Data Residency Label Required

Every topic must declare a data-residency region (eu, us, uk, apac, global). GDPR and equivalents require it.

“We have EU customer data and US-region consumers — we have to be able to prove which topics can cross the Atlantic and which cannot.”

Rationale

GDPR Article 44 (and UK/Swiss equivalents) treat cross-border transfer as a regulated event. Without a region label, replication, MirrorMaker, and cross-region consumers cannot be policy-checked. Banks running Conduktor across EU/US clusters use this label to drive Gateway routing rules and to prove to auditors that EU-resident data isn't silently fanning out to US consumers.

Pattern

metadata.labels.region in ["eu","us","uk","apac","global"]

Examples

Parameters

Implementation

Drop this YAML into Conduktor Console as a ResourcePolicy, then link it from an ApplicationInstance, Application, or KafkaCluster.

# Conduktor self-service ResourcePolicy
# Schema: https://docs.conduktor.io/platform/reference/resource-reference/self-service/#resourcepolicy
---
apiVersion: self-serve/v1
kind: ResourcePolicy
metadata:
  name: data-residency-label-required
spec:
  targetKind: Topic
  description: Every topic must declare metadata.labels.region for cross-border replication checks
  rules:
    - condition: 'has(metadata.labels) && "region" in metadata.labels && metadata.labels["region"] in ["eu","us","uk","apac","global"]'
      errorMessage: "Topic must set metadata.labels.region to one of eu, us, uk, apac, global — required for GDPR cross-border controls"

Related policies

• Topic Must Declare owner and data-criticality Labels
• Topic Name Must Include Declared domain Label as Prefix
• Data Criticality Label Required
• Cost-Center Label Required (Chargeback)
• Topic Owner Label Must Be a Team Slug