Policies

Policies

Policies are the heart of Eda: deterministic rules, evaluated on every check, that every agent obeys. They run in the API in well under 10ms and never call a model, so they’re safe on your hottest paths.

Anatomy of a policy

FieldExampleNotes
Agent globsupport-*Matches agent. * matches everything.
Action globrefund_*Matches action.
Conditionsamount > 500Zero or more; all must hold (AND).
Effectrequire_approvalallow · block · require_approval.
Priority100Higher wins when multiple match.
EnabledtrueToggle without deleting.

Effects

  • allow — explicitly permit. Use to carve exceptions above a broad block.
  • block — deny outright → the decision is blocked.
  • require_approval — pause for a human → the decision is pending until someone approves (approved) or denies (denied).

Evaluation model

Highest-priority matching policy wins. If nothing matches, Eda allows. Model “default-deny” by adding a lowest-priority catch-all block on */* and layering allow exceptions above it.

  1. Collect every policy whose agent glob and action glob match the action.
  2. Drop those whose conditions don’t all hold against params.
  3. Of the survivors, the highest priority wins; ties break by most-recently updated.
  4. Its effect becomes the decision. No match → allow.

Example: layered refund policy

PriorityAgentActionConditionEffect
300*refund_*amount > 5000block
200*refund_*amount > 500require_approval
100support-*refund_*allow

A support-agent refund of $300 → matches all three by glob, but only the priority-100 allow has satisfied conditions among the low tiers → approved. Of $900 → priority-200 applies → pending. Of $9000 → priority-300 → blocked.

Conditions & operators

A condition is path op value, where path is a dot-path into params (customer.tier, items.0.sku). Operators:

OperatorMeaningvalue
== / !=equals / not equalsany
> >= < <=comparisonnumber/string
in / not_inmembershiparray
containsstring/array containselement
startsWith / endsWithstring affixstring
matchesregex testpattern
existspath present

These are the same operators the SDK’s local rules use, so you can prototype a rule in code and promote it to a server policy verbatim.

Managing policies

Create and edit policies in the dashboard → Policies: add condition rows, set priority, toggle enabled, and see the evaluation order (shown highest-priority first). Each save bumps a version so you have a change trail.

⚠️

Policies are workspace-wide. A rule you add affects every agent and every integration (SDK, adapters, MCP) in that workspace. Scope with agent/action globs rather than assuming a policy is local to one service.

Risk-based escalation

If you enable AI risk scoring, an action that policies would allow can still be escalated to require_approval when its risk score crosses your workspace threshold. Deterministic policies are always authoritative for block; risk scoring only ever makes things stricter, never looser.