Platform Shared Services implemented
GPUaaS is the first product on the AI Factory platform. Shared services prevent each product from rebuilding identity, billing, audit, evidence, notifications, policy, secrets, status, artifacts, and developer onboarding.
If the question is "where does this code belong in the repo?" read
Code Structure And Layer Model next.
This page explains platform versus product responsibilities; the layer-model
page explains where that split appears in cmd/, packages/, contracts, and
workers.
Target Split
| Platform shared service | Owns |
|---|---|
| IAM / Access | Identity, tenants, projects, memberships, scopes, service accounts, API keys |
| Billing / Metering | Usage units, rating, ledger, balances, usage attribution |
| Payments | Checkout sessions, webhooks, refunds, provider reconciliation, ledger credits |
| Audit / Evidence | Privileged action trail, release/UAT/security evidence, retention |
| Status / Ops | Health, incidents, maintenance, release readiness, SLO evidence |
| Notification | Templates, preferences, dispatch, security/billing/status notices |
| Registry / Artifacts | Product registry, app registrations, trusted artifacts, runtime bundles |
| Secrets / PKI | Service identity, short-lived credentials, cert lifecycle, runtime secrets |
| Policy / Entitlements | Quotas, limits, feature flags, product access, tenant entitlements |
GPUaaS remains product-owned for GPU inventory, SKUs, allocations, node lifecycle, terminal access, MAAS/reimage orchestration, and GPU-specific runtime behavior.
Boundary Diagram
Implementation Rule
Do not start by physically splitting services. Start by making ownership visible: maps first, guard visibility second, facade implementation third. Physical deployment separation comes after ownership and contracts are enforceable.
Current Completion Posture
The shared-services split is no longer only a target-state diagram. The repo already runs on the migrated ownership model:
packages/services/*is retired as the active implementation tree;- shared-platform capabilities live under
packages/platform/*; - product-specific logic lives under
packages/products/*; - CI boundary guards enforce the ownership model in code review and release gates.
Later physical extraction and deployment independence remain separate decisions. But the ownership model itself is already implemented and enforced.
Why This Is A Competitive Architecture Asset
The shared-services model is not just cleanup. It is what makes the platform credible for a second product. If GPUaaS had to rebuild IAM, billing, policy, evidence, and registry in every new surface, it would be a product silo instead of a platform.
Deep Engineering Pages
Use this page as the map. Use the service pages for engineering detail:
- IAM and Access Service
- Billing, Metering, and Payments Service
- Audit, Evidence, and Status/Ops Service
- Policy, Quota, and Entitlements Service
- Registry, Artifacts, and Trust Service
- Secrets, PKI, and Runtime Trust Service
- Notification and Portal Surface Service