Rego Policy
Evaluate chat events against a custom Rego policy.
The Rego Policy detector evaluates each chat event against a user-provided policy written in OPA Rego. See the Rego language documentation for more information.
Use cases
- Enforce advanced criteria using the OPA policy engine
- Implement authorization and access control policies
- Selectively allow tool invocations based on custom authorization logic
Configuration
Rego policy body definition. Use variables input.messages and input.metadata to access the chat event.
Static JSON data available via the global data variable.
How to write a Rego policy
Provide only the raw policy body, without including any package declaration. The detector already evaluates your policy in its own package context, so including package will cause parsing errors.
Rego is an advanced policy language that allows you to write complex policies using a declarative syntax. It is part of the OPA (Open Policy Agent) policy engine. You can find more information in the official documentation.
Examples
Block messages that contain secrets based on a regex
This policy denies the event when any message looks like it contains an API key.
default deny = false
deny if {
some msg in input.messages
regex.match("(?i)api[_-]?key\\s*[:=]\\s*[a-z0-9_-]{12,}", msg.content)
}Authorize sensitive tool calls by role
This policy denies assistant tool calls to delete_record unless the user has the admin role.
default deny = false
is_admin if {
"admin" in input.metadata.user.roles
}
deny if {
some msg in input.messages
msg.role == "assistant"
some tool in msg.tool_calls
tool.function.name == "delete_record"
not is_admin
}Labels
POLICY_DENY Action blocked by the policy.
POLICY_UNSPECIFIED Policy did not yield a result (blocks by default).
The policy must define a deny or allow expression. If neither is defined, the policy will return POLICY_UNSPECIFIED.