# Buildkite Governance Documentation

> Buildkite documentation for governance and compliance, including pipeline templates, build exports, audit logging, team management, and platform controls.

## Pipelines

### Best practices

- [Platform controls](https://buildkite.com/docs/pipelines/best-practices/platform-controls.md): How platform teams maintain centralized control over agent infrastructure, pipeline templates, and developer autonomy.

### Security

#### Clusters

- [Overview](https://buildkite.com/docs/pipelines/security/clusters.md): Clusters for organizing agents, queues, and pipelines into isolated groups with self-service management.
- [Manage clusters](https://buildkite.com/docs/pipelines/security/clusters/manage.md): Creating, updating, and deleting clusters; managing maintainers, agent tokens, and pipeline assignments.

##### Rules

- [Overview](https://buildkite.com/docs/pipelines/security/clusters/rules.md): Rules for cross-cluster pipeline triggering and cross-pipeline artifact access with source/target conditions.
- [Manage rules](https://buildkite.com/docs/pipelines/security/clusters/rules/manage.md): Creating and managing rules using the Buildkite interface, REST API, and GraphQL API.
- [Permissions](https://buildkite.com/docs/pipelines/security/permissions.md): Configuring user, team, and pipeline permissions at organization, team, and pipeline levels.

### Governance

- [Overview](https://buildkite.com/docs/pipelines/governance.md): Overview of governance features for compliance and auditing: pipeline templates and build exports.
- [Pipeline templates](https://buildkite.com/docs/pipelines/governance/templates.md): Enterprise feature for defining reusable pipeline step configurations as centrally managed templates.
- [Build exports](https://buildkite.com/docs/pipelines/governance/build-exports.md): Enterprise feature to export build data to S3 or GCS buckets for long-term retention beyond the plan limit.
- [Job log archiving](https://buildkite.com/docs/pipelines/governance/job-log-archiving.md)

## Platform

### Team management

- [Overview](https://buildkite.com/docs/platform/team-management.md): Overview of team management features: permissions, 2FA enforcement, system banners, and API token management.
- [User and team permissions](https://buildkite.com/docs/platform/team-management/permissions.md): Configuring user and team permissions at organization, team, pipeline, suite, and registry levels.
- [Enforce 2FA](https://buildkite.com/docs/platform/team-management/enforce-2fa.md): Enforcing two-factor authentication for all users in a Buildkite organization.
- [System banners](https://buildkite.com/docs/platform/team-management/system-banners.md): Creating organization-wide announcement banners visible to all members (Enterprise plan).
- [Inactive user list](https://buildkite.com/docs/platform/team-management/inactive-user-list.md): Identifying and managing inactive organization members using the Buildkite UI or GraphQL API.
- [Audit log](https://buildkite.com/docs/platform/audit-log.md): Viewing and exporting organization activity events in the audit log (Enterprise plan).

## See also

- [Buildkite Security Documentation](https://buildkite.com/docs/llms-security.txt): Buildkite documentation for security, including secrets management, OIDC, clusters, permissions, SSO, agent security, signed pipelines, and security best practices.
- [Buildkite User Management Documentation](https://buildkite.com/docs/llms-user-management.txt): Buildkite documentation for user and team management, covering permissions, SSO providers, two-factor authentication, audit logging, API token management, and system banners.