FLUIDFLUID
  • Introduction
  • Quickstart
  • Why FLUID
  • FAQ
  • What FLUID Is
  • Core Principles
  • Agentic-Native Layer
  • FLUID vs ODCS / ODPS
  • Anatomy
  • Cheatsheet
  • Full Specification
  • Versions
  • JSON Schema 0.7.5 ↗
  • Reference (HTML) ↗
Examples
How-to
What's New
Deck
GitHub
GitHub
  • Introduction
  • Quickstart
  • Why FLUID
  • FAQ
  • What FLUID Is
  • Core Principles
  • Agentic-Native Layer
  • FLUID vs ODCS / ODPS
  • Anatomy
  • Cheatsheet
  • Full Specification
  • Versions
  • JSON Schema 0.7.5 ↗
  • Reference (HTML) ↗
Examples
How-to
What's New
Deck
GitHub
GitHub
  • What's New

    • What's New
    • What's New in FLUID 0.7.5 — Streaming Kafka → Iceberg Sink & Confluent Tableflow
    • What's New in FLUID 0.7.4 — Runtime agentPolicy Enforcement at the MCP Gateway
    • What's New in FLUID 0.7.3 — Source-Aligned Acquisition
    • What's New in FLUID 0.7.2 — Semantic Truth Engine
    • What's New in FLUID 0.7.1 — Agentic Governance + Provider-First Orchestration

What's New in FLUID 0.7.1 — Agentic Governance + Provider-First Orchestration

FLUID 0.7.1 represents a significant evolution focused on Agentic Governance and Provider-First Orchestration. Built with 100% backward compatibility with v0.5.7, it adds powerful new capabilities for the AI-driven enterprise.

💡 agentPolicy location. AI/LLM consumption policy lives per-expose under exposes[].policy.agentPolicy — not at the root, despite the top-level snippets in this historical release note. The schema has never accepted it at the top level. See the Schema Anatomy for the correct shape.


🤖 Agentic Governance (NEW)

Control which AI models can access your data and how they can use it:

# NEW in v0.7.1: AI/LLM usage policies
agentPolicy:
  allowedModels:
    - "gpt-4"
    - "claude-3-opus"
    - "gemini-1.5-pro"
  maxTokensPerRequest: 8192
  maxTokensPerDay: 100000
  allowedUseCases:
    - "customer-insights"
    - "market-analysis"
  deniedUseCases:
    - "political-profiling"
    - "credit-scoring"
  requiresHumanReview: true
  auditLog:
    enabled: true
    includePrompts: true

Why this matters: As AI agents become primary data consumers, organizations need granular control over:

  • ✅ Model-specific access — whitelist/blacklist AI models
  • ✅ Usage boundaries — define permitted and prohibited use cases
  • ✅ Rate limiting — token quotas per request and per day
  • ✅ Audit compliance — full logging of AI interactions with data
  • ✅ Human oversight — require review for sensitive operations

🌍 Sovereignty Constraints (NEW)

Enforce data residency and jurisdictional compliance at the contract level:

# NEW in v0.7.1: Top-level sovereignty requirements
sovereignty:
  jurisdiction: "EU"
  dataResidency:
    allowedRegions:
      - "europe-west1"
      - "europe-west3"
    deniedRegions:
      - "us-central1"
  complianceFrameworks:
    - "GDPR"
    - "HIPAA"
  crossBorderTransfer:
    allowed: false

Why this matters: Global compliance requires infrastructure-level enforcement:

  • ✅ Jurisdictional boundaries — enforce EU, US, APAC data laws
  • ✅ Regional constraints — specify allowed/denied cloud regions
  • ✅ Compliance frameworks — declare GDPR, HIPAA, SOC2 requirements
  • ✅ Transfer controls — block cross-border data movement

⚙️ Provider-First Orchestration (NEW)

Direct invocation of provider actions as first-class orchestration tasks:

# NEW in v0.7.1: Provider actions without wrapper operators
orchestration:
  engine: "airflow"
  tasks:
    - taskId: "ensure_s3_bucket"
      type: "provider_action"
      provider: "aws.s3"
      action: "ensure_bucket"
      parameters:
        bucket_name: "customer-data-lake"
        region: "us-west-2"

    - taskId: "load_to_snowflake"
      type: "provider_action"
      provider: "snowflake.table"
      action: "ensure"
      parameters:
        database: "ANALYTICS"
        schema: "GOLD"
        table: "CUSTOMER_360"
      dependsOn: ["ensure_s3_bucket"]

Why this matters: Simplifies multi-cloud orchestration:

  • ✅ Native provider actions — AWS, GCP, Azure, Snowflake primitives
  • ✅ No wrapper complexity — direct action invocation
  • ✅ Cross-provider workflows — multi-cloud pipelines without vendor lock-in
  • ✅ Strong typing — provider-specific validation

📊 Enhanced Access Control (NEW)

Root-level accessPolicy for automated IAM binding generation:

# NEW in v0.7.1: Declarative access grants
accessPolicy:
  grants:
    - principal: "group:data-analytics@company.com"
      permissions: ["read", "select", "query"]
      resources:
        - "$.exposes[?(@.kind=='table')]"

    - principal: "serviceAccount:pipeline@project.iam.gserviceaccount.com"
      permissions: ["write", "insert", "update"]
      conditions:
        ipRanges: ["10.0.0.0/8"]

Why this matters: Infrastructure-as-code for data access:

  • ✅ Automated IAM — generate cloud IAM bindings from the FLUID spec
  • ✅ Resource targeting — JSONPath expressions for fine-grained access
  • ✅ Conditional access — IP restrictions, time windows
  • ✅ Audit-ready — version-controlled access policies

📈 Key improvements over v0.5.7

Featurev0.5.7v0.7.1Impact
AI Model Control❌ None✅ agentPolicyGovern AI/LLM data access
Data Sovereignty❌ Manual✅ sovereigntyAutomated compliance enforcement
Orchestration⚠️ Abstract✅ Provider-firstDirect cloud provider actions
Access Control⚠️ Expose-level✅ Root-level accessPolicyCentralized IAM automation
Cross-Provider⚠️ Complex✅ NativeSimplified multi-cloud workflows
Task Dependencies⚠️ Build-only✅ Data product depsRicher dependency graphs
Error Handling⚠️ Basic✅ CategorizedIntelligent retry strategies
Cost Tracking⚠️ Estimated✅ Actual vs estimatedBudget enforcement

🔄 100% backward compatible

All v0.5.7 contracts work unchanged in 0.7.1:

  • ✅ No breaking changes
  • ✅ New features are opt-in
  • ✅ Existing patterns fully preserved
  • ✅ Gradual adoption path

Migration is simple:

# Change version number — that's it!
fluidVersion: "0.7.1"  # was "0.5.7"

# Optionally add new features
agentPolicy: { ... }
sovereignty: { ... }
accessPolicy: { ... }

See the Schema Changelog for the full version history, or the 0.5.7 → 0.7.1 diff for the auto-generated change list.

Edit this page on GitHub
Last Updated: 5/29/26, 5:26 PM
Contributors: fas89, Claude Opus 4.8
Prev
What's New in FLUID 0.7.2 — Semantic Truth Engine