Introduction:
Customers observe differences in the execution order of Sentinel policies in workflows depending on the mode of execution:
- In Agent Mode, Sentinel policies are executed before cost estimation.
- In Legacy Mode, Sentinel policies are executed after cost estimation.
This behavior causes operational challenges, such as adapting automation scripts to handle workspaces in both the "cost estimated" and "policy checked" states. Customers may also encounter issues with soft-mandatory policies being treated as hard-mandatory in Agent Mode.
Scenario:
In some workflows, customers require the Sentinel policies to be executed after cost estimation. However, this is not the case in Agent Mode, where policies run before cost estimation, which may lead to confusion or errors in specific use cases.
Recommendation:
This behavior is by design due to technical dependencies and workflow order in Agent Mode. In Agent Mode, policies do not have access to cost estimation data. If it is critical to have cost estimation data available during the Sentinel policy execution, one possible solution is to temporarily switch the workspace back to Legacy Mode, where policies run after cost estimation.