Policy & compliance

Policy as Code

Write what your agent is allowed to do in plain English. IRIS compiles it to Cedar and enforces it on every runtime call.

Source of truth: policy-intent.md

Product, compliance, and engineering all read the same file. No Rego. No Sentinel. No new syntax.

governance/agents/loan-processor/policy-intent.md

Compile to Cedar

iris compile --agent loan-processor # top-level alias
iris policy compile --agent loan-processor
iris policy compile --agent loan-processor --backend openai
iris policy compile --agent loan-processor --litellm-model ollama/llama3.2
iris policy compile --agent loan-processor --dry-run

Backends: anthropic, openai, google, mistral, groq, ollama, together — or any LiteLLM model string. Output: governance/agents/loan-processor/policy.cedar

Preview and commit changes

iris policy diff --agent loan-processor
iris preview --agent loan-processor
iris policy status --agent loan-processor
iris policy commit --agent loan-processor -m "Restrict credit bureau to production"

policy status shows whether the agent is registered, policy-bound, and whether intent is newer than Cedar. policy commit applies a cached draft from --dry-run compile and logs the change to governance/CHANGELOG.md.

Validate in CI

iris scan --framework colorado-ai-act --fail-on critical
iris compliance check --framework colorado-ai-act

Example Cedar output

# Generated by IRIS from plain English intent
permit(
  principal == iris::Agent::"loan-processor",
  action == iris::Action::"call",
  resource == iris::API::"credit-bureau-api"
) when {
  context.region in ["us-east-1", "us-west-2"] &&
  context.user_consent_logged == true
};

Intent drift

If someone edits policy.cedar directly without updating policy-intent.md, IRIS flags it as intent drift. The plain English file is always the source of truth.

GitOps workflow

  1. Edit policy-intent.md in a branch
  2. Run iris policy compile --dry-run, iris policy diff, and iris policy status
  3. Run iris policy commit to apply the draft after review
  4. Open a PR — reviewer sees both intent and Cedar
  5. Merge → policy enforced at runtime on next call

Compliance as Code, Evidence as Code

Policy as Code declares what should happen. The Evidence Vault proves what did happen — every Cedar decision, HITL approval, and CI/CD run is a signed, immutable event mapped to compliance controls. Wire iris evidence record-cicd into your pipeline so PR evidence is as queryable as PR diffs.

← Cursor MCP Compliance Bundles →