Policy catalog · pure Rego · replay before enforce

Browse starter Rego policies with replayable proof.

Clavenar ships a curated catalog of starter Open Policy Agent rules. Each template is a plain Rego file with structured frontmatter: domain, severity, frameworks, tier, tool surface, and purpose. Filter the catalog, preview the rule, replay chaos cases, install with an Admin action, then verify the policy.installed_from_template ledger row.

Docs verified for v1.119.1 Edit this page Policy CLI
85starter policies in this curated release
20industry families shown below
30+framework mappings in frontmatter
100%pure Rego, no Clavenar DSL
1 · Browse

Filter by industry, framework, severity, or tier.

These are the curated policy families exposed in the marketing catalog. Open a card for the live console library with the matching domain filter already applied.

20 families visible
6 policies Healthcare

6 policies. PHI egress gating, breach‑notification channels, prescription renewal review, clinical‑decision‑support override defense. HIPAA + HITRUST + HITECH.

Severity
High
Tier
Mixed
Frameworks
HIPAA HITRUST HITECH
Open filtered library
5 policies Finance

5 policies. Wire‑transfer review, bulk‑money deny, ACH batch volume, vendor‑payment redirect review, account‑freeze lift, treasury thresholds. PCI‑DSS + SOX + OFAC.

Severity
Critical
Tier
Mixed
Frameworks
PCI-DSS SOX OFAC
Open filtered library
4 policies Payments & fintech

4 policies. Card‑data storage gating, KYC/AML bypass deny, payout‑route & beneficiary changes, chargeback dispute review. PCI‑DSS + BSA + AML + KYC.

Severity
Critical
Tier
Deny
Frameworks
PCI-DSS BSA AML KYC
Open filtered library
4 policies Capital markets

4 policies. Trade‑execution deny, pre‑trade compliance override, surveillance‑alert dismiss block, client‑position disclosure. SEC + FINRA + MAR + MiFID‑II.

Severity
Critical
Tier
Deny
Frameworks
SEC FINRA MAR MiFID-II
Open filtered library
6 policies Legal & e‑discovery

6 policies. Privileged‑document forwarding, litigation‑hold release deny, e‑discovery bulk export, contract redline external, attorney log preservation. FRCP + attorney‑client‑privilege.

Severity
High
Tier
Mixed
Frameworks
FRCP privilege
Open filtered library
6 policies Coding agents & DevEx

6 policies. Package‑install registry allowlist, repo‑scope gating, credentials‑in‑diff deny, force‑push to main, branch‑protection deny, unpinned‑dep review. SOC2 + supply‑chain.

Severity
High
Tier
Mixed
Frameworks
SOC2 supply-chain
Open filtered library
6 policies DevOps & SRE

6 policies. Infra‑apply prod review, secret‑rotation window, RDS‑snapshot public share, Terraform‑state delete, DNS apex modify, IAM wildcard. SOC2 + ISO‑27001.

Severity
Critical
Tier
Mixed
Frameworks
SOC2 ISO-27001
Open filtered library
2 policies HR & employee data

2 policies. Employee‑data export tiered review (team / dept / all‑employees / SSN‑in‑fields), recruiter‑PII egress. GDPR + CCPA + employment law.

Severity
High
Tier
Review
Frameworks
GDPR CCPA employment
Open filtered library
2 policies Manufacturing & OT

2 policies. PLC safety‑interlock enforcement, OT change‑window gating. IEC‑62443 + NIST‑CSF.

Severity
Critical
Tier
Deny
Frameworks
IEC-62443 NIST-CSF
Open filtered library
4 policies Energy & utilities

4 policies. SCADA writes deny, load‑shed and blackout‑initiation hard‑deny, AMI meter bulk export review, regulatory‑filing submit. NERC‑CIP + FERC.

Severity
Critical
Tier
Mixed
Frameworks
NERC-CIP FERC
Open filtered library
6 policies AI / ML pipelines

6 policies. Model‑deploy provenance, dataset egress allowlist, training‑data PII review, inference‑endpoint auth gate, model‑card publish, embedding‑corpus external. NIST‑AI‑RMF.

Severity
High
Tier
Mixed
Frameworks
NIST-AI-RMF
Open filtered library
2 policies E‑commerce

2 policies. Order‑refund tiered limits ($500 review, $5k deny, stale‑order deny), price‑changes egress + off‑hours. PCI‑DSS + consumer protection.

Severity
High
Tier
Mixed
Frameworks
PCI-DSS consumer
Open filtered library
6 policies Government & classified

6 policies. Classified‑access tiering, FOIA bulk‑export, foreign‑address PII deny, clearance grant / blanket revoke, CUI marking changes. FedRAMP + ITAR + NIST‑CSF.

Severity
Critical
Tier
Mixed
Frameworks
FedRAMP ITAR NIST-CSF
Open filtered library
2 policies Education & FERPA

2 policies. Student‑record bulk‑access tiering, FERPA consent‑on‑file enforcement for external email. FERPA.

Severity
High
Tier
Review
Frameworks
FERPA
Open filtered library
2 policies Insurance

2 policies. Claim‑approval thresholds ($10k review, $5k fast‑track deny, missing claim_id deny), underwriting PHI bulk export. NAIC + state insurance.

Severity
High
Tier
Mixed
Frameworks
NAIC state-insurance
Open filtered library
6 policies Customer support

6 policies. Account‑reset ATO combo‑deny, support velocity review, PII lookup without ticket, 2FA‑skipped unlock, refund without proof, external‑partner handoff. SOC2 + ATO prevention.

Severity
High
Tier
Mixed
Frameworks
SOC2 ATO
Open filtered library
2 policies Marketing & comms

2 policies. Brand‑publishing tiered (social, asset, crisis‑reply, competitor disparagement), marketing PII egress with list‑source provenance. GDPR + CAN‑SPAM.

Severity
Medium
Tier
Review
Frameworks
GDPR CAN-SPAM
Open filtered library
2 policies Logistics & supply chain

2 policies. Shipment‑routing fraud detection (in‑flight address change, non‑contracted reroute), customs declaration edit deny + bill‑of‑lading override. C‑TPAT + customs + ITAR + EAR.

Severity
High
Tier
Mixed
Frameworks
C-TPAT customs ITAR EAR
Open filtered library
2 policies Telecom & carrier ops

2 policies. SIM swap / number port‑out / lawful‑intercept / E911 address hard‑deny + voicemail‑reset review, CDR bulk egress review. TCPA + CPNI + FCC + E911.

Severity
Critical
Tier
Mixed
Frameworks
TCPA CPNI FCC E911
Open filtered library
4 policies Cybersecurity ops

4 policies. SIEM alert‑mute / detection‑disable deny, forensic evidence preservation, incident‑close severity gating, red‑team simulation against prod. SOC2 + ISO‑27001 + NIST‑CSF.

Severity
Critical
Tier
Mixed
Frameworks
SOC2 ISO-27001 NIST-CSF
Open filtered library
2 · Coverage

Counts that buyers and auditors can scan.

The hero count is the curated release claim. The matrices below explain how the visible families map to major frameworks, severity, and enforcement posture.

Tier mix 85 starter policies
Deny floors
34
Review gates
21
Mixed deny/review
30
Severity mix Prioritize high-blast-radius tools
Critical
18
High
39
Medium + low
28
Visible families 20 domain entry points
Critical families
8
High families
10
Review-led families
3
Framework cluster Primary verticals Common tool surface Default posture Proof to inspect
HIPAA / HITRUST / HITECH Healthcare, insurance, support PHI export, email, clinical override Mixed: deny missing attestation, review scoped export policy.evaluated + HIL decision rows
PCI-DSS / BSA / AML / KYC Finance, payments, e-commerce Money movement, card data, beneficiary changes Deny hard floors, review thresholded operations Correlation replay and /verify
SOC2 / ISO-27001 / supply chain Coding, DevOps, cybersecurity, support Repo writes, package installs, IAM, detection changes Mixed: block destructive bypasses, review prod changes Template install row plus policy verdict row
FedRAMP / ITAR / NIST-CSF Government, logistics, energy, manufacturing CUI, export controls, SCADA, OT change windows Critical deny for unsafe release paths Operator identity, reason, and chain hash
GDPR / CCPA / FERPA / CAN-SPAM HR, education, marketing, support PII export, student record access, list provenance Review consent paths, deny missing provenance Frontmatter framework mapping and replay case
3 · Anatomy

Split the policy into the parts operators actually edit.

The PHI egress starter is a representative template: frontmatter powers catalog filtering, deny rules define hard floors, review rules park risky but valid requests, and test inputs prove the expected verdict.

# Template:     phi_egress
# Domain:       healthcare
# Severity:     high
# Frameworks:   HIPAA, HITRUST
# Tags:         phi, pii, egress, attestation
# Tier:         mixed
# Tool surface: phi_export, send_email
# Summary:      Deny unattested PHI export; review attested; flag PHI fields in send_email.
# Purpose:      Gate PHI-bearing exports before agent data leaves the trust boundary.
package clavenar.authz

import rego.v1

phi_field_needles := {"mrn", "dob", "ssn", "dx_code", "icd10", "medication", "patient_name"}

deny contains msg if {
  input.tool_type == "phi_export"
  not is_object(input.attestation)
  msg := "Violation: PHI export requires an attested agent."
}

deny contains msg if {
  input.tool_type == "send_email"
  some f in input.arguments.fields
  some n in phi_field_needles
  f == n
  msg := sprintf("Violation: PHI field %q detected in send_email payload.", [f])
}
review contains msg if {
  input.tool_type == "phi_export"
  is_object(input.attestation)
  msg := "Review: Attested phi_export - confirm patient scope and downstream recipient before approval."
}
{
  "tool_type": "phi_export",
  "agent_id": "agent-clinical-summary",
  "attestation": {
    "spiffe_id": "spiffe://clavenar/prod/agent-clinical-summary"
  },
  "arguments": {
    "patient_count": 42,
    "recipient": "billing-review@example.org"
  }
}
{
  "authorized": false,
  "verdict": "review",
  "policy": "phi_egress",
  "reasoning": [
    "Review: Attested phi_export - confirm patient scope and downstream recipient before approval."
  ],
  "correlation_id": "8f1d3a40-7c0e-4d2b-9c9a-3b1d0e6a2c5a"
}
4 · Copy, run, verify

Replay a starter before it blocks production.

Use the source templates as reviewable Rego. Format and test locally, replay known-bad cases, then inspect the ledger after an Admin installs the template.

Copy

Clone the templates and pick a starter.

git clone https://github.com/clavenar/clavenar-policy-engine.git
cd clavenar-policy-engine

export POLICY="policies/templates/healthcare/phi_egress.rego"
sed -n '1,80p' "$POLICY"
Run

Format, test, and replay chaos cases.

opa fmt --diff "$POLICY"
opa test policies tests

clavenarctl policy replay \
  --policy "$POLICY" \
  --cases chaos/healthcare/phi_egress.jsonl
Verify

Inspect install and chain proof.

export CORRELATION_ID="paste-install-correlation-id"

curl -s "https://console.clavenar.com/audit/correlation/$CORRELATION_ID"
curl -s "https://console.clavenar.com/verify"
Expected output

Replay should show which chaos cases deny, review, or allow before the policy is active. After install, the audit correlation should include policy.installed_from_template and /verify should return {"valid":true}.

5 · Install proof

A policy install is a ledger event, not a UI preference.

The install row records the template source, operator identity, reason, and policy hash. Later policy edits do not rewrite this historical install event.

Lifecycle row
{
  "event_type": "policy.installed_from_template",
  "template": "healthcare/phi_egress.rego",
  "policy_hash": "sha256:4a4f5f2d...",
  "operator": "saml:security-admin@example.com",
  "reason": "Pilot HIPAA PHI egress starter in observe mode",
  "correlation_id": "8f1d3a40-7c0e-4d2b-9c9a-3b1d0e6a2c5a",
  "prev_hash": "8a2d...",
  "row_hash": "57f9..."
}
Verifier path
Install
Admin clicks Install and supplies a reason.
Ledger
Chain-v3 row stores template name and policy hash.
Replay
Correlation query reconstructs install and first verdict rows.
Verify
/verify walks every row hash from genesis to head.
6 · Rollout

Observe first, tune against real calls, then enforce.

Starter policies are meant to be edited. Land them in shadow, watch would-deny counters and replay results, then promote only the paths that are stable enough to block.

1 Install in observe

Keep upstream behavior unchanged while the ledger records would_deny and would_review signals.

2 Tune thresholds

Adjust allowlists, dollar thresholds, tool names, and frontmatter until replay and live traffic converge.

3 Promote review

Turn uncertain side effects into Yellow-tier operator decisions before hard denial.

4 Enforce deny floors

Only hard-block requests where the side effect is never acceptable for that agent class.

5 Audit drift

Replay policy edits and inspect ledger deltas whenever a template changes.

7 · Troubleshooting

Most catalog failures are metadata, authorization, or replay drift.

Debug the template before debugging the agent. A valid Rego file can still fail the catalog if frontmatter is missing, and a successful install can still be invisible if the operator lacks Admin scope.

Symptom Likely layer Fix
Invalid Rego or format diff Policy syntax Run opa fmt --diff and opa test locally before opening a PR or installing a template.
Policy does not appear in filters Frontmatter Confirm Domain, Severity, Frameworks, Tier, and Tool surface are present and spelled consistently.
Framework filter misses a policy Mapping normalization Use the canonical label from the catalog, such as PCI-DSS, NIST-CSF, or ISO-27001.
Install button is disabled Operator authorization Use an Admin-scoped operator session. Library preview is broadly readable; install mutates active policy state.
No ledger row after install Lifecycle write path Check the install response correlation id, then query /audit/correlation/{id}. Failed installs should not emit active policy rows.
Replay case unexpectedly passes Input shape or threshold Compare chaos input fields to the rule's input.tool_type and input.arguments paths; update either the fixture or policy threshold.