Policy rules · Policy rules

Regional gate — explicit allow-list

ALLOW only if `country_code` is in your customer-defined allow-list. The flexible variant of `regional-eu-only` — same shape, you control the list.

regional
gate

Tested against:policyEngine: 1.0.0

Use case

You sell into Benelux + Germany only. Or DACH only. Or your sector regulator restricts you to specific member states. The shape of the rule is identical to regional-eu-only, but you supply the list.

Rule

{
  "fact": "country_code",
  "operator": "in",
  "value": ["NL", "BE", "LU", "DE"]
}

Facts shape

data class GeoFacts(val country_code: String)

Composing with role

You can stack the regional check inside an all with a role gate:

{
  "all": [
    { "fact": "country_code", "operator": "in", "value": ["NL", "BE", "LU"] },
    { "fact": "role", "operator": "equal", "value": "verified-customer" }
  ]
}

Trace — DENY

{
  "decision": "DENY",
  "trace": [
    { "all": [
        { "fact": "country_code", "operator": "in", "value": ["NL","BE","LU","DE"], "actual": "FR", "result": "fail" }
      ],
      "result": "fail"
    }
  ]
}

When to use

Sector-specific country restrictions
Phased rollouts (Benelux first, then EU-wide)

When not to use

All EU member states — use regional-eu-only for clarity

Regional gate — explicit allow-list

Use case

Rule

Facts shape

Composing with role

Trace — DENY

When to use

When not to use

See also

More policy rules

Age-over-18 gate

Age-over-21 gate

Composite — admin OR (manager AND finance)

Consent-required gate