Product
Compliance in clicks, not months
Pre-built Cedar policy templates for GDPR, HIPAA, SOC 2, and EU AI Act. Download, customize, and deploy—your agents are compliant by default.
Templates
Choose your compliance framework
Production-ready policies vetted by compliance experts
// GDPR Article 6 - Lawful basis for processing
forbid(principal, action, resource)
when { resource.contains_personal_data == true }
unless {
principal.has_consent == true ||
principal.has_legitimate_interest == true ||
resource.processing_is_necessary == true
};GDPR
EU General Data Protection Regulation compliance policies
Policy Categories
All templates are customizable to your specific requirements
Capabilities
Why Cedar?
The policy language trusted by AWS and enterprise teams worldwide
Human-Readable
Anyone can read and understand Cedar policies. No programming required.
Millisecond Evaluation
Policies evaluate in under 2ms. Your agents stay fast.
Version Control Ready
Plain text files that live in Git. Track changes. Review PRs.
Testable
Unit test your policies against sample requests before deployment.
Deny by Default
Secure posture out of the box. Explicitly permit what's allowed.
Hot Reload
Update policies without restarting your agents.
Customization
Build your own policies
// Custom rate limiting for expensive operations
forbid(
principal,
action == Action::"model_call",
resource
)
when {
resource.model_tier == "premium" &&
principal.daily_premium_calls > 100
}
unless {
principal.has_premium_override == true
};
// Geographic data restrictions
forbid(
principal,
action == Action::"data_transfer",
resource
)
when {
resource.data_origin in ["EU", "EEA", "UK"] &&
resource.destination_region not in ["EU", "EEA", "UK"]
}
unless {
resource.has_adequacy_decision == true ||
resource.has_standard_contractual_clauses == true
};