Appearance
Policies
Policies control what happens when an AI agent tries to call an API operation through Airlock.
Policy Basics
Every server has a policy that defines the behavior for each operation (tool).
Actions
| Action | Behavior |
|---|---|
| ALLOW | Execute immediately without approval |
| REQUIRE_APPROVAL | Create a pending request and notify approvers |
| DENY | Block the operation entirely (returns error to agent) |
Default Policy
When you create a server, all operations default to REQUIRE_APPROVAL for maximum security. This ensures human oversight for all API calls until you explicitly allow specific operations.
Configuring Policies
From the Control Room
- Navigate to your server's detail page
- Find the Policy Configuration section listing all available operations
- For each tool, select the action:
- Allow - Executes without approval
- Require Approval - Needs human approval before executing
- Changes are saved automatically
Assigning Approvers
For tools set to require approval, you must assign who can approve requests:
- Click Add Approver next to the tool
- Select approvers:
- Individual users from your organization
- Groups for team-based approval
- Multiple approvers can be assigned - any one of them can approve
Policy Patterns
Read-Only Access
Allow all read operations, require approval for writes:
| Tool Pattern | Action |
|---|---|
list_* | ALLOW |
get_* | ALLOW |
search_* | ALLOW |
create_* | REQUIRE_APPROVAL |
update_* | REQUIRE_APPROVAL |
delete_* | REQUIRE_APPROVAL |
Full Access with Delete Protection
Allow most operations, but require approval for destructive actions:
| Tool Pattern | Action |
|---|---|
| Most tools | ALLOW |
delete_* | REQUIRE_APPROVAL |
Maximum Security
Every operation needs human approval:
| Tool Pattern | Action |
|---|---|
| All tools | REQUIRE_APPROVAL |
Best Practices
- Start Restrictive: Begin with all tools requiring approval
- Gradually Open: Allow operations as you gain confidence in their safety
- Protect Destructive Actions: Always require approval for delete operations
- Use Groups: Assign approvers to groups rather than individuals for easier management
- Regular Review: Periodically audit your policies to ensure they match your security requirements
Tool Naming
Tools are named based on the operationId in your OpenAPI specification:
yaml
paths:
/users:
get:
operationId: list_users # Tool name: list_users
post:
operationId: create_user # Tool name: create_userUse consistent naming conventions to make policy management easier:
list_*for collection endpointsget_*for single resource retrievalcreate_*for creationupdate_*for modificationsdelete_*for deletion