# Creating policies

You can create and manage your security and usage policies in the **Policies** section of the AgentLink dashboard.

Each policy specifies:

- A set of conditions (attributes and values),
- An action (Deny, Step up, or Request approval),
- And optionally, a related approval flow.


![policy-page](/assets/policy-page.5651d87ecb4de94e11ae62c4c5401fff1d1b578d404428a90a0261555c3c420d.b925d42d.png)

br
## Creating a new policy

1. Click **Create policy** on the top-right of the Policies page.


![policy-page](/assets/create-policy-rule.eddf3f328fd7aa7d8b7b50881b031772988a565a6c185d98c57df180c9b704c1.b925d42d.png)

br
1. Fill out the policy creation form:
| Field | Description |
|  --- | --- |
| **Name** | A clear descriptive name (e.g., *Block large expense reports*). |
| **Description** | Optional explanation of what this rule enforces. |
| **Policy attributes** | Define the conditional logic using attributes such as `user.role`, `request.context`, or payload values. |
| **Action** | Choose the behavior when the condition is met: **Deny**, **Step up**, or **Request approval**. |
| **Approval flow** | If you selected *Request approval*, choose which approval flow to use. |
2. Click **Create** to save your policy.


The policy will appear in the list and can be toggled on or off via the **Status** switch.

## Editing a policy

To edit an existing policy, click its row in the list.
An edit drawer will appear, allowing you to:

- Update the name and description.
- Modify conditions or actions.
- Change the assigned approval flow.


Changes are saved immediately once you click **Save**.

## Policy list view

| Column | Description |
|  --- | --- |
| **Status** | Enable or disable the policy. |
| **Name** | Policy name and description. |
| **Action** | The enforced action (Deny, Step up, or Request approval). |
| **Applications** | Number of MCP apps the policy applies to. |


You can filter or search by policy name, description, or application ID.

## Example

**Policy name:** Block expenses above $5000
**Condition:** `request.payload.amount > 5000`
**Action:** Deny

This prevents AI agents from executing the tool when the expense amount exceeds $5000.

## Related topics

- [Conditional Expressions](/agent-link/policies/conditional-expressions)
- [Approval Flows](/agent-link/policies/approval-flows)