For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
  • Getting Started
    • Welcome
    • Architecture
    • Installation
    • Authentication
    • Quick Start
    • Support
  • Core Concepts
    • Guardrails
    • AI BOM
    • Red Teaming
    • Compliance
    • Audit Logs
  • Integrations
    • GitHub
    • GitLab
    • Azure DevOps
    • Bitbucket
    • Jira
    • LiteLLM
  • Usage Guides
    • Organization
    • Guardrails Setup
    • Policies
    • Scans
    • Red Team
    • Dashboards
  • Code Examples
    • cURL
    • Python
    • Node.js
    • API Patterns
On this page
  • Creating Policies
  • Policy Creation
  • Via Dashboard
  • Via API
  • Policy Versions
  • Scopes
  • Policy Testing
  • Rollout Strategies
  • Next Steps
Usage Guides

Creating Policies

Was this page helpful?
Edit this page
Previous

Running Scans & Inventory

Next
Built with

Creating Policies

Policies are collections of guardrails organized by purpose. They define how your organization governs AI.

Policy Creation

Via Dashboard

  • Policies → Create Policy
  • Name: “Production Governance”
  • Select guardrails to include
  • Configure overrides (optional)
  • Set rollout strategy
  • Click Create

Via API

$curl -X POST https://api.governanceai.com/v1/policies \
>  -H "Authorization: Bearer $API_KEY" \
>  -d '{
>    "name": "Production LLM Governance",
>    "description": "Enforce safety and compliance in production",
>    "guardrail_ids": ["guardrail_pii", "guardrail_toxic", "guardrail_rate_limit"],
>    "scope": "organization",
>    "enforcement": {
>      "mode": "blocking",
>      "log_violations": true
>    }
>  }'

Policy Versions

Policies are versioned automatically:

  • v1.0 - Initial policy
  • v1.1 - Added guardrail
  • v2.0 - Major update

Rollback to previous version anytime.

Scopes

  • Organization - Apply to entire org
  • Workspace - Apply to specific workspace
  • Application - Apply to specific app
  • User - Apply to specific user

Narrower scopes override broader ones.

Policy Testing

Test impact before deploying:

$curl -X POST https://api.governanceai.com/v1/policies/test \
>  -H "Authorization: Bearer $API_KEY" \
>  -d '{
>    "policy_id": "policy_123",
>    "test_requests": [
>      {
>        "input": "What is my password?",
>        "context": {"user_id": "user_test"}
>      }
>    ]
>  }'

Rollout Strategies

  • Immediate - Deploy to all users now
  • Canary - Roll out to 5% → 25% → 100%
  • Scheduled - Deploy at specific time

Next Steps

  • Setting Up Guardrails - Create guardrails first
  • Running Scans - Scan repositories
  • API Reference - Policy APIs