Case study · Climate risk
Air-gapped sovereign deployment for a climate-risk team.
A climate-risk team needed to consolidate four operational Postgres sources and two geospatial PostGIS sources into one queryable layer, expose ten dashboards to fifty users, and let analysts ask natural-language questions on top — without a single packet leaving the perimeter.
Context
Sovereignty was a hard constraint, not a marketing line.
The team operates climate-risk scoring for downstream customers. The data they ingest includes asset-level exposure, geospatial overlays, and partner-supplied feeds covered by contractual confidentiality. Their constraint was unambiguous: no inference call, no telemetry, no model weight could leave the deployment perimeter. Their existing analytics stack relied on managed cloud services and could not satisfy that constraint without a re-architecture.
- Four operational Postgres sources, daily change rate measured in millions of rows.
- Two PostGIS sources, multi-gigabyte geospatial tiles refreshed weekly.
- Ten dashboards spanning exposure, scoring, and quality-control views.
- Fifty users across risk, product, data engineering, and compliance.
- Audit and traceability obligations aligned with SecNumCloud expectations.
Solution
One Helm chart, every layer under one control plane, zero egress.
AKKO was installed on the team's own Kubernetes cluster, behind their identity provider. The Storage layer landed the source extracts as open-format tables; the Catalog layer registered them with PII tags and lineage; the Query layer federated the operational and geospatial sources behind a single SQL endpoint; the BI layer published the ten dashboards; the AI layer turned natural-language questions into governed queries with audit trail. Every component runs inside the perimeter. No outbound calls. No managed third party.
- Storage — Operational and geospatial sources landed as open-format tables. Versioned. Time-travel enabled.
- Catalog — Tags, glossary, ownership, lineage. Daily auto-enrichment.
- Query — Federated SQL across all six sources, one endpoint.
- BI — Ten dashboards published, role-scoped at the catalog level.
- AI — Natural-language to SQL, scope-first policy, prompt audit log.
- Governance — Single policy engine for row, column and project scope.
- Identity — SSO via the team's existing identity provider, no shadow accounts.
- Observability — Metrics, traces, audit events emitted in OCSF format.
- Compliance — Evidence packs auto-generated for the next audit cycle.
Outcome
Measured improvements, conservatively estimated.
The numbers below are conservative estimates against the team's internal baseline and the engineering effort a hand-rolled assembly would have required. They are not marketing peaks. We publish ranges only when we have observed them across at least one full quarter of production usage.
Versus the time a hand-rolled assembly of the same layers would have required, according to our internal estimate.
No inference, telemetry, or model traffic leaves the deployment perimeter. Verified with network policy egress logs.
Every query, every policy decision, every model call emitted in OCSF format and retained.
Routed through the AI layer with scope-first policy enforcement, average latency under one second on the hot cache.
Auto-generated compliance pack for a given period — versus the team's previous manual process.
Curious whether this deployment shape fits your perimeter?
Tell us about your sources, your users and your audit constraints. We return a calibrated quote within five business days.