diff --git a/.chloggen/wip-entity-policies.yaml b/.chloggen/wip-entity-policies.yaml
new file mode 100755
index 0000000000..391cf2cbc1
--- /dev/null
+++ b/.chloggen/wip-entity-policies.yaml
@@ -0,0 +1,22 @@
+# Use this changelog template to create an entry for release notes.
+#
+# If your change doesn't affect end users you should instead start
+# your pull request title with [chore] or use the "Skip Changelog" label.
+
+# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix'
+change_type: enhancement
+
+# The name of the area of concern in the attributes-registry, (e.g. http, cloud, db)
+component: service
+
+# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`).
+note: Adds stability policies for Entity groups.
+
+# Mandatory: One or more tracking issues related to the change. You can use the PR number here if no issue exists.
+# The values here must be integers.
+issues: [2378]
+
+# (Optional) One or more lines of additional information to render under the primary note.
+# These lines will be padded with 2 spaces and then inserted directly into the document.
+# Use pipe (|) for multiline entries.
+subtext: Entity groups now require `role` to be filled for attributes.
diff --git a/model/service/entities.yaml b/model/service/entities.yaml
index 5627ac5193..319eb39eae 100644
--- a/model/service/entities.yaml
+++ b/model/service/entities.yaml
@@ -8,6 +8,10 @@ groups:
     attributes:
       - ref: service.name
         requirement_level: required
+        role: identifying
       - ref: service.version
+        role: descriptive
       - ref: service.namespace
+        role: identifying
       - ref: service.instance.id
+        role: identifying
diff --git a/model/telemetry/entities.yaml b/model/telemetry/entities.yaml
index 15ce890c95..fadfa82735 100644
--- a/model/telemetry/entities.yaml
+++ b/model/telemetry/entities.yaml
@@ -8,10 +8,13 @@ groups:
     attributes:
       - ref: telemetry.sdk.name
         requirement_level: required
+        role: identifying
       - ref: telemetry.sdk.language
         requirement_level: required
+        role: identifying
       - ref: telemetry.sdk.version
         requirement_level: required
+        role: descriptive
   - id: entity.telemetry.distro
     name: 'telemetry.distro'
     type: entity
diff --git a/policies/entity_stability.rego b/policies/entity_stability.rego
new file mode 100644
index 0000000000..b26e2a6509
--- /dev/null
+++ b/policies/entity_stability.rego
@@ -0,0 +1,48 @@
+package after_resolution
+import rego.v1
+
+# checks for stable entity groups that have no identifying attributes
+deny contains entity_stability_violation(description, group.id, "") if {
+    group := input.groups[_]
+    # ignore attribute_groups
+    group.type == "entity"
+    group.stability == "stable"
+
+    exceptions = {}
+    not exceptions[group.id]
+
+    ids := [attr |
+        some attr in group.attributes
+        attr.role == "identifying"
+    ]
+    count(ids) < 1
+
+    description := sprintf("Stable entity '%s' has no identifying attributes", [group.name])
+}
+
+
+# checks for stable entity groups that have attributes with no role
+deny contains entity_stability_violation(description, group.id, attr.name) if {
+    group := input.groups[_]
+    # ignore attribute_groups
+    group.type == "entity"
+    group.stability == "stable"
+
+    exceptions = {}
+    not exceptions[group.id]
+
+    attr := group.attributes[_]
+    not attr.role
+
+    description := sprintf("Stable entity '%s' has attribute without role: '%s'", [group.name, attr.name])
+}
+
+entity_stability_violation(description, group, attr) = violation if {
+    violation := {
+        "id": description,
+        "type": "semconv_attribute",
+        "category": "group_stability_violation",
+        "attr": attr,
+        "group": group,
+    }
+}
\ No newline at end of file
diff --git a/policies_test/entity_stability_test.rego b/policies_test/entity_stability_test.rego
new file mode 100644
index 0000000000..c71336e5a9
--- /dev/null
+++ b/policies_test/entity_stability_test.rego
@@ -0,0 +1,48 @@
+package after_resolution
+import future.keywords
+
+test_fails_on_stable_entity_with_attributes_having_no_role if {
+    count(deny) >= 1 with input as {"groups": [{
+        "id": "entity.foo",
+        "type": "entity",
+        "name": "foo",
+        "stability": "stable",
+        "attributes": [{
+            "name": "test.experimental",
+            "stability": "stable",
+        }, {
+            "name": "test.id",
+            "stability": "stable",
+            "role": "identifying",
+        }]}]}
+}
+
+test_fails_on_stable_entity_with_attributes_having_no_id if {
+    count(deny) >= 1 with input as {"groups": [{
+        "id": "entity.foo",
+        "type": "entity",
+        "name": "foo",
+        "stability": "stable",
+        "attributes": [{
+            "name": "test.experimental",
+            "stability": "stable",
+            "role": "descriptive",
+        }]}]}
+}
+
+test_passes_on_stable_entity_with_id if {
+    count(deny) == 0 with input as {"groups": [{
+        "id": "entity.foo",
+        "type": "entity",
+        "name": "foo",
+        "stability": "stable",
+        "attributes": [{
+            "name": "test.experimental",
+            "stability": "stable",
+            "role": "descriptive",
+        },{
+            "name": "test.id",
+            "stability": "stable",
+            "role": "identifying",
+        }]}]}
+}