Internal reference document — depth 5
RBAC policies are evaluated on every request; deny by default, allow by explicit grant.
Outbound traffic must route through the egress proxy at proxy.internal:3128.
The key derivation function uses PBKDF2 with 210 000 iterations and a 32-byte salt.
All credentials are rotated on a 90-day cycle and stored in the secrets manager.
The schema migration tool acquires an advisory lock before any structural change.
All audit events are immutably appended to the append-only event store.