{
  "id": "topic:org-scoped-tenancy",
  "_kind": "Topic",
  "_file": "domain/products/krate.yaml",
  "_cluster": "domain",
  "attributes": {
    "displayName": "Org-Scoped Multi-Tenancy",
    "description": "A tenancy model where the Organization is the top-level isolation\nboundary. Every resource — repositories, teams, users, policies,\npipelines, agent stacks — belongs to exactly one organization.\nCross-org access is explicitly denied unless federation is configured.\nThis differs from namespace-scoped tenancy (where a namespace is the\nboundary) and cluster-scoped tenancy (where a single tenant owns the\ncluster). In Krate, Organizations are cluster-scoped CRDs that own\nnamespaces, and all org-scoped resources carry an orgRef field linking\nback to the owning Organization.\n"
  },
  "outgoingEdges": [
    {
      "from": "topic:org-scoped-tenancy",
      "to": "domain:platform-engineering",
      "kind": "applies_to"
    },
    {
      "from": "topic:org-scoped-tenancy",
      "to": "domain:security",
      "kind": "applies_to"
    },
    {
      "from": "topic:org-scoped-tenancy",
      "to": "domain:software-engineering",
      "kind": "applies_to"
    }
  ],
  "incomingEdges": [
    {
      "from": "domain:platform-engineering",
      "to": "topic:org-scoped-tenancy",
      "kind": "contains",
      "attributes": {
        "notes": "Multi-tenancy model for platform engineering"
      }
    }
  ]
}