Guardrails

Install

pip install briefcase-ai[guardrails]

Quick Example

from briefcase.guardrails import GuardrailEnv

env = GuardrailEnv()
env.load_policy("policies/production.cedar")

decision = env.evaluate(
    principal="user:alice",
    action="invoke",
    resource="model:gpt-4",
)
assert decision.is_allowed

Cedar Integration

Briefcase AI uses Cedar as its policy language. Policies are declarative and auditable.

permit(
  principal == User::"alice",
  action == Action::"invoke",
  resource == Model::"gpt-4"
);

Architecture

flowchart LR
    A["Request"] --> B["GuardrailEnv"]
    B --> C["Load Cedar policies"]
    C --> D{"Evaluate principal,\naction, resource"}
    D -- Permit --> E["Allow"]
    D -- Deny --> F["Block"]

Key Classes

GuardrailEnv — policy evaluation environment
Cedar policy files — define access rules

Configuration

Option	Default	Description
`policy_dir`	`"./policies"`	Directory containing Cedar policies
`default_action`	`"deny"`	Default when no policy matches