi_instance", "coordinationDependency": "none" }, "privilege": { "runtime": "unprivileged", "filesystemAccess": "read_only" }, "network": { "posture": "bidirectional", "exposedPorts": [ { "port": 8080, "protocol": "http", "purpose": "API + health" } ], "requiredEgress": [ { "host": "metrics-db.internal", "port": 5432, "protocol": "tcp", "purpose": "Primary datastore" }, { "host": "billing-svc.internal", "port": 443, "protocol": "https", "purpose": "Billing aggregation" } ] }, "persistence": { "required": true, "stores": [ "sql", "kv" ] }, "dependencies": [ { "name": "Stripe", "type": "payment_provider", "criticality": "critical", "failureMode": "fail_closed", "dataFlow": "bidirectional", "dataClassifications": [ "pii", "pci" ], "jurisdiction": [ "US", "EU", "GLOBAL" ], "alternative": "not_substitutable", "providerSamUri": "https://stripe.com/.well-known/sam.json", "industryRefs": [ { "standard": "EU DORA", "version": "2022/2554", "conformance": "Article 28 critical ICT third-party provider" }, { "standard": "NIST SP 800-161", "version": "Rev. 1" } ] }, { "name": "Auth0", "type": "identity_provider", "criticality": "critical", "failureMode": "fail_closed", "dataFlow": "bidirectional", "dataClassifications": [ "pii" ], "jurisdiction": [ "US", "EU" ], "alternative": "partially_substitutable", "industryRefs": [ { "standard": "EU DORA", "version": "2022/2554", "conformance": "Article 28 critical ICT third-party provider" }, { "standard": "ISO/IEC 27036", "version": "2014" } ] }, { "name": "AWS S3", "type": "infrastructure", "criticality": "critical", "failureMode": "degraded", "dataFlow": "bidirectional", "dataClassifications": [ "internal", "confidential" ], "jurisdiction": [ "US-EAST-1" ], "alternative": "partially_substitutable", "industryRefs": [ { "standard": "EU DORA", "version": "2022/2554", "conformance": "Article 28" } ] }, { "name": "Datadog", "type": "observability_provider", "criticality": "important", "failureMode": "degraded", "dataFlow": "egress_only", "dataClassifications": [ "internal" ], "jurisdiction": [ "US" ], "alternative": "substitutable" } ] }, "qualityAttributes": { "performanceEfficiency": { "overall": { "status": "verified", "summary": "P95 < 200ms at 500 RPS sustained.", "industryRefs": [ { "standard": "ISO/IEC 25010", "version": "2023", "referenceUri": "https://iso25000.com/index.php/en/iso-25000-standards/iso-25010" } ] }, "subCharacteristics": { "timeBehaviour": { "status": "verified", "summary": "P95 < 200ms verified at 500 RPS over 1h.", "evidence": [ { "type": "load_test", "uri": "https://artifacts.example.com/metrics-dashboard-api/2.4.1/k6-report.json", "digest": "sha256:6a4f9e2c8b1d3e5a7f9c0b2d4e6a8f1c3b5d7e9f1a3c5b7d9e1f3a5c7b9d1e3f" } ] }, "capacity": { "status": "declared", "summary": "Designed-for ceiling 2000 RPS per cluster." } } }, "reliability": { "overall": { "status": "verified", "summary": "Tolerant to single-region DB failover. AP posture." }, "subCharacteristics": { "faultTolerance": { "status": "verified", "summary": "Circuit breakers on all egress. Chaos test runs in CI.", "evidence": [ { "type": "chaos_test", "uri": "https://ci.example.com/runs/8842" } ] }, "availability": { "status": "declared", "summary": "99.9% within designed envelope." } } }, "security": { "overall": { "status": "verified", "summary": "Annual pentest + quarterly SAST. No known criticals.", "industryRefs": [ { "standard": "NIST SP 800-218", "version": "1.1", "conformance": "Self-attested per CISA SSDF attestation form", "referenceUri": "https://csrc.nist.gov/Projects/ssdf" }, { "standard": "OWASP ASVS", "version": "5.0", "conformance": "L2" }, { "standard": "SOC 2", "conformance": "Type 2", "auditor": "Schellman", "auditPeriod": "2025-01-01 to 2025-12-31", "dateAttested": "2026-02-15T00:00:00Z" }, { "standard": "CIS Benchmarks", "version": "Docker / Kubernetes", "conformance": "Container hardening per applicable CIS benchmark" }, { "standard": "NIST SP 800-190", "version": "1.0", "referenceUri": "https://csrc.nist.gov/pubs/sp/800/190/final" } ] }, "subCharacteristics": { "confidentiality": { "status": "verified", "summary": "TLS in transit, KMS-encrypted at rest, tenant_id enforced at query layer.", "industryRefs": [ { "standard": "ISO/IEC 27001", "version": "2022" } ] }, "authenticity": { "status": "verified", "summary": "OIDC at edge, mTLS between services." } } }, "compatibility": { "overall": { "status": "declared", "summary": "REST + JSON. OpenAPI 3.1. Backward compatible across minor versions.", "industryRefs": [ { "standard": "OpenAPI", "version": "3.1.0", "referenceUri": "https://spec.openapis.org/oas/v3.1.0" } ] } }, "maintainability": { "overall": { "status": "verified", "summary": "85% behavioral test coverage. ADRs for every architectural decision." }, "subCharacteristics": { "testability": { "status": "verified", "summary": "Contract tests at every service boundary." } } }, "flexibility": { "overall": { "status": "declared", "summary": "Stateless services. Kubernetes-portable. Not designed for on-prem." }, "subCharacteristics": { "scalability": { "status": "verified", "summary": "Horizontal to 50 instances verified." }, "installability": { "status": "declared", "summary": "Helm chart + Terraform module." } } }, "interactionCapability": { "overall": { "status": "not_applicable", "summary": "Backend API. UI is shipped separately." } }, "functionalSuitability": { "overall": { "status": "verified", "summary": "All endpoints have spec tests against the OpenAPI contract." } }, "safety": { "overall": { "status": "not_applicable", "summary": "No physical or safety-critical surface." } } }, "extensions": { "observability": { "status": "verified", "summary": "Structured logs (no PII), Prometheus metrics, OTLP traces with correlation IDs across all egress.", "industryRefs": [ { "standard": "OpenTelemetry", "version": "1.40.0", "referenceUri": "https://opentelemetry.io/docs/specs/semconv/" } ] }, "dataLifecycle": { "status": "declared", "summary": "Tenant data retained 90 days post-deletion request, then hard-deleted. Audit log retained 7 years.", "industryRefs": [ { "standard": "GDPR", "conformance": "Article 17 (right to erasure)" }, { "standard": "ISO/IEC 25012", "version": "2008" }, { "standard": "NIST SP 800-88 Rev. 1", "conformance": "Media sanitization on deletion", "referenceUri": "https://csrc.nist.gov/pubs/sp/800/88/r1/final" } ] }, "internationalization": { "status": "not_applicable", "summary": "Backend API. Strings localized at the UI layer." } }, "tensionsDeclared": [ { "tension": "cap_pacelc", "posture": "AP, staleness window 5s", "rationale": "Dashboard reads tolerate up to 5s staleness; availability prioritized during partition." }, { "tension": "observability_cost_trilemma", "posture": "Tail-based sampling at 10%, full retention for errors", "rationale": "Full-resolution traces at 500 RPS would exceed observability budget; errors always sampled." }, { "tension": "observability_pii", "posture": "Email and tenant identifiers redacted at logger; no request body in logs", "rationale": "Log aggregator has weaker access controls than primary DB." } ], "producer": { "name": "Acme Platform Team", "contact": "platform@acme.example.com", "issuedAt": "2026-04-26T15:00:00Z", "validFor": "P90D", "x-acme-deploy-region": "us-east-1" } }