Policy Templates
Policy templates provide pre-configured guardrail policies that you can use as a starting point for your organization. Instead of manually creating policies and guardrails, you can select a template that matches your use case and deploy it with one click.
Using Policy Templatesβ
In the UIβ
- Navigate to Policies β Templates tab in the LiteLLM Admin UI
- Browse available templates (e.g., "PII Protection", "Cost Control", "HR Compliance")
- Click "Use Template" on any template
- Review the guardrails that will be created:
- Existing guardrails are marked with a green checkmark
- New guardrails can be selected/deselected
- Click "Create X Guardrails & Use Template"
- Review and customize the pre-filled policy form
- Click "Create Policy" to save
Workflowβ
Select Template β Review Guardrails β Create Selected β Edit Policy β Save
The system automatically:
- β Detects which guardrails already exist
- β Creates only the missing guardrails you select
- β Pre-fills the policy form with template data
- β Lets you customize before saving
Available Templatesβ
Templates are fetched from GitHub with automatic fallback to local backup.
Current Templatesβ
1. Advanced PII Protection (Australia)β
- Complexity: High
- Use Case: Comprehensive PII detection for Australian organizations
- Guardrails:
- Australian tax identifiers (TFN, ABN, Medicare)
- Australian passports
- International PII (SSN, passports, national IDs)
- Contact information (email, phone, address)
- Financial data (credit cards, IBAN)
- API credentials (AWS, GitHub, Slack) - BLOCKS requests
- Network infrastructure (IP addresses)
- Protected class information (gender, race, religion, disability, etc.)
2. Baseline PII Protectionβ
- Complexity: Low
- Use Case: Basic protection for internal tools and testing
- Guardrails:
- Australian tax identifiers
- API credentials
- Financial data
Creating Your Own Policy Templatesβ
You can contribute policy templates for the entire LiteLLM community to use.
Template Structureβ
Templates are defined in JSON format with the following structure:
{
"id": "unique-template-id",
"title": "Display Title",
"description": "Detailed description of what this template protects",
"icon": "ShieldCheckIcon",
"iconColor": "text-purple-500",
"iconBg": "bg-purple-50",
"guardrails": [
"guardrail-name-1",
"guardrail-name-2"
],
"complexity": "Low|Medium|High",
"guardrailDefinitions": [
{
"guardrail_name": "example-guardrail",
"litellm_params": {
"guardrail": "litellm_content_filter",
"mode": "pre_call",
"patterns": [
{
"pattern_type": "prebuilt",
"pattern_name": "email",
"action": "MASK"
}
],
"pattern_redaction_format": "[{pattern_name}_REDACTED]"
},
"guardrail_info": {
"description": "What this guardrail does"
}
}
],
"templateData": {
"policy_name": "policy-name",
"description": "Policy description",
"guardrails_add": ["guardrail-name-1", "guardrail-name-2"],
"guardrails_remove": []
}
}
Field Descriptionsβ
Display Fieldsβ
- id: Unique identifier (lowercase with hyphens)
- title: User-facing name shown in UI
- description: Detailed explanation of what the template protects
- icon: Icon name (must be available in UI icon map)
- iconColor: Tailwind CSS text color class
- iconBg: Tailwind CSS background color class
- guardrails: Array of guardrail names (for display only)
- complexity: Badge showing difficulty ("Low", "Medium", or "High")
Guardrail Definitionsβ
- guardrailDefinitions: Array of complete guardrail configurations
- Each must be a valid guardrail object that can be sent to
/guardrailsPOST endpoint - If a guardrail already exists, it will be skipped
- Can be empty
[]if template uses only existing guardrails
- Each must be a valid guardrail object that can be sent to
Policy Configurationβ
- templateData: Object that pre-fills the policy form
- policy_name: Suggested name (user can edit)
- description: Policy description
- guardrails_add: Array of guardrail names to include
- guardrails_remove: Array to remove (usually
[]for templates) - inherit: (Optional) Parent policy name for inheritance
Example Templateβ
Here's a complete example for a HIPAA compliance template:
{
"id": "hipaa-compliance",
"title": "HIPAA Compliance Policy",
"description": "Healthcare compliance policy that masks PHI and enforces HIPAA regulations for healthcare applications.",
"icon": "ShieldCheckIcon",
"iconColor": "text-red-500",
"iconBg": "bg-red-50",
"guardrails": [
"phi-detector",
"medical-record-blocker",
"patient-id-masker"
],
"complexity": "High",
"guardrailDefinitions": [
{
"guardrail_name": "phi-detector",
"litellm_params": {
"guardrail": "litellm_content_filter",
"mode": "pre_call",
"patterns": [
{
"pattern_type": "prebuilt",
"pattern_name": "us_ssn",
"action": "MASK"
},
{
"pattern_type": "prebuilt",
"pattern_name": "email",
"action": "MASK"
},
{
"pattern_type": "prebuilt",
"pattern_name": "us_phone",
"action": "MASK"
}
],
"pattern_redaction_format": "[PHI_REDACTED]"
},
"guardrail_info": {
"description": "Detects and masks Protected Health Information (PHI)"
}
}
],
"templateData": {
"policy_name": "hipaa-compliance-policy",
"description": "HIPAA compliance policy for healthcare applications",
"guardrails_add": [
"phi-detector",
"medical-record-blocker",
"patient-id-masker"
],
"guardrails_remove": []
}
}
Contributing Templatesβ
To contribute a policy template for everyone to use:
Step 1: Create Your Template JSONβ
- Create a JSON file following the structure above
- Test it locally by adding it to your local
policy_templates.json - Verify all guardrails work correctly
- Ensure descriptions are clear and helpful
Step 2: Submit a Pull Requestβ
- Fork the LiteLLM repository
- Add your template to
policy_templates.jsonat the root - Add your template to
litellm/policy_templates_backup.json(keep both in sync) - Create a pull request with:
- Clear description of what the template protects
- Use case examples
- Any relevant compliance frameworks (HIPAA, GDPR, SOC 2, etc.)
Guidelinesβ
DO:
- β Use clear, descriptive names
- β Include comprehensive descriptions
- β Test all guardrails thoroughly
- β Document pattern sources (e.g., "Based on NIST guidelines")
- β Group related guardrails logically
- β Consider different complexity levels
DON'T:
- β Include credentials or secrets
- β Use overly broad patterns that may have false positives
- β Duplicate existing templates
- β Use custom code without thorough testing
Using Templates Offlineβ
For air-gapped or offline deployments, set the environment variable:
export LITELLM_LOCAL_POLICY_TEMPLATES=true
This forces the system to use the local backup (litellm/policy_templates_backup.json) instead of fetching from GitHub.
Template Sourcesβ
- GitHub (default): https://raw.githubusercontent.com/BerriAI/litellm/main/policy_templates.json
- Local backup:
litellm/policy_templates_backup.json
Templates are automatically fetched from GitHub on each request, with fallback to local backup on any failure.
Available Pattern Typesβ
When creating guardrails for templates, you can use these prebuilt patterns:
Identity Documentsβ
passport_australia,passport_us,passport_uk,passport_germany, etc.us_ssn,us_ssn_no_dashau_tfn,au_abn,au_medicarenl_bsn_contextualbr_cpf,br_rg,br_cnpj
Financialβ
visa,mastercard,amex,discover,credit_cardiban
Contact Informationβ
emailus_phone,br_phone_landline,br_phone_mobilestreet_addressbr_cep(Brazilian postal code)
Credentialsβ
aws_access_key,aws_secret_keygithub_tokenslack_tokengeneric_api_key
Networkβ
ipv4,ipv6
Protected Classβ
gender_sexual_orientationrace_ethnicity_national_originreligionage_discriminationdisabilitymarital_family_statusmilitary_statuspublic_assistance
See the full patterns list for all available patterns.