---
title: "Take the complexity out of policy management with new templates"
description: "Policy as code is a powerful way to scale security and compliance across modern DevOps pipelines, but writing Rego from scratch is a high barrier to entry. We’ve introduced Policy Templates to provide functional starting points, allowing you to deploy validated security guardrails without coding from scratch."
canonical_url: "https://cloudsmith.com/changelog/take-the-complexity-out-of-policy-management-with-new-templates"
last_updated: "2026-03-09T17:28:18.364Z"
---
# Take the complexity out of policy management with new templates

Policy as code is a powerful way to scale security and compliance across modern DevOps pipelines, but writing Rego from scratch is a high barrier to entry. We’ve introduced Policy Templates to provide functional starting points, allowing you to deploy validated security guardrails without coding from scratch.

## What’s new

We’ve added a library of pre-configured Rego templates to Cloudsmith’s policy manager. When creating a new policy, you can now browse and deploy policies for common security and compliance use cases, including:

- **Vulnerability & malware management**: Automatically quarantine packages with detected malware or high-severity vulnerabilities when fixes are available.
- **Licensing compliance**: Flag packages with copyleft licenses (GPL, LGPL, AGPL, MPL, etc.) to ensure legal compliance.
- **Supply chain guardrails**: Use explicit allowlists or blocklists to control exactly which package versions are permitted in your environment.

You can use any template as a baseline and modify the underlying code to fit your specific environment.

## Why this matters

While every organization has unique requirements, these templates offer a solid security foundation that anyone can implement on day one. They provide a "Secure by Default" starting point, giving you the full power of a code-based engine without the "blank page" problem.

## How to get started

1. Navigate to your **Workspace** and select **Policies** from the primary navigation.
2. Click the **Create New Policy** button to launch the creation workflow.
3. Within the configuration modal, select the **Start from a Template** option to browse the library.
4. Once you find a template, select Use Template.

From there, you can review or edit the underlying Rego code to fit your needs before saving the policy.

```json
{
  "_key": "565cb2900554",
  "_type": "image",
  "alt": "Creating a new policy using templates",
  "asset": {
    "_createdAt": "2026-03-09T17:30:55Z",
    "_id": "image-c9a87477c04ebdc165c5b8f123df691c745da32a-1512x774-gif",
    "_rev": "Fesdr6w15rvcwr0TrW36Qt",
    "_type": "sanity.imageAsset",
    "_updatedAt": "2026-03-09T17:30:55Z",
    "assetId": "c9a87477c04ebdc165c5b8f123df691c745da32a",
    "extension": "gif",
    "metadata": {
      "_type": "sanity.imageMetadata",
      "blurHash": "M5SsBIbwD*~VIrJrD*M{t6W=^#Rkk8M~xW",
      "dimensions": {
        "_type": "sanity.imageDimensions",
        "aspectRatio": 1.9534883720930232,
        "height": 774,
        "width": 1512
      },
      "hasAlpha": true,
      "isOpaque": true,
      "lqip": "data:image/jpeg;base64,/9j/2wBDAAYEBQYFBAYGBQYHBwYIChAKCgkJChQODwwQFxQYGBcUFhYaHSUfGhsjHBYWICwgIyYnKSopGR8tMC0oMCUoKSj/2wBDAQcHBwoIChMKChMoGhYaKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCj/wAARCAAKABQDASIAAhEBAxEB/8QAFwABAQEBAAAAAAAAAAAAAAAAAAQCCP/EACAQAAICAQMFAAAAAAAAAAAAAAABAgMhBBFBEhQkUVL/xAAUAQEAAAAAAAAAAAAAAAAAAAAB/8QAFxEBAQEBAAAAAAAAAAAAAAAAABESYf/aAAwDAQACEQMRAD8A6cjp71Y5K7Hy1gorjYm+uSkvWxvcDREk+4c349TXDcuAUt5A64Mv/9k=",
      "palette": {
        "_type": "sanity.imagePalette",
        "darkMuted": {
          "_type": "sanity.imagePaletteSwatch",
          "background": "#243542",
          "foreground": "#fff",
          "population": 0.18,
          "title": "#fff"
        },
        "darkVibrant": {
          "_type": "sanity.imagePaletteSwatch",
          "background": "#1c745c",
          "foreground": "#fff",
          "population": 0,
          "title": "#fff"
        },
        "dominant": {
          "_type": "sanity.imagePaletteSwatch",
          "background": "#b7c8d9",
          "foreground": "#000",
          "population": 0.98,
          "title": "#fff"
        },
        "lightMuted": {
          "_type": "sanity.imagePaletteSwatch",
          "background": "#b7c8d9",
          "foreground": "#000",
          "population": 0.98,
          "title": "#fff"
        },
        "lightVibrant": {
          "_type": "sanity.imagePaletteSwatch",
          "background": "#84acf2",
          "foreground": "#000",
          "population": 0.05,
          "title": "#fff"
        },
        "muted": {
          "_type": "sanity.imagePaletteSwatch",
          "background": "#5289a6",
          "foreground": "#fff",
          "population": 0.04,
          "title": "#fff"
        },
        "vibrant": {
          "_type": "sanity.imagePaletteSwatch",
          "background": "#1c66d6",
          "foreground": "#fff",
          "population": 0.01,
          "title": "#fff"
        }
      },
      "thumbHash": "/vcBBIBFappRhphsaL9nYn8F9g=="
    },
    "mimeType": "image/gif",
    "originalFilename": "policy-templates.gif",
    "path": "images/rafvlnhi/production/c9a87477c04ebdc165c5b8f123df691c745da32a-1512x774.gif",
    "sha1hash": "c9a87477c04ebdc165c5b8f123df691c745da32a",
    "size": 879490,
    "uploadId": "DjZuG3XIH2BT0XJVGbPNpukO4GQHk0ux",
    "url": "https://cdn.sanity.io/images/rafvlnhi/production/c9a87477c04ebdc165c5b8f123df691c745da32a-1512x774.gif"
  },
  "link": {
    "_type": "link",
    "href": null,
    "openInNewTab": false
  },
  "markDefs": null
}
```

These features are in Early Access. If you’re looking to scale your software supply chain security with custom, code-based guardrails, we’d love to help you get set up. [Contact us](https://cloudsmith.com/company/contact-us) to get started today.
