---
title: "Guardrails"
description: "Configure content moderation and policy enforcement in config.json using guardrails_config"
icon: "shield-halved"
---
Guardrails are an **enterprise-only** feature and require the enterprise Bifrost image.
Guardrails are configured under `guardrails_config` in `config.json`. The configuration has two parts:
- **`guardrail_providers`** — the backend that performs the check. Rules link to providers by `id`.
- **`guardrail_rules`** — CEL expressions that control when and where providers are invoked.
---
## Providers
Runs entirely in-process with no external dependency. Patterns use RE2 syntax. Supports optional per-pattern flags: `i` (case-insensitive), `m` (multiline), `s` (dot-all).
```json
{
"guardrails_config": {
"guardrail_providers": [
{
"id": 1,
"provider_name": "regex",
"policy_name": "block-secrets",
"enabled": true,
"timeout": 5,
"config": {
"patterns": [
{ "pattern": "sk-[A-Za-z0-9]{20,}", "description": "OpenAI API key" },
{ "pattern": "AKIA[0-9A-Z]{16}", "description": "AWS access key" },
{ "pattern": "gh[ps]_[A-Za-z0-9]{36}", "description": "GitHub token", "flags": "i" }
],
"mode": "block"
}
}
]
}
}
```
```json
{
"guardrails_config": {
"guardrail_providers": [
{
"id": 2,
"provider_name": "bedrock",
"policy_name": "content-filter",
"enabled": true,
"timeout": 15,
"config": {
"guardrail_arn": "arn:aws:bedrock:us-east-1::guardrail/abc123",
"guardrail_version": "DRAFT",
"region": "us-east-1",
"access_key": "env.AWS_ACCESS_KEY_ID",
"secret_key": "env.AWS_SECRET_ACCESS_KEY"
}
}
]
}
}
```
```json
{
"guardrails_config": {
"guardrail_providers": [
{
"id": 3,
"provider_name": "azure",
"policy_name": "azure-content-safety",
"enabled": true,
"timeout": 10,
"config": {
"endpoint": "https://your-resource.cognitiveservices.azure.com",
"api_key": "env.AZURE_CONTENT_SAFETY_KEY",
"analyze_enabled": true,
"analyze_severity_threshold": "medium",
"jailbreak_shield_enabled": true,
"indirect_attack_shield_enabled": true,
"copyright_enabled": false,
"text_blocklist_enabled": false,
"blocklist_names": []
}
}
]
}
}
```
`analyze_severity_threshold` accepts `"low"`, `"medium"`, or `"high"`.
```json
{
"guardrails_config": {
"guardrail_providers": [
{
"id": 4,
"provider_name": "grayswan",
"policy_name": "grayswan-jailbreak",
"enabled": true,
"timeout": 15,
"config": {
"api_key": "env.GRAYSWAN_API_KEY",
"violation_threshold": 0.7,
"reasoning_mode": "standard",
"policy_id": "",
"policy_ids": [],
"rules": {}
}
}
]
}
}
```
### Provider Fields
| Field | Required | Description |
|-------|----------|-------------|
| `id` | Yes | Unique integer ID — referenced by rules via `provider_config_ids` |
| `provider_name` | Yes | Backend: `"regex"`, `"bedrock"`, `"azure"`, `"grayswan"` |
| `policy_name` | Yes | Human-readable policy label |
| `enabled` | Yes | `true` to activate |
| `timeout` | No | Execution timeout in seconds |
| `config` | No | Provider-specific configuration object |
---
## Rules
Rules are CEL expressions that fire when their condition matches. Available CEL variables:
| Variable | Type | Description |
|----------|------|-------------|
| `model` | `string` | Model name from the request |
| `provider` | `string` | Provider name (e.g. `"openai"`) |
| `headers` | `map` | HTTP request headers |
| `params` | `map` | Query parameters |
| `customer` | `string` | Customer ID |
| `team` | `string` | Team ID |
| `user` | `string` | User ID |
```json
{
"guardrails_config": {
"guardrail_rules": [
{
"id": 101,
"name": "block-secrets-input",
"description": "Block prompts containing credentials",
"enabled": true,
"cel_expression": "true",
"apply_to": "input",
"sampling_rate": 100,
"timeout": 10,
"provider_config_ids": [1]
},
{
"id": 102,
"name": "content-safety-gpt4o-output",
"enabled": true,
"cel_expression": "model == 'gpt-4o'",
"apply_to": "output",
"sampling_rate": 100,
"timeout": 15,
"provider_config_ids": [3]
},
{
"id": 103,
"name": "grayswan-openai-partial",
"enabled": true,
"cel_expression": "provider == 'openai'",
"apply_to": "input",
"sampling_rate": 50,
"timeout": 20,
"provider_config_ids": [4]
}
]
}
}
```
### Rule Fields
| Field | Required | Description |
|-------|----------|-------------|
| `id` | Yes | Unique integer ID |
| `name` | Yes | Human-readable name |
| `description` | No | Optional description |
| `enabled` | Yes | `true` to activate |
| `cel_expression` | Yes | CEL boolean expression. `"true"` matches every request |
| `apply_to` | Yes | `"input"`, `"output"`, or `"both"` |
| `sampling_rate` | No | `0`–`100`; percentage of requests to evaluate (default: `100`) |
| `timeout` | No | Rule timeout in seconds |
| `provider_config_ids` | No | `id` values of providers to invoke when this rule matches. Multiple providers run in parallel |
---
## Full Example
```json
{
"$schema": "https://www.getbifrost.ai/schema",
"encryption_key": "env.BIFROST_ENCRYPTION_KEY",
"providers": {
"openai": {
"keys": [{ "name": "primary", "value": "env.OPENAI_API_KEY", "models": ["*"], "weight": 1.0 }]
}
},
"guardrails_config": {
"guardrail_providers": [
{
"id": 1,
"provider_name": "regex",
"policy_name": "block-secrets",
"enabled": true,
"timeout": 5,
"config": {
"patterns": [
{ "pattern": "sk-[A-Za-z0-9]{20,}", "description": "OpenAI API key" },
{ "pattern": "AKIA[0-9A-Z]{16}", "description": "AWS access key" }
],
"mode": "block"
}
},
{
"id": 2,
"provider_name": "azure",
"policy_name": "content-safety",
"enabled": true,
"timeout": 10,
"config": {
"endpoint": "https://your-resource.cognitiveservices.azure.com",
"api_key": "env.AZURE_CONTENT_SAFETY_KEY",
"analyze_enabled": true,
"analyze_severity_threshold": "medium",
"jailbreak_shield_enabled": true,
"indirect_attack_shield_enabled": false
}
}
],
"guardrail_rules": [
{
"id": 101,
"name": "block-secrets-input",
"description": "Block prompts leaking credentials",
"enabled": true,
"cel_expression": "true",
"apply_to": "input",
"sampling_rate": 100,
"timeout": 10,
"provider_config_ids": [1]
},
{
"id": 102,
"name": "content-safety-both",
"description": "Azure content safety on all traffic",
"enabled": true,
"cel_expression": "true",
"apply_to": "both",
"sampling_rate": 100,
"timeout": 15,
"provider_config_ids": [2]
}
]
}
}
```