D
Dezifi.ai
Policies

Policy-as-code for AI agents

Encode your governance rules once and apply them across every agent run. Policies are versioned, scoped, and enforced at runtime — not buried in prompts.

What you'll learn
  • What a policy is in Dezifi and how it differs from a guardrail
  • The rule types you can express — data, rate, output, tool, cost, time
  • How scopes (Platform, Tenant, Agent) compose
  • The Draft → Active → Deprecated lifecycle

What a policy controls

A policy is a declarative rule the platform enforces on every agent invocation. Six rule types cover the common governance surface.
  1. 1

    Data access

    Restrict which datasets, knowledge bases, or rows an agent can read. Used to enforce row-level security and PII boundaries.
  2. 2

    Rate limit

    Cap requests-per-minute or per-hour for an agent or a caller. Prevents runaway loops and abusive consumers.
  3. 3

    Output constraints

    Require a JSON schema, forbid certain phrases, enforce a max output length. Applied to the final response before it leaves the platform.
  4. 4

    Tool allow / deny

    Whitelist or blacklist specific integrations and actions. The most common rule type — used to keep destructive actions behind approvals.
  5. 5

    Cost limits

    Hard ceiling on LLM and tool spend per run, per agent, per day. The run halts when the limit is hit.
  6. 6

    Time limits

    Max wall-clock duration for a single run. Prevents agents from spinning indefinitely on a stuck tool call.

Policy vs guardrail

A policy is structured governance — declarative rules about what can happen. A guardrail is runtime content safety — a real-time inspector on prompts, tool calls, and responses. You use both: policies set the rules, guardrails catch unsafe content inside them.

Lifecycle

A policy starts as Draft — editable, not enforced. Move it to Active to begin enforcement on every matching run. Retire it by moving to Deprecated, which leaves the record intact for audit but stops enforcement. Only Draft policies can be deleted; Active and Deprecated remain immutable for traceability.

Frequently asked questions

When is a policy evaluated?
Before each agent action. The platform checks every matching Active policy against the request — tool call, output, cost increment — and blocks the action if any rule fails.
What happens when an active policy blocks a run?
The run halts with a structured violation event. The trace records which policy fired, which rule matched, and the input that triggered it. You can configure whether the agent retries, asks for approval, or terminates.
Can I edit an Active policy?
No. Active policies are immutable to preserve audit integrity. Clone it to a new Draft, edit the clone, then activate the new version and deprecate the old one.
How do I see which policy blocked a request?
Open the run in Monitor. Each enforcement decision is logged with the policy id, rule id, and matching payload. You can also filter the Audit Log by policy id.

Related

Policy scopes
Platform, Tenant, Agent — and how they compose.
Read more
Create a policy
Step-by-step authoring guide.
Read more
Guardrails overview
Runtime content safety inspections.
Read more
Approvals
Human-in-the-loop gates that pair with policies.
Read more