The Governance Engine operates in two primary modes depending on the environment lifecycle.
Audit
Audit Mode (Development)
Violations are logged and owners are emailed, but the resource creation is not blocked. Use this to test new templates.
Deny
Deny Mode (Production)
Infrastructure-as-Code (Terraform) will fail if any of the 16 mandatory tags are missing. Standard for all PHI-enabled zones.