Trust-Prompt Enterprise
Google Admin Policy Builder
Build managed Chrome policies for the Trust-Prompt Enterprise v0.2.3 baseline, review the exact exported shape, and generate deployment-ready Google Admin JSON or Windows registry data.
Website policy generator
Configure, preview and download policies locally in the browser
This public web version lets admins configure Trust-Prompt Enterprise policies and download Google Admin JSON or Windows REG output. Nothing is uploaded, no account is required, and settings are not stored on a server.
- Use Policy Targets to prepare department-specific configurations.
- Use Validation and Policy Hints to check readiness before deployment.
- Download JSON for Google Admin or REG for Windows-based policy rollout.
Project
Save or reopen this builder project locally
Projects are saved locally as JSON files. No policy data is uploaded.
Target selection
Policy Targets
Choose the organizational unit, group, team, or enterprise segment you want to configure. Each target can represent a Google Organizational Unit, Google Group, Microsoft Entra group, department, or custom team.
Policy Targets define the admin workflow. Advanced role/group override fields are still exported for compatibility.
1. Policy pack
Start from a reference profile
2. Basics
Organization and deployment metadata
3. Core policy
Runtime protection settings
4. AI site scope
Managed sites and checking mode
Manage the 10 built-in Enterprise AI hosts in this step: bing.com, chat.deepseek.com, chat.openai.com, chatgpt.com, claude.ai, copilot.microsoft.com, gemini.google.com, grok.com, perplexity.ai, and x.ai. “Check” controls whether Trust-Prompt performs prompt pre-checks on that host. Custom hosts can be added for policy planning. Full enforcement depends on host permissions or Chrome Admin URL policies.
5. AI Access Control
Control AI tool availability by Policy Target
Control which AI tools are available for the selected Policy Target. Scope controls decide where Trust-Prompt can run checks. AI Access Control decides which AI tools are allowed or blocked for this target.
Approved sites for selected Policy Target
Use these approvals to define which built-in AI tools this target can access.
Blocked sites for selected Policy Target
Blocked entries stay target-specific and can overlap with approvals for planning, but validation will warn about conflicts.
6. Categories
Policy actions by risk category
7. Rules
Fine-grained rule overrides
Unset rules inherit the core ruleset severity. Set ALLOW, WARN, or BLOCK only when you need a managed override.
8. Word policies
Managed allowlist and blocklist
Allowlist
Terms that should reduce false positives.
One term per line.Blocklist
Organization-specific terms that should trigger protection.
One term per line.9. UI permissions
Global Enterprise surface
Global defaults. Role and group overrides can narrow or open specific controls for the assigned profile.
10. Managed override permissions
Local edit allowances for managed keys
Legacy-compatible worker-enforced flags deciding which managed settings may still be changed locally.
11. Assignment
Assignment for selected policy target
The selected Policy Target maps to user_role and group_name for the exported managed policy. Future versions can resolve Global Default + Target overrides into an effective policy preview.
In Google Workspace this usually maps to Organizational Units or Groups. In Microsoft environments this can map to Entra user/device groups or deployment rings.
12. Advanced
12. Advanced
Legacy-compatible role/group permission overrides
These advanced overrides are kept for compatibility with the current Enterprise policy format. For normal use, start with Policy Targets above. Leave these values unchanged unless you need explicit role/group permission overrides in the exported managed policy.