model_list: - model_name: "*" litellm_params: model: "*" - model_name: "gpt-4" litellm_params: model: "gpt-4" api_key: os.environ/OPENAI_API_KEY - model_name: "gpt-3.5-turbo" litellm_params: model: "gpt-3.5-turbo" api_key: os.environ/OPENAI_API_KEY general_settings: master_key: sk-1234 # ─────────────────────────────────────────────── # POLICIES - Define WHAT guardrails to apply # ─────────────────────────────────────────────── # # Policies define guardrails with: # - inherit: Inherit guardrails from another policy # - description: Human-readable description # - guardrails.add: Add guardrails (on top of inherited) # - guardrails.remove: Remove guardrails (from inherited) # - condition.model: Model pattern (exact or regex) for when guardrails apply # policies: # Global baseline policy global-baseline: description: "Base guardrails for all requests" guardrails: add: - pii_blocker # Healthcare policy - inherits from global-baseline healthcare-compliance: inherit: global-baseline description: "HIPAA compliance for healthcare teams" guardrails: add: - hipaa_audit # Dev policy - inherits but removes PII blocker for testing internal-dev: inherit: global-baseline description: "Relaxed policy for internal development" guardrails: add: - toxicity_filter remove: - pii_blocker # Policy with model condition (regex pattern) gpt4-safety: description: "Extra safety for GPT-4 models" guardrails: add: - toxicity_filter condition: model: "gpt-4.*" # regex: matches gpt-4, gpt-4-turbo, gpt-4o, etc. # Policy with model condition (exact match list) bedrock-compliance: description: "Compliance for Bedrock models" guardrails: add: - strict_pii_blocker condition: model: ["bedrock/claude-3", "bedrock/claude-2"] # exact matches # ─────────────────────────────────────────────── # POLICY ATTACHMENTS - Define WHERE policies apply # ─────────────────────────────────────────────── # # Attachments are REQUIRED to make policies active. # A policy without an attachment will not be applied. # policy_attachments: # Global attachment - applies to all requests - policy: global-baseline scope: "*" # Team-specific attachment - policy: healthcare-compliance teams: - healthcare-team - medical-research # Key pattern attachment - policy: internal-dev keys: - "dev-key-*" - "test-key-*" # Model-specific policies (attached globally, condition filters by model) - policy: gpt4-safety scope: "*" - policy: bedrock-compliance scope: "*"