Real-time protection
Policies and guardrails
Learn how to set up and manage policies and guardrails for your AI application
Policies are a crucial component in managing and securing your AI application. They allow you to define rules and guardrails that govern the behavior of your AI model.
Understanding Policies
A policy is a set of rules that are applied to either the input, output, or both in your AI application. Each policy consists of one or more rules, which are evaluated to ensure compliance with your defined standards.
Policy Structure
A policy is defined using the following structure:
- id: Unique ID for the policy.
- definition: A short description.
- rules: A
list
of rules that are applied to the policy see rules catalog.- type: Supported rule types are
classifier
,rubric
,jailbreak
,pii
,contains
,regex
,similarity
andfactuality
. For model based rules, you can specify the revision, e.g.,jailbreak@47ffb2e
, see more in model based rules - expected: If match, it should
fail
orpass
the evaluation. - value: a
string
value, depending on the rule type, e.g., for classifier it’s the class name, for rubric it’s the criteria, for pii it’s the pii types (phone, email, etc) - threshold: a
float
value, depending on the rule type. e.g., for jailbreak, classifier and pii it’s the model min output score, similarity is the cosine score.
- type: Supported rule types are
- target: The target of the policy, which can be either
input
,output
, orboth
, being the user, assistant and both messages, respectivelly.
Example Policy
policy = {
"id": "my-policy-id",
"definition": "...",
"rules": [
{
"type": "classifier",
"value": "topic A",
"expeted": "fail",
"threshold": 0.9
}
],
"target": "output"
}
Create policy before evaluating
http.post('/v1/applications/my-app/policies', json=policy)
List your policies
http.get('/v1/applications/my-app/policies')
Update your policy
http.put('/v1/applications/my-app/policies/my-policy-id', json=policy)
Delete your policy
http.delete('/v1/applications/my-app/policies/my-policy-id')