SplxAISign up for free

Create AI Runtime Policy

This page explains how to create a new AI Runtime Policy in the SPLX Platform. AI Runtime Policy in the Platform defines the policy you want to enforce, serves as the reference for viewing results and monitoring, and connects to the backend runtime instance that performs the actual protection on your AI system in production. The Platform acts as the control plane for the AI runtime protection service, allowing you to configure and manage enforcement while the runtime instance executes it.

Add AI Runtime Policy

Figure 1: Add AI Runtime Policy Page

When you click Add AI Runtime Policy in the UI, you will see the following fields:

  • AI Runtime Policy Name

    • Enter a descriptive name for the guardrail.

    • Example: Finance Chatbot Guardrail.

  • AI Runtime Policy Description

    • Provide a short explanation of the purpose of this guardrail.

    • Example: Prevents system prompt leakage and blocks PII exposure in responses.

  • Custom AI Runtime Protection Instance

    • Enable this option if the AI Runtime Protection service is not running as SPLX SaaS or as the part of our VPC deployment.

    • Use it when the AI Runtime Protection service is deployed separate from the platform in your own infrastructure (e.g. on-premises).

    • It connects the Platform control plane with your self-hosted AI Runtime Protection service, so you can still configure and monitor it through the UI.

    • When enabled, you will need to provide:

      • URL - the endpoint of your deployed AI Runtime Protection service.

      • API Key - the authentication key used by the Platform to securely connect to your AI Runtime Protection service.

AI Runtime Policy ID

Once you create an AI Runtime Policy, the Platform assigns a AI Runtime Policy ID. It acts as the reference key that ties messages to their policy configuration and ensures results appear in the correct AI Runtime Protection view within the Platform.

How it works

  • The AI Runtime Policy ID tells the AI Runtime Protection service which rules to enforce for each message.

  • It also tells the Platform for which AI Runtime Protection instance it should display the flagged/unflagged messages, metrics, and monitoring results.

  • Multiple AI systems can share the same AI Runtime Policy ID, allowing them to use identical protection rules while their results appear under the same AI Runtime Protection in the UI.

You must include the AI Runtime Policy ID with every input and output message. This ensures that both user prompts and AI responses are evaluated against the right policy configuration.

Next Steps

After creating an AI Runtime Policy, define your policy in the Platform to specify what should be flagged.

For details on how to send messages to the AI Runtime Protection service, see Connect AI Runtime Protection Service page.

PreviousGetting StartedNextConnect AI Runtime Protection Service

Last updated