Policy Packs
Policy packs are ready-to-use policy templates for common scenarios. Use them as a starting point and customize for your needs.
Link on Github: Click here
Available Packs
Pack | Use Case |
|---|---|
saas_refunds | SaaS refunds and payments—approve large refunds, allow small ones |
infra_shell_limits | Infrastructure automation—block destructive commands, approve system changes |
marketing_bot | Marketing automation—social media, email with approval gates |
restrict_http_external | Restrict external HTTP requests by domain or pattern |
Policy packs live in policies/packs/ (or the Faramesh repo). Copy one and adjust the rules.
Using a Policy Pack
Copy and customize
Copy a pack into your policy file:
Edit for your needs (thresholds, tools, risk levels)
Activate in the dashboard or set
FARA_POLICY_FILEwhen self-hosting
Merge with your policy
You can combine a pack with your existing rules. Copy the pack's rules into your rules list. Order matters: more specific rules first, catch-all last.
Example: SaaS Refunds
Requires approval for refunds over $100
Allows small refunds ($100 or less) automatically
Allows other payment operations
Denies unknown operations by default
Example: Infrastructure Shell
Blocks destructive commands (
rm -rf,shutdown,reboot, etc.)Requires approval for system changes (
apt install,systemctl, etc.)Allows safe read-only commands (
ls,cat,grep)
Example: Marketing Bot
Governs social media and email actions
Requires approval for public posts
Allows internal notifications
Check the Faramesh repo for the full YAML of each pack.