Enterprise Overview

Enterprise security features, compliance controls, and hardened deployment for Baker Street.

Enterprise Overview

The Baker Street enterprise distribution (baker-street-hardened) adds security, compliance, and governance layers on top of the open-source platform. These features are implemented as composable middleware and infrastructure overlays -- they do not modify the core application.

Security Model

Baker Street's security architecture operates in layers:

Platform Layer (Open Source)

The open-source distribution includes baseline security that ships by default:

• Default-deny network policies on every pod
• Non-root containers (UID 1000) with read-only filesystems
• Dropped Linux capabilities and seccomp profiles
• Scoped secrets -- three separate Kubernetes secrets, each containing only what its service needs
• Command allowlisting on workers -- only pre-approved binaries can execute
• Task pod isolation -- zero RBAC, no ingress, NATS-only egress, 30-minute timeout

Enterprise Layer (Hardened)

The enterprise distribution adds:

• Guardrail middleware -- composable chain of checks on every tool call
• Tamper-evident audit logging -- HMAC-chain signed events shipped to external SIEM
• Namespace isolation for tasks -- dedicated namespace with Pod Security Standards
• Supply chain verification -- Trivy scanning, SBOM generation (CycloneDX), cosign image signing, Kyverno admission control
• External Secrets Operator -- replaces static Kubernetes secrets with Vault, AWS Secrets Manager, or Azure Key Vault sync
• Rate limiting and cost governance -- per-user and global request limits, daily/monthly LLM cost budgets

Compliance Mapping

The enterprise controls map to established compliance frameworks:

Getting Started

To deploy the enterprise distribution, see the individual feature guides:

• Guardrails Configuration -- configure the guardrail middleware chain
• Audit Logging -- set up HMAC-chain logging and SIEM integration