Access rules
Access rules in a policy determine whether a request is allowed, denied, or reported, based on attributes evaluated at runtime.
Assistant
Use the Assistant pane on the right side of the Access Rules tab to quickly create rules by describing the conditions you want to enforce in natural language. This is the easiest way to get started with access rules before moving on to the editor, which provides more precise control for experienced users.
Access Rules editor
The editor on the left lets you create and manage access rules with full control over conditions and logic.
If no access rules are defined on the Access Rules tab (for example, in a newly created policy), click + Create First Access Rule to add one. After the first rule is created, use the + button in the access rules editor to add more.
Each access rule consists of one or more conditions based on request attributes, combined using AND and OR logic.
To view available attributes, place your cursor in a condition field.
Matching values on the right may come from existing data and lookup values, or you can type them in manually.
Rules are evaluated in the order they appear. You can change the order by dragging and dropping rules in the list using the multi-dot handle on the left.
After defining the access rules, click Save.
If you define conditions based on prompt content (for example, malicious or sensitive data detections), you must also enable the corresponding detectors in the Prompt Rules tab.
Was this article helpful?