Skip to main content

Policies

Policies control what actions are allowed or denied in a Workspace. Each Policy is a set of statements that specify a Service, region, effect (Allow or Deny), and a list of actions. You attach Policies to Workspaces to restrict what Members can do.

1. Go to the Policies page

  1. Click Settings in the left sidebar.
  2. Select Policies from the menu.

The Policy list page opens, showing all existing Policies with their attached Workspaces and the number of users they affect.

Policies list page showing existing policies

2. Create a new policy

  1. Click Create in the top-right corner. The Create Policy drawer opens.

Create policy drawer

  1. Enter a Policy name.
note

Policy name accepts letters (A–Z, a–z), digits (0–9), hyphens (-), and underscores (_). The name cannot be changed after creation.

  1. Optionally enter a Description (max 100 characters).

3. Add a policy statement

Policies require at least one statement. Each statement defines what is allowed or denied for a specific Service.

  1. Click Add statement.
  2. Select a Service from the dropdown (for example: AI Notebook, GPU Container).
  3. Select a Region — choose All regions to apply the statement to all available regions for that Service.
  4. Set the Effect:
    • Allow — permits the selected actions.
    • Deny — explicitly blocks the selected actions.
  5. Select actions under the Actions section:
    • Check All actions to apply the statement to every action for that Service.
    • Or check individual actions (for example: notebook:create, notebook:delete).

Repeat to add more statements if needed.

4. Save the policy

  1. Click Save. The Policy appears in the Policy list.

Edit a policy

  1. On the Policy list page, click the Edit icon (pencil) on the row you want to change.
  2. The Edit Policy drawer opens. Modify statements as needed.
  3. Click Save.
note

The Policy name field is disabled during editing and cannot be changed.

Delete a policy

  1. On the Policy list page, click the Delete icon (trash can) on the row you want to remove.
  2. A confirmation dialog appears: Delete Policy — Are you sure you want to delete this Policy? This action cannot be undone..
  3. Click Delete to confirm.
warning

Deleting a Policy detaches it from all Workspaces immediately. Members in those Workspaces may lose restrictions that the Policy was enforcing.

Attach a policy to a workspace

Policies are assigned to Workspaces in the Workspace settings, not from this page.

  1. Go to Settings → Workspaces.
  2. Click Edit on a Workspace.
  3. Scroll to the Policies section.
  4. Select the Policies to attach to this Workspace.
  5. Click Finish.

See Workspaces for full Workspace configuration steps.

What's next

  • Workspaces — set credit spending limits per Workspace.
  • Audit Logs — track Policy creation and attachment events.