Skip to content
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 5 additions & 6 deletions content/manuals/ai/sandboxes/governance/local.md
Original file line number Diff line number Diff line change
Expand Up @@ -138,8 +138,8 @@ $ sbx policy reset --force

If rules you add with `sbx policy allow` or `sbx policy deny` don't change
sandbox behavior, your organization likely has governance enabled. Run `sbx
policy ls` to check: if the output starts with a `Policy rules` header listing a
`Governance Managed by <org>` line, org governance is active. When it's active,
policy ls` to check: if the output starts with a `Governance:` status line
showing `Managed by <org>`, org governance is active. When it's active,
the organization policy replaces local policy, so your rules have no effect.
They're hidden from `sbx policy ls` by default; run `sbx policy ls
--include-inactive` to see them with an `inactive` status in the `STATUS`
Expand All @@ -154,8 +154,7 @@ the Admin Console.
If a domain remains blocked after you add a local allow rule, your organization
likely enforces governance, which makes local rules inactive. Run `sbx policy
ls` to check whether org governance is active; if the output starts with a
`Policy rules` header listing a `Governance Managed by <org>` line, it is. Add
`Governance:` status line showing `Managed by <org>`, it is. Add
`--include-inactive` to confirm your rule shows an `inactive` status. If so, the
block can only be
lifted by updating the org policy in the Admin Console or via the
[API](/reference/api/ai-governance/).
block can only be lifted by updating the org policy in the Admin Console or via
the [API](/reference/api/ai-governance/).