Create Guardrail Config

A guardrail configuration determines which guardrails are enforced for each request by specifying matching criteria in the when block. The when block allows you to target specific models, users, or request metadata, ensuring that the appropriate guardrails are applied only to relevant requests. You can create a guardrail config by navigating to the AI Gateway -> Config Tab -> Guardrails Section -> Create/Edit Guardrail Config.

Create/Edit Guardrail Config

Config

The guardrails configuration contains an array of rules that are evaluated for each request. Only the first matching guardrail rule is applied to that request. Each rule can specify input and output guardrails that will be applied. Let’s take a look at a sample configuration first.

Example Configuration

name: guardrails-config
type: gateway-guardrails-config
rules:
  - id: demo-guardrail
    when:
      subjects:
        - user:hrithik@truefoundry.com
    input_guardrails: 
      - truefoundry:guardrail-config-group:demo-guardrail-group:guardrail-config:open-ai-guardrail
    output_guardrails: []

Explanation of the above Configuration

  • id: A unique identifier for the rule.
  • when: Defines the subset of requests on which the rule applies. If set to an empty object ({}), the rule applies to all requests.
    • subjects: List of users, teams, or virtual accounts that originate the request. In this example, we are applying the rule to the user hrithik@truefoundry.com. This rule will only apply to requests originating from this user.
  • input_guardrails: An array of selectors of guardrail integrations to apply to the input prompt. In this example, we are applying the OpenAI guardrail integration to the input prompt.
  • output_guardrails: An array of selectors of guardrail integrations to apply to the LLM response. In this example, we are not applying any guardrail integrations to the LLM response.

Rules

For each rule, we have three sections:
  • id: A unique identifier for the rule
  • when: Defines the subset of requests on which the rule applies. If set to an empty object ({}), the rule applies to all requests.
    • subjects: List of users, teams, or virtual accounts that originate the request. Specify as user:email@example.com, team:team-name, or virtual-account:account-name.
    • models: List of model identifiers to match. These should correspond to the model names used in the request’s model field.
    • metadata: Key-value pairs to match against request metadata. For example, specifying metadata: { environment: "production" } will apply the rule only if the request includes the header X-TFY-METADATA with environment=production.
  • input_guardrails: An array of selectors of guardrail integrations to apply to the input prompt
  • output_guardrails: An array of selectors of guardrail integrations to apply to the LLM response

How to get the selector of guardrail integrations

You can get the selector of guardrail integrations by navigating to the Guardrail tab on AI Gateway and clicking on the “Copy” button next to the guardrail integration.

Copy Guardrail Selector


Test Guardrails in Playground

You can test guardrails in the playground by navigating to the AI Gateway -> Playground Tab.