Beyond simple rules#
For complex governance needs, LumenFlow supports custom policies — composable rules with conditions, schedules, and exceptions.
Policy structure#
Each policy has a name, a description, one or more conditions, an effect (auto-approve, require approval, escalate, or block), an optional schedule, optional exceptions, and a priority level.
Condition types#
| Condition | Example |
|---|---|
| Action type | action == "email.send" |
| Connection | connection == "google" |
| Cost estimate | estimated_cost < 0.50 |
| Token count | token_count < 5000 |
| Time of day | hour >= 9 AND hour <= 17 |
| Day of week | day_of_week in ["Mon"..."Fri"] |
| User role | user_role == "admin" |
| Recipient | recipient_domain != "competitor.com" |
Composing conditions#
Combine conditions with AND/OR logic:
Auto-approve IF:
action == "email.send"
AND estimated_cost < 0.50
AND hour >= 9 AND hour <= 17
AND recipient_domain != "competitor.com"
Scheduled policies#
Apply policies only during certain periods:
- Business hours only — stricter rules outside office hours
- Quarterly review — tighter controls during audit periods
- Holiday mode — block non-critical actions during team breaks
Policy evaluation order#
Policies are evaluated by priority (highest first). The first matching policy determines the approval behavior. If no policy matches, the default is require manual approval.
info Free workspaces start with standard rule-based governance. Higher tiers unlock deeper policy tuning and enterprise review posture.