# Policy-Aware Review Workflow

```yaml workflow
metadata:
  id: policy-aware-review
intent:
  summary: Declare enterprise identity and policy mapping for a review workflow.
inputs:
  note:
    file: ../policy/private/internal-note.md
    selector: sections[heading=Decision]
steps:
  shape:
    kind: shape
    data:
      note: ${sources.note.items}
outputs:
  review:
    path: out/policy-aware-review.md
    content: ${steps.shape.value.note}
permissions:
  policy:
    subject_from_token: examples/policy/netkingdom-claims.yaml
    policy_map: examples/policy/enterprise-policy-map.yaml
    required_assurance:
      mfa: true
    decision_log: .markitect/policy-decisions.jsonl
  flex_auth:
    resource_manifest: examples/policy/flex-auth-resource-manifest.yaml
responsibilities:
  system:
    enforces_policy: true
  human:
    reviews_denials: true
```